Date: Thu, 3 Jun 1999 08:56:44 -0400 From: Adam Shostack <adam@homeport.org> To: Laurence Berland <stuyman@confusion.net> Cc: security@FreeBSD.ORG Subject: Re: Not freebsd related...yet Message-ID: <19990603085644.A24954@weathership.homeport.org> In-Reply-To: <3755D0E4.55677E6@confusion.net>; from Laurence Berland on Wed, Jun 02, 1999 at 08:48:36PM -0400 References: <3755D0E4.55677E6@confusion.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Jun 02, 1999 at 08:48:36PM -0400, Laurence Berland wrote: | I'm writing a new encryption algorithm for my computer science final | project. Although it doesnt need to be particularly great I'm thinking | there's no reason it's gotta be bad. I'm building a symmetric algorithm | that is designed to specifically handle large keys ie >1024 bytes. If | anyone has any hints or suggestions, I'm open to them...in fact that's | why I'm writing this in the first place. If it works well, maybe | someday people will actually use it, then again maybe not. thanks for | your time. Actually, this will be 1. broken, and 2. uninteresting. I'd be happy to bet money if it wasn't a sucker bet. 1. Building a cipher with a large key is hard. See the first twofish paper, where Schneier et al, discuss the difficulty of building a key schedule to effectively use long keys. Getting 1024 BYTES of randomness is next to impossible, so your implementors will end up expanding a smaller pool of randomness into a large key. Given that this is unavoidable, you should anticipate it in your design, and have a key expansion phase. That you didn't know this is worrisome. 2. Building a system to use more resources than current systems, and expecting resource consumption to make it interesting is silly. If you want an interesting project, may I suggest trying to cryptanalyze one of the AES candidates? Its more interesting, will teach you a bunch, and may produce something useful. Sorry to flame, but this really isn't a good use of your time. Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990603085644.A24954>