Re: sci.crypt sandbox

From: Michael Brown (see_at_signature.below)
Date: 11/28/03 

Date: Fri, 28 Nov 2003 17:26:40 +1300

Tom St Denis wrote:
> "Stephen Cantini" <nospam@nospam> wrote in message
> news:3fc4e635@x-privat.org...
>> Hello,
>>
>> I saw the ciphers submitted till now and I noticed this: only cdx2
>> provides an usable executable that en/decrypt any file. The others:
>> JEL crashes on
>
> Not replying to you specifically but...
>
> JEL has bugs in the code. For instance, doesn't check the return of
> malloc. The code is also not portable to 64-bit machines [or even
> 16-bit machines, he uses unsigned int as a 32-bit type!!! it could be
> any size from 16 bits up!] Also it uses eight 16x32 sboxes. Those
> take 256KB each for a total of 2MB of ram.
>
> See people, this is exactly what I am talking about. This "sandbox"
> is not encouraging innovation or even careful design. It's every
> asshat with a modem submitting some poorly thought out block of
> poorly written buggy code.
>
> I'd say as a minimum you should have portable C code, a supporting
> proposal document [re: paper] and at least some proof of security
> against a few attacks [at least DC and LC]. But then I would be
> expecting that these "cipher designers" actually do a decent job.

Regarding your posts in this thread ...

Tom, I know you don't like the idea of the sandbox. If it really pains you
so much, just killfile anything in sci.crypt with the word sandbox in it.
Though I think that maybe you have slightly the wrong idea about the purpose
of the sandbox. It appears that you'd like it to be much like crypto
conferences and journals: you have to write up a paper on the cipher, do
analysis of it, etc. The trouble is that if I do require things like this,
then there's no difference between the sandbox and sci.crypt.research or any
other "real" crypto journal/conference. If you think it would help, I can
easily modify it so that there's a tag in the database saying whether it's a
"professional quality" entry, and then allow people to filter out all the
non-professional (or professional, if you're looking at the other end)
ciphers.

In my mind, it's got several purposes. The most obvious is as a dumping
ground for challenges that get posted to sci.crypt. However, I'd *like* to
see it eventually have a decent range of attacks done on different ciphers.
One thing I found, and still find, is that there's very little information
out there between the WW2-age crypto, and modern crypto. It's a huge leap
going from Enigma to differential cryptanalysis of DES. And likewise from
DES to the attacks on modern ciphers. If someone who is playing around with
crypto can see how attacks can be varied to suit the target, I would hope
that there would be an increase in the number of people who go from WW2-age
crypto to modern systems.

I would also hope that the poorly written ciphers would score low. If it's a
memory hog, then it's going to blow the L1/l2 cache and get horrible
performance scores. Likewise if it's a 200 round block cipher. The ones at
the "top" of the table should be the most efficient. With only three entries
in there so far, it's hardly representitive of what I hope it's going to be.

About the code ... part of that is my fault. That's what happens when you
are coding at 12:30 AM in a hurry trying to get a proper example into the
sandbox. The portability issue is a bit of a thorny one though. While it's
possible to write clear bit-flipping code that will work on any
architecture, it does take a lot of work to do so. The code should be, IMO,
readable first, followed by portable. 

--
Michael Brown
www.emboss.co.nz : OOS/RSI software and more :)
Add michael@ to emboss.co.nz - My inbox is always open

Relevant Pages

  • Re: sandbox scrounging
    ... >> And therefore all these ciphers belong firmly in the sandbox. ... I am willing to agree with you, provided that you agree that poor spelling ... > A crappy poorly written document after six months is still a crappy poorly ...
    (sci.crypt)
  • Re: Weakness of Feistel ciphers
    ... I am talking about computationally limited algorithmic information theory. ... rounds to make the attack complexity high enough. ... ciphers, as if there were some hard computational lower limit on how ... As for math, crypto requires lots of math, and you know it. ...
    (sci.crypt)
  • Re: sandbox scrounging
    ... > Tom St Denis wrote: ... > And therefore all these ciphers belong firmly in the sandbox. ... A crappy poorly written document after six months is still a crappy poorly ...
    (sci.crypt)
  • Re: Idea for algo.
    ... Comments for Peter from a crypto newbe: ... - You have definitely moved out of the pen and pencil strength ciphers - ...
    (sci.crypt)
  • Re: Crypto Report Ideas
    ... > I was wondering if folks here could recommend report ideas for crypto topics ... > and modes, assymetric ciphers, quantum crypto and others along those lines. ...
    (sci.crypt)
Quantcast