Re: [Khufu] Pre-Computing the S-Boxes and obtaining aux. keys

From: Mok-Kong Shen (mok-kong.shen_at_t-online.de)
Date: 10/30/04 

Date: Sat, 30 Oct 2004 18:44:13 +0200

Nikola Skoric wrote:
>
> I'm trying to implement Khufu algoritm for my cryptography class. I
> started with absolutely no information on my hands and achieved in
> finding a paper (http://groups.google.com/groups?q=khufu+pre-
> computing+s-boxes&hl=en&lr=&selm=7982%40hoptoad.uucp&rnum=2) written by
> Ralph C. Merkle, the author of the algorithm, describing the
> algorithm... the only problem is that's not enough to implement this
> algorithm without making some wild assumptions.

I am ignorant, but, according to HAC, the algorithm is patented.
I don't know whether that would eventually cause you problems.
On the other hand, HAC says 'The majority of the patent consists
of C-code listings specifying the ciphers'. So it seems that
you might get quite some useful informations from the patent
document.

As to the generation of its S-boxes, which you asked, I have
a 'guess': The user chooses a PRNG and generates with the key
as seed an array of 256 32-bit values. This would allow an
8-bit value to map to a 32-bit value, realizing the 8-32
S-box. Of course, an 'essential' task that remains is
appropriately finding one or a class of good PRNGs for that
purpose.

M. K. Shen
--------------------------------------
http://home.t-online.de/home/mok-kong.shen

Relevant Pages

  • Re: [Khufu] Pre-Computing the S-Boxes and obtaining aux. keys
    ... >> I'm trying to implement Khufu algoritm for my cryptography class. ... >> algorithm without making some wild assumptions. ... do you know where could I start asking for patent document? ...
    (sci.crypt)
  • Re: New Encryption Idea
    ... long before the 66.7 years you have claimed, this is a very real security ... so your algorithm is at best redundant. ... > time (it can take more in the MEAS encryption mode). ... RSA won't have the pRNG requirements ...
    (sci.crypt)
  • Re: your assistance is requested
    ... I take this proof that chicks don't know shit about computers? ... Park-Miller PRNG has an even smaller range of internal states, ... and the RC5 algorithm is far more involved ... should try to publish in a crypto conference or journal. ...
    (comp.compression)
  • Re: Here are some of my ideas for Fedora 8 and Fedora 9
    ... can the holder of the patent on an algorithm who has already been paid for a license to use on the device I have prevent me from using a different version of that same algorithm? ... Napster or the movie companies have gone after the people stealing movies ...
    (Fedora)
  • Re: How can an individual license out a compression method, or codec?
    ... I am working on a lossless compression algorithm for fun and I did to myself the same questions (well, I also answered to myself: Hey man, first of all you need a working one... ... So I red about Unisys and GIF patent, and I think that there are 3 main strategies to make money in this way: ...
    (comp.compression)