Re: TFM + RSA + Dual Core :-)

From: Tom St Denis (
Date: 08/07/05

Date: 6 Aug 2005 18:20:10 -0700

Crypto@S.M.S wrote:
> > Yeah, because I accomplish POSITIVE things. I have way more users of
> > my PUBLIC DOMAIN and totally FREE software/tools/documentation then you
> > have of your multi-ciphering annoyance. So every so often when I come
> > up with a result I feel like sharing I'd like to either be totally
> > ignored or have my 5 seconds of fame.
> >
> And how do you know that?
> Once again, you blow your own horn too loudly.

Well since you've already pre-determined the path of most ignorance
there isn't much point in discussing. I'm not saying anything one way
or the other anymore just to let you know that I'm not replying to
further communication from you on this matter.

> > And of course I could point out that the other guys comments are both
> > unsubstantiated AND off topic. The topic of this thread is using "off
> > the shelf" components and in particular SMP to accomplish fast RSA.
> Sure point it out. My comment wasn't on topic for this thread either,
> like that matters even a tiny little bit.

There are ways to inject off-topic material that uses a bit more tact.
What he started replying with wasn't off-the-cuff rude. It was just
inappropriate for the thread.

> > Using a setup that has a higher cost can get more performance? No way!
> > Shocker! If I had 30k I could license one of the designs I work on at
> > my work and get way higher performance. So I don't see what his
> > comments have to do with ANYTHING other than to detract from the
> > thread.
> >
> > How's that for a reply?
> >
> Wonderful. Just please stop trying to make others feel that they
> are not "good enough", when you complain about exactly the same thing:
> So I could really do without the people like Robert and Tim [and a
> few people on lkml] telling me to shelve my projects because I'm not
> "good enough".

You keep quoting that. I don't think you fully understand the context.

And frankly, your "contributions" here aren't really that significant.
You're clearly a student [or amateur cryptographer] which as I've said
repeatedly is not a bad thing. I admire students who pursue knowledge
in all walks of life. To me there is nothing more pure and innocent
than figuring out new information and trying to use it for some good
[e.g. helping others].

What you've maintained here though is not innoncent nor productive.
You use entirely heuristic and anecdotal evidence in the place of
historical and factual information and truths then pretend you're being
persecuted when things don't go you're way.

I don't disagree with you because you're "cryptosms guy". I don't
disagree with you on any sort of personal level. I disagree with you
because your approach to cryptography leaves a lot to be desired. It's
just plain wrong and it's not how others should be approaching it.

Think about it. If an entire generation of kids grows up with this ad
hoc alchemist arrogant approach to cryptography we'll basically come to
a standstill of all advancement in under 30 years.

So you question why we [real cryptographers] get a bit defensive? It's
because we don't want to see shit products out there and generations of
kids growing up thinking the path of least resistance in all endeavours
is the right way.

Cryptography is hard and rightly so. You can either do it the right
way and not presume that the solution is right in hand or you can do it
the wrong way and assume that your approach is infalliable [or at least
the most efficient and well studied]

I'd respect you more if you [say] took AES and added 4 rounds to it [or
just used anubis for instance]. At least then you can say "yes, this
guy gets it". At least something like that you can say "he's using the
structure of the design and adding more robustness" [*]. But just
concatenating ciphers that aren't [seemingly] related is not a
scientific approach in the slightest.

To answer Regis'es repeated calls for "truth" on the Differential
front... The basic attack described in 1990 is the foundation for over
a dozen broken ciphers. Sure the "exact same differentials" were not
used but I'll let you in on a secret, not all ciphers are broken using
the same iterative differential. Occasionally you strap different
differential characteristics [or just plain differentials] to get
through the entire design [iirc the Boomerang attack is a form of
this]. Regis would know this had he picked up a paper or two on the
subject and read it.

Instead people like him and you decide that you can just openly
question and mock people when they're not telling you how smart and
brilliant you are.

The "next big attack" could just as easily be applicable to AES as it
is to Blowfish. You just don't know. To argue in favour of the
negative while defending the "you don't know" logic as others have
maintained is plain stupid.

[*] AES has a well described 4R pattern so adding multiples of 4 to the
round count makes sense.


Relevant Pages

  • Re: Encrypted image backups open to new attack
    ... sophisticated 'comparison' attack, ... Snake oil meant to fool people into thinking TurboCrypt is more ... strong ciphers and strong ciphers are not ... |"The Doghouse: Random Cryptography Companies ...
  • Re: New Random Number Generator for encryption
    ... Statistical tests show biases only with bad parameters. ... An example of a good PRNG that is not cryptographically secure is the ... A basic definition of cryptography is this: Cryptography enables the appropriate transmission and storage of information in a hostile environment that is populated with powerful and motivated adversaries. ... I know this because if you did understand, you would not have put forward results of tests that are unable to find differentials as a "proof" of something they never can be. ...
  • SD Cryptography - Introduction.
    ... In this cryptography the entities do not use the universal data set of ... special design. ... it is essential to the operation of the ciphers. ... alphabet is deliberately destroyed so as to confound all mathematical ...
  • Re: modulo
    ... cryptography key of some length, and if you use the key to encrypt ... the only way a 512-bit encryption algorithm ... dedicated hardware to attack it will never succeed. ...
  • Modular Scalable Key Cryptography - Completed Feasibility Model.
    ... Like the vector cryptography described elsewhere this cryptography is ... The ciphers read in files of plaintext and without further ado ... The ciphertext is secured by two random key sets that are used once ...