[cryptography] Tigerspike claims world first with Karacell for mobile security
smb at cs.columbia.edu
Mon Dec 24 23:15:59 EST 2012
On Dec 24, 2012, at 8:19 AM, Jeffrey Walton <noloader at gmail.com> wrote:
> On Mon, Dec 24, 2012 at 8:03 AM, Ben Laurie <ben at links.org> wrote:
>> On Mon, Dec 24, 2012 at 12:22 PM, Jeffrey Walton <noloader at gmail.com> wrote:
>>> Has anyone had the privilege of looking at the "stronger than military
>>> grade" [encryption] scheme?
> Thanks Ben. Based on the opening paragraph, I think I'm going to read
> some of it.
> The Karacell symmetric encryption system was specifically designed to
> counter the anticipated threat of quantum computing,
My understanding was that there was a general quantum algorithm for
brute force in 2^sqrt(keylen). The real threat is to public key
algorithms. The white paper just says "well known" and goes on from
> whilst at the
> same time address other issues with existing cryptosystems such as
> slow computational performance, nonoptimal power consumption,
These are both plausible.
> nonuniform cryptographic strength over various bits of a file,
?? I've never heard that allegation against AES. I am confident that
had it been known way back when, Rijndael never would have been selected.
> ciphertext that depends upon the plaintext for pseudo-randomness.
?? Is this supposed to be a garbled reference to things like CBC and
> is based upon a non-polynomial-time computation problem (also known as
> an NP problem whose optimal algorithm has not been improved since
> 1972). This final point is critical, as new cryptosystems are always
> treated with great scepticism; however, by demonstrating a linkage to
> a known mathematical problem, “new” cryptosystems are sometimes more
> accurately considered as derivatives of previously well-studied math
Remember trapdoor knapsacks? The issue isn't the *worst case* complexity
for solution, it's what a cryptanalyst would typically encounter.
These claims do not instill a great feeling of confidence in me. Maybe
this is a good algorithm, but I'm not holding my breath.
--Steve Bellovin, https://www.cs.columbia.edu/~smb
More information about the cryptography