[cryptography] QODE(quick offline data encryption)

Jeffrey Goldberg jeffrey at goldmark.org
Wed Jan 7 14:40:04 EST 2015


On 2015-01-07, at 12:26 PM, Kevin <kevinsisco61784 at gmail.com> wrote:

>    Any company could review it and decide if it's worth using or not.

Hi Kevin.

Actually that’s a part of my job within the company I work for. I’m the one who can read some of the primary literature in cryptography. Now this makes me unusual, not a lot of companies
our size have someone with my skills.

But I would be useless at evaluating your algorithm. I don’t know how to check if linearity in S-Boxes; I don’t know what properties to look for in a key schedule; I don’t know how to look for related key attacks, etc. I’ve never broken anything and wouldn’t really know where to begin trying to break something.

So what I do is rely on expert advice and err toward being conservative. My understanding of both the process by which AES was developed and chosen along with the extensive research on it is that remains a very good choice as a block cipher.

So if I were to “review” your algorithm for my company, I wouldn’t do it by actually reading the code, I would ask exactly the same sorts of questions that you have been presented with:

(1) Does it offer me some valuable feature that isn’t available in more standard alternatives?

If “no", there really is no reason to look at it further.

(2) Is there good reason to believe that it has all of the security properties I depend on of what I am already using?

If “no”, there is no reason for me to look at it further.

(3) Is there a clear design document explains how it is supposed to achieve its claimed security properties?

This is part of (2), but I wanted to break it into its own point. I can read — slowly and with effort — the descriptions of the designs of the things that I do use. I don’t get all of the finer points, but I see how problems that I never even would have thought of are addressed.

As others have suggested, this is what you should START with.

(4) What does the expert community say about it?

If it hasn’t been sufficiently studied, then even if it is a complete work of genius, I’m going to wait until people who know how to evaluate things have done so.

(5) Are there “safe” implementations of it available for me to use?

An implementation needs to not only implement the algorithm, but guard against side-channel attacks.

There are other things as well. All of which your system fails at without anyone having to look at the code.

> I am not going to take it down. Freedom, boys and girls, freedom.

Good for you. Now if you actually want people to start looking at it, start with addressing
my point (3). If you don’t make it easy for people to analyze your system, it is not going to receive the expert scrutiny required to meet some of the other criteria.


But the concern is that there are software developers out there who don’t pay attention to the criteria that I listed. So, sure, go ahead and play with ideas. But please put some prominent notes that it hasn’t been evaluated and was designed by someone with no expertise, and so should only be used for playing around.

And if you would like expert evaluation, you need to help those experts. There are lots of lone crackpots out there who think that they are lone geniuses. You are going to show that it isn’t a complete waste of experts time to look at your stuff.

Cheers,

-j
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3071 bytes
Desc: not available
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20150107/739592bd/attachment.p7s>


More information about the cryptography mailing list