jbn@wdl1.UUCP (John B. Nagle) (04/20/84)
Cbenson's is a very weak algorithm, as has been pointed out. Some
advice for people inventing encryption algorithms:
1. ``No new cryptographic system is worth looking at unless it was
invented by someone who has already broken a very hard one''.
-- Friedman, the founder of modern cryptanalysis
2. ``Any attempt to generate random numbers by deterministic means
is, of course, living in a state of sin.''
-- von Neumann, the inventor of the modern computer
Read Kahn's ``The Codebreakers'' to develop a sense of how hard the problem
is, and ``The Puzzle Palace'' for a more recent view. There are some good
books available (at last) for the serious mathematically-inclined reader but
they are heavy going.
The Data Encryption Standard, although painfully slow when implemented in
software, is considered reasonably good. It can definitely be broken
by brute force by anyone willing to spend about 4-10 million $US on
a machine which tries many possible keys simultaneously, but despite
considerable work, there is no published way to do it cheaply on standard
hardware.
Keys should be long. At least 128 bits if you are serious about it.
A fundamental truth is that useful keys are too long to memorize.
Note that keys must be chosen randomly to be useful, and randomly means
by a truly random mechanism like tossing coins. Neither people nor computers
can generate random numbers properly. Hardware random number generators
are possible; noise diodes and radioactive sources generate events which
are sound sources of random numbers. Psuedo-random number generators
involving recirculating shift registers, etcetera, are not useful.
There are commercial DES devices available in the U.S. from various
manufacturers. If you are really serious, and want something beyond
DES, contact Crypto AG, P.O. Box A-163, Zug, Switzerland (Telex 78702)
and get their catalog. But if you have to ask how much it costs, you
can't afford it.
J. Nagleignatz@ihuxx.UUCP (Dave Ihnat, Chicago, IL) (04/26/84)
> "The Data Encryption Standard, although painfully slow when > implemented in software, is considered reasonably good. It > can definitely be broken by brute force by anyone willing to > spend about 4-10 million $US on a machine which tries many > possible keys simultaneously, but despite considerable work, > there is no published way to do it cheaply on standard hardware." > . > . > . > J. Nagle Gosh, folks, but I'm afraid that I subscribe to the position that this is precisely why the U. S. Government LIKES the DES, and doesn't particularly care for derivative or more exceptional schemes. That is, the only people who really have the $$$ to break the DES are...guess who...Aye, you've got it!! The U. S. Government!! And if someone comes up with a truly difficult scheme--one where pure CPU power doesn't suffice--I firmly believe that they'll be quashed so fast it'll make your Rotor spin. More than 256 times, too. Cynical, and seeing no reason not to be, Dave Ihnat ihuxx!ignatz
outer@utcsrgv.UUCP (Richard Outerbridge) (04/27/84)
*That* should have been in net.crypt. C'mon, net.lang.c gets enough traffic: spread the fun around! -- Richard Outerbridge <outer@utcsrgv.UUCP> 416 978 2742