What do I need to know to design a cryptosystem?
in [Cryptography]
|
Prev: An Important Distinction being stymied by Ignorance.
Next: Using a kind of running accumulation of ciphertext as chainingvalue of encryption
From: Joseph Ashwood on 13 Mar 2010 04:45 "cplxphil" <cplxphil(a)gmail.com> wrote in message news:49c57c65-e012-4229-8867-402ae5b925e5(a)r1g2000yqj.googlegroups.com... > > Hi all, > > I recently became interested in trying, in my spare time, to develop a > cryptosystem. I have some math/CS training, and a degree in > mathematics. What do I need to know to design a cryptosystem? What > steps are involved? I would assume designing the protocol and then > modifying it based on how easy it is to attack would be some of the > steps. > > Is there a book that details what I need to know/do? First recommendation: ignore anything coming from adacrypt. There is actually a lot of information to learn. You can find some basics, but the biggest thing that determines the ability to create a secure protocol is experience. In order to create a secure protocol you need experience breaking them. I'd start with understanding where SSL 1 and 2 were weak. But I will warn you, in order to become genuinely good at designing secure protocols takes several years of work. There are many tiny subtle aspects and things that don't seem to matter can in fact make or break security. Joe
From: adacrypt on 13 Mar 2010 06:39 On Mar 13, 4:07 am, cplxphil <cplxp...(a)gmail.com> wrote: > Hi all, > > I recently became interested in trying, in my spare time, to develop a > cryptosystem. I have some math/CS training, and a degree in > mathematics. What do I need to know to design a cryptosystem? What > steps are involved? I would assume designing the protocol and then > modifying it based on how easy it is to attack would be some of the > steps. > > Is there a book that details what I need to know/do? > > Thanks, > Phil Hi again, Don't try to formalise your perfectly good instincts to fit outdated current models - they are going nowhere but let you be the judge - be guided by your instints now before they become polluted in the future - a place in the herd is not important. They even try to Latinise bulldust believing that will add credility to it - Isn't life grand !
From: adacrypt on 13 Mar 2010 06:47 On Mar 13, 4:07 am, cplxphil <cplxp...(a)gmail.com> wrote: > Hi all, > > I recently became interested in trying, in my spare time, to develop a > cryptosystem. I have some math/CS training, and a degree in > mathematics. What do I need to know to design a cryptosystem? What > steps are involved? I would assume designing the protocol and then > modifying it based on how easy it is to attack would be some of the > steps. > > Is there a book that details what I need to know/do? > > Thanks, > Phil Once more, Forgot to tell you, Joe thinks he can 'diagonalise' a vector that represents velocity or acceleration (and then everything is just the same he says) - bet you didn't know that ! - adacrypt
From: Earl_Colby_Pottinger on 13 Mar 2010 10:44 Do a google search on adacrypt. Read a dozen or more of his posts at random (it really does not matter which ones). Note the number of basic mistakes you can spot, also notice you don't need to know anything about encryption - he makes mistakes at high level math. Notice the lack of working code. Notice his constant push to get you to go to his and only his web site. Notice the total lack of outside references. Or third party tests of his methods/claims. Notice the constant attempts to redefine basic terms to make his systems sound like something they are not. Think carefully on what you observe, then ask "Do I want to follow the advice of someone like this?".
From: adacrypt on 13 Mar 2010 11:27
On Mar 13, 4:07 am, cplxphil <cplxp...(a)gmail.com> wrote: > Hi all, > > I recently became interested in trying, in my spare time, to develop a > cryptosystem. I have some math/CS training, and a degree in > mathematics. What do I need to know to design a cryptosystem? What > steps are involved? I would assume designing the protocol and then > modifying it based on how easy it is to attack would be some of the > steps. > > Is there a book that details what I need to know/do? > > Thanks, > Phil I sometimes think that cryptography should be downgraded to activity instead of science since it works best by means of rogue mathematics and perverted methodology that flies in the face of everything that honest mathematics stands. Trying to dignify it by demonstrating that there is a syntactic logic to cryptography is as futile as entering some lovable mongrel in a dog show. If you accept that, then it can become a very intellectually challenging pursuit (there I go again trying to find respectable words to use on this nefarious mongrel). The trick is to find one-way functions that are selectively reversible by the entities of a secure loop but totally impossible to all others. This one-way (ness) of such functions can be mathematically driven although the pundits claim that one-way functions just dont exist in mathematics, or else they can be wrought by such things as randomness. An example of a mathematical one-way function is a change-of-origin to a frame of reference, in that case the one-way function is infinite in scope, while the only known alternative i.e. randomness works by giving such a sufficiency of equally probable options that it causes massive uncertainty to an illegal cipher-cracker about which one to choose. Randomness is what a court of law might call a constructive one-way function when compared with the vastly greater absolute mathematical one-way function but enough is sufficient and randomness is very nice when you have it as the only alternative to the ideally mathematical one-way function. The skill of the design cryptographer is in finding these one-way functions. It is very challenging and is best done by accident. You carry around the makings of a one-way function in the back of your mind and pounce on it when your mathematical intuition whistle blows as youre doing something else. You never set out deliberately to find one it just doesnt work that way. I take this liberty of expounding because you are a qualified mathematician and will easily understand I hope you join our ranks - cant see anyone else rushing up to slap their crypto souls on the table today by way of help. The great thing about this news group is the vicious criticism that keeps you on your toes they just love to hate they are no slouches themselves either as cryptographers go Good Luck - adacrypt |