Preview of New Block Cipher
flaws writes "Secure Science Corp. is offering a preview of one of the 3 ciphers they will be publishing througout the year. The CS2-128 cipher is a 128-bit block cipher with a 128 bit key. This cipher is proposed as a hardware alternative to AES, being that it is more efficient in hardware, simpler to implement, and comparably secure to AES-128.
The preview of the CS2-128 cipher proposed is in html form and will be available in a published format at the end of April. At this time, requests are made for casual peer review and implementation. Secure Science will be offering a challenge at the end of April, introducing the cipher to the public. This ciphers implementation and usage will be offered in multiple hardware devices, such as wireless routers, cell-phones, and storage management hardware."
MD5 of article text: 79592dc553067bfafaa07086c07d2c8a
Hello,
Recently I noticed that my teenage son Ezekiel had begun to encrypt
his emails with a program called PGP. I was concerned because I'd
always covertly monitored their email for any hints of illegal
activity, drug use or interest in the occult - some of his classmates
have begun playing Dungeons and Dragons and listening to KISS. Since
Ezekiel was now using PGP, his activites were hidden from me!
Additionally, I also overheard him talking of using a program called
Stegasaurus to embed secret information into normal-looking pictures.
Terrified that my son might be speaking in some sort of sinful code, I
immediately grounded him for a month. He was only allowed to go to
school and Bible study.
Anyways, I've done several days worth of research on this and
discovered a few things about PGP that I'd like to share with the
readers of these newsgroups. To begin with, I realized that many of
the claims made by the creators of PGP are blatently false. Although I
do not have a background in mathematics (I have an AA in Photography)
I was easily able to rebuild Ezekiel's private key via his public key
and one of his encrypted messages.
Of course I am above-average in intelligence, but PGP is supposedly
unbreakable! Perhaps crytogrophers aren't as smart as they believe?
Fortunately in this case Ezekiel was just discussing a girl he met in
school - a situation I harshly reprimanded him for. However, while PGP
may be a program with flaws, it got me thinking about other programs.
Perhaps someone will construct a PGP-like program that cannot be so
easily broken; one that would take days of computer time to hack!
My concern with a program like this is that people who use
cryptography always do so because they have something to hide. A sense
of guilt and shame seems to drive them. They know that they are doing
something wrong and desperately want to hide it from the eyes of the
world (although hiding it from the eyes of God is another matter!
LOL!)
A study recently released by the Institute for Family Computing
revealed that the top three uses of cryptography were for 1)
"terrorist-related activity" 2) pedophillia and 3) drug abuse. In fact
as far as I can tell, no legitimate use was on the top ten at all!
What scares me about this is that law-enforcement agencies will be
unable to sift through email to find people who are breaking the law,
or otherwise engaged in suspicious activity. At a time when our nation
is under siege, I find it disturbing that people are working on
developing cryptography that cannot be broken, even by our protectors
in the FBI and CIA! Only those with something to hide truly need
cryptography.
Thus I urge cryptogrophers world wide to refrain from working on such
programs, until our nation is no longer at war. I would ask those of
other countries to respect our right to self-defense and aid us in our
time of trouble. Your cryptographic skills can be better put to use
trying to find terrorists than to assist them.
To: flaws@securescience.com
From: bruce@schneier.com
Subject: Peer Review
Flaws,
Peer review some algorithm you just made up? Wow. Definitely not Snake-oil. Gimme a break.
Bruce
>Bruce,
>We just came up with a 1337 crypto algo. You wanna peer review it for us?
>Peace,
>flaws