Other Directory Sites: SeekWonder | Directory Owners Forum
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:21:02 ADT
Mike Rosing (eresrch@msn.fullfeed.com)
Thu, 30 Jul 1998 08:49:22 -0500 (CDT)
On Tue, 28 Jul 1998, Bill Stewart wrote:
> That's not realistic; understanding why algorithms are strong
> (as opposed to merely understanding how to implement them well)
> requires more mathematics than the average technical college graduate has.
> Most engineers know calculus quite well, and some differential equations,
> but haven't spent any time doing group theory, or even much number theory,
> but you can't do much crypto without them - and elliptic curves
> are much hairier than basic RSA. And even among experts,
[...]
But it need not be that way. ECC isn't that hard once the basic number
theory is down. I concur that's how it is now, and we'll see if I can
fix the problem sometime in the next 6 months.
> And designing good S-boxes for the algorithms that use them is a black art;
> can you really tell if the "selected values at random and discarded bad ones"
> that some algorithms use is honest, or if the dice were loaded,
> and the designers really took a trapdoor-equipped system and
> reverse-engineered a plausible path for the randomness feeding it?
> Rivest's MD5 work avoids some of this by starting with a
> well-known number (was it pi or e?) and using it as a source of digits.
I found Adams' paper "Good S-boxes are Hard to Find" an execellent
description of how to properly design S-boxes. He fully describes
non-linear properties, avalanch, diffusion and defense against linear and
differential analysis. This is done for any mxn configuration, so you
can check any set of S-boxes using a well defined method. "Trust but
Verify" :-)
Patience, persistence, truth,
Dr. mike
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:21:02 ADT