[Cryptography] Cryptanalyzing a whole-message cipher and a double-tree hash function
Tom Mitchell
mitch at niftyegg.com
Tue Dec 26 19:15:58 EST 2023
On Mon, Dec 25, 2023 at 5:53 PM Pierre Abbat <phma at bezitopo.org> wrote:
>
> I've invented a cipher and a hash function and am trying to cryptanalyze them.
> So far I've done a related-key attack with a 96-byte key (and shorter ones)
> and an 8-byte message and integral cryptanalysis with an 8-byte message. So
> far it's passed,
1) A quick look, the code is copyright and you are asking for a free
consultation :-(
I recommend a policy close to other public review submissions. See
early editions of TeX.
Add clarity with an "Intellectual Property Statements / Agreements /
Disclosures" statement.
Give attention to code and standards you depend on.
2) Your key management risks key exposure as the key is exposed on the
command line. Many systems and many invasive malware hacks look at
running programs for the things of interest.
3) Initialization and runtime library management local and remote is a
risk. You risk opening an attack should someone
notice your reliance on something that they can corrupt in the future.
4) Do plan to resist future quantum system attacks. I would step past
and ignore anything new that
was not designed for post-quantum cryptography (PQC) (also called
quantum-resistant or quantum-safe cryptography).
--
T o m M i t c h e l l (on NiftyEgg[.]com )
More information about the cryptography
mailing list