DonationCoder.com Software > N.A.N.Y. 2009

NANY 2009 Release: Crush Cryptonizer

<< < (4/8) > >>

mouser:
As someone who has dabble with encryption (see mircryption) let me just chime in a bit.

First, let's say that coding encryption routines can be extremely fun, and extremely educational and intellectually stimulating.  Crush is no doubt having a great time working on this.  The mathematics of some of the encryption routines (while mostly beyond me) is beautiful.

Second, i think it pays to be humble and cautious when talking about the strength of an encryption algorithm.  As the quotes from schneier point out, even presumably strong algorithms are only presumably strong, until someone finds a weakness.

This is why i agree with f0dder's point about the open sourcing of crypto algorithms if you expect them to be used for serious application.. i think it's largely an accepted position that the best way to evaluate the strength of an algorithm is to open it up to the experts and let them try to tear it apart.  There are so many ways for something to go wrong that it really needs a lot of eyes on it if you want to trust it.

Now on the other hand, unless you are one of the top crypto people, the chances of the pros really studying your algorithm are probably slim, so i'm not sure what practical benefit their would be in open sourcing it unless you really wanted to try to get it more widely in use, but on the other hand -- i really don't think it could hurt either -- the beauty of good encryption is that it's ok to let people see the algorithm and study it.  If that helps them defeat it then the algorithm was flawed in the first place.

Crush:
Ok, you changed my mind. I decided to release the sourcecode. At the moment I think it could be done much better and I´ll add some improvements to it before. During the last weeks I have a lot of really good new ideas I want to implement. Perhaps I first send the source to Bruce and his friends? :D

mouser:
The other thing about open sourcing your crypto algorithms is you'll have to develop a thick skin and try not to be too protective or sensitive to criticism.  In truth, i think this is one of those things where you will get more enjoyment out of the entire process if you view criticism of the algorithm as a positive thing.  I'll bet if you talk to the real crypto pros you'll find that they are probably rarely happier than when someone with some skills tries to find flaws in their work.  It will only make your code and your understanding of the work stronger.  :up:

Crush:
I´ll start some contacts to cryptography experts. As I see my work seems to get more interesting after the newest events here.

:( Some very bad news for germans have come up today: :(

In germany the effords in new encryption method will highly rise after a new law for the police has been introduced after many years of discussion and political fights. From January 2009 the police can send trojans or visit you at home when you´re away to install hard- and software on your computer. They now can force you to give them all passwords or you get in jail for a long time. They even don´t need a special reason if they think you´re a suspicous person. In the past they needed to get the official go from a lawyer before. Now they can decide on their own without asking anybody. Now they have rights like a super police.

This is heavy stuff. So I see the market for high security encryption and tools in germany booming in the next years. They also don´t have to inform you after an unsuccessful investigation about your observation. You´ll never now that the have taken a look at you, what informations have been stored where and who can see it and if the programs are still running they can get a perfect profile of your behaviours in the next years. They´re always talking about possible terrorists but the changes are too much to be believable. Even the german constitution has been changed to reach their goals. All new laws in the last years aim to cut all the rights on privacy of the public. This is a bad development and I want to do something against this farce. The only thing I can do is coding. ;)

f0dder:
Congratulations on your decision - I really honestly believe it's the right thing to do :Thmbsup:

And I'm sorry to hear that insane law was passed after all. It's a disgrace that such technologically (and generally too, I'm afraid) people are in any position to pass laws. I hope this will go all the way to your version of supreme court (and if it's there already, it might be time to consider moving to another country >_<).

Kinda scary seeing what kind of laws are being passed recently, I'm not very fond of the decision to force Danish ISPs to block access to ThePirateBay either - not that I care much about TPB (and currently it's only easily circumventable DNS lookup blocking anyway), but it's all one step closer to 1984-style regulation. Great firewall of China, anyone? >_<

Navigation

[0] Message Index

[#] Next page

[*] Previous page