home *** CD-ROM | disk | FTP | other *** search
- Posting-Frequency: monthly
- Archive-Name: cryptography-faq/research
- Last-modified: 3 March 1995
-
-
- 1. "What is the charter of sci.crypt.research?"
-
- The discussion of cryptography, cryptanalysis, and related issues in a
- more civilized environment than sci.crypt. In particular, we are more
- interested in the technical aspects of serious cryptology. This is a
- moderated news group. Before posting, you may want to consider if your
- post would be more appropriate in talk.politics.crypto (discussions of
- the relationship between cryptography and government), sci.crypt
- (technical discussions of cryptography, unmoderated), alt.security.pgp
- (discussion of Philip Zimmerman's Pretty Good Privacy program and related
- tools, programs, and issues), alt.security.ripem (Mark Riordan's Privacy
- Enhanced Mail program), alt.security (general computer security issues),
- or some other group.
-
-
- 2. "What do you think of my new cryptosystem?"
-
- GUIDELINES FOR POSTING NEW ENCRYPTION SCHEMES TO SCI.CRYPT.RESEARCH
-
- People frequently invent new encryption schemes and protocols and want to
- share the fruit of their creativity with other people sharing an interest in
- cryptography. Past experience on sci.crypt indicates that many of these
- postings tend to be just an annoyance, rather than serious research. In an
- attempt to cut down on the annoyances, while still encouraging serious
- research in this area, we have proposed the following guidelines for posting
- new algorithms.
-
- A. DO research other encryption methods and understand how they work,
- including both historical and current work. There are lots of good books and
- journals devoted to this kind of work.
-
- B. DO investigate methods of cryptanalysis. Knowing how a cryptanalyst
- might go about trying to break a cipher gives you much better insight into
- how to create a good one. Indeed, among professionals, experience attempting
- to break encryption methods is considered essential before designing new
- ciphers.
-
- C. DO COMPLETELY DOCUMENT your algorithm with both a text description and,
- if applicable, computer source code. By "completely document" we mean that
- the description is sufficient for anyone skilled in the art to implement or
- simulate your algorithm. If you have doubts about export restrictions on the
- source code for the algorithm, you may choose to provide a pointer to a place
- where the source code can be obtained by qualified people, rather than
- posting it. If you have a complete application using encryption, and you are
- posting from the USA or Canada, then providing a pointer to the program
- rather than just posting it is recommended, but the text description should
- still be posted.
-
- D. DO describe the advantages of your algorithm compared to others in
- existence, including comparison of efficiency and other relevant design
- parameters. Make sure that you provide evidence to support your claims.
-
- E. DO try to break your own scheme before you post it. This could save some
- embarrassment.
-
- F. DO take a look at similar postings from other people on sci.crypt and
- sci.crypt.research and try to analyze them. This will give you some insight
- into how others will look at your posting and perhaps allow you to make yours
- more clear. It also gives you a chance to try to break some other
- cryptosystems.
-
- G. DO read the sci.crypt FAQ, posted monthly and archived at rtfm.mit.edu
- under /pub/usenet/sci.crypt.
-
- H. DO describe which quantities in your scheme are public and which are
- private. Explicitly mention what the key is and what the message is.
-
- I. DO include the design principles you used and mention any assumptions
- you made which you think may be relevant. Explain why you think your
- system is secure.
-
- J. DON'T expect a response from a ciphertext only challenge. Although
- there are techniques for attacking ciphertext only, most of them require
- lots of examples, some of which correspond to known plain text. They are
- also rather time consuming. If you do feel the urge to issue a challenge,
- make sure that you also comply with all of the above guidelines. Offering
- a cash reward if someone breaks your cryptosystem may help someone to be
- more motivated to try (and is also a good test of how much you believe in
- your own system).
-
- K. Be ready to carefully evaluate and learn from any feedback you get.
-
-
- Comments, questions, or suggested additions to this FAQ should be
- directed to the sci.crypt.research moderators at
- crypt-request@cs.aukuni.ac.nz
-
- ___________________________________________________________
- | |
- |\ /| | | Michael Paul Johnson Colorado Catacombs BBS 303-772-1062 |
- | \/ |o| | PO Box 1151, Longmont CO 80502-1151 USA Jesus is alive! |
- | | | / _ | mpj@csn.org aka mpj@netcom.com m.p.johnson@ieee.org |
- | |||/ /_\ | ftp://ftp.csn.net/mpj/README.MPJ CIS: 71331,2332 |
- | |||\ ( | ftp://ftp.netcom.com/pub/mp/mpj/README -. --- ----- .... |
- | ||| \ \_/ | PGPprint=F2 5E A1 C1 A6 CF EF 71 12 1F 91 92 6A ED AE A9 |
- |___________________________________________________________|
-
-