- Email: [email protected]
New data encryption facility
-
11
-
amount of testing can be said to prove the security of such an algorithm, but the NPL algorithm has been immune to the attacks tried on it, even though it was deliberately weakened for the tests. Now Mr Davies would like others to look for weaknesses, so that the algorithm is tested by people other than its designers before it goes into use. The property demanded of the algorithm is that if any enemy knows the content of a series of messages and their authenticator values for a given key, but not the value of the key, this enemy cannot To make the construct new messages and valid authenticators. criterion harder, the enemy is allowed to state messages (of any size) and be given their authenticator values. The message he constructs with authenticator values to disprove the security, need not be a meaningful or useful message, but can take any value. These conditions 'just to make it harder' are not usually met in the practical use of an algorithm but, like the 'chosen plaintext' criterion for ciphers,they ensure that the algorithm is even better than it need be.
Criticism welcomed
Anyone with a liking for a challenge and an interest in authentication is invited to attack the proposed algorithm. A statement of the algorithm with test examples and a description of its development and testing can be obtained from Mr D W Davies, Division of Information Technology & Computing, National Physical Laboratory, Teddington, Middlesex TWll OLW. Please send $5 or equivalent to cover reproduction and postage expenses. Digital signatures provide an even more powerful authenticator, but that is another story. The reports (Daily Telegraph, 20 October) that the public key cipher using products of primes (RSA cipher) had been broken by Adi Shamir were misleading - it was the standard Knapsack that was broken, and others have broken it, too. The RSA cipher and its corresponding signature remain intact and they could be very important for the security and convenience of future 'electronic banking' according to a paper given at a conference 'Electronic Banking - the next 10 years'. D Davies
NEW DATA ENCRYPTION FACILITY
Applied Software Inc of Suite 204, PGA Boulevard, Palm Beach Gardens, Florida 33140 has recently announced that its new Data Encryption Facility is available for commercial users of IBM machines operating under MVS/SVS and MVT. The package, which is driven by the DES alogorithm protects users files (stored in encrypted form) against theft, fraud and piracy and, for the fee of f8000 per CPU, may be good value. Each user of DES encrypts and decrypts his own data, using keys which are outside the computer itself. It thus appears that, unlike other encryption tools, this one is not accessible to casual browsing by users of restricted utilities. We would be very interested to hear from any user, or planned user of this new product.
;;CBTgRt Volume 5 Number 1
Ce!Elsevier
International
Hulletin:
11
-
amount of testing can be said to prove the security of such an algorithm, but the NPL algorithm has been immune to the attacks tried on it, even though it was deliberately weakened for the tests. Now Mr Davies would like others to look for weaknesses, so that the algorithm is tested by people other than its designers before it goes into use. The property demanded of the algorithm is that if any enemy knows the content of a series of messages and their authenticator values for a given key, but not the value of the key, this enemy cannot To make the construct new messages and valid authenticators. criterion harder, the enemy is allowed to state messages (of any size) and be given their authenticator values. The message he constructs with authenticator values to disprove the security, need not be a meaningful or useful message, but can take any value. These conditions 'just to make it harder' are not usually met in the practical use of an algorithm but, like the 'chosen plaintext' criterion for ciphers,they ensure that the algorithm is even better than it need be.
Criticism welcomed
Anyone with a liking for a challenge and an interest in authentication is invited to attack the proposed algorithm. A statement of the algorithm with test examples and a description of its development and testing can be obtained from Mr D W Davies, Division of Information Technology & Computing, National Physical Laboratory, Teddington, Middlesex TWll OLW. Please send $5 or equivalent to cover reproduction and postage expenses. Digital signatures provide an even more powerful authenticator, but that is another story. The reports (Daily Telegraph, 20 October) that the public key cipher using products of primes (RSA cipher) had been broken by Adi Shamir were misleading - it was the standard Knapsack that was broken, and others have broken it, too. The RSA cipher and its corresponding signature remain intact and they could be very important for the security and convenience of future 'electronic banking' according to a paper given at a conference 'Electronic Banking - the next 10 years'. D Davies
NEW DATA ENCRYPTION FACILITY
Applied Software Inc of Suite 204, PGA Boulevard, Palm Beach Gardens, Florida 33140 has recently announced that its new Data Encryption Facility is available for commercial users of IBM machines operating under MVS/SVS and MVT. The package, which is driven by the DES alogorithm protects users files (stored in encrypted form) against theft, fraud and piracy and, for the fee of f8000 per CPU, may be good value. Each user of DES encrypts and decrypts his own data, using keys which are outside the computer itself. It thus appears that, unlike other encryption tools, this one is not accessible to casual browsing by users of restricted utilities. We would be very interested to hear from any user, or planned user of this new product.
;;CBTgRt Volume 5 Number 1
Ce!Elsevier
International
Hulletin: