[18849] in cryptography@c2.net mail archive
gonzo cryptography; how would you improve existing cryptosystems?
daemon@ATHENA.MIT.EDU (Travis H.)
Mon Nov 7 09:46:47 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Fri, 4 Nov 2005 19:23:59 -0600
From: "Travis H." <solinym@gmail.com>
To: cryptography@metzdowd.com, cypherpunks@jfet.org
Hi folks,
If one had the ability to create standards over, with reckless
disregard for performance, how would you improve their security?
Feel free to pick a protocol or system (e.g. gpg or isakmp) and let me
know how it is done, and how it should have been done.
For example, pgp doesn't hide the key IDs of the addressees. Many
systems use hashes that are too small. DSA keys are too small
compared to large ElG keys. How would you make a signature with a
larger keyspace? Does the protocol wrap encryption in authentication
instead of vice-versa? Does ISAKMP do encryption where the input is
meant to be secret, instead of the key? Does it use a rinky-dink
algorithm, now that much better ones are available?
I've got a hankering to re-write something, and I want to know what
can be improved the most.
PS: There's a paper on cryptanalyzing CFS on my homepage below. I
got to successfully use classical cryptanalysis on a relatively modern
system! That is a rare joy. CFS really needs a re-write, there's no
real good alternatives for cross-platform filesystem encryption to my
knowledge.
--
http://www.lightconsulting.com/~travis/ -><-
"We already have enough fast, insecure systems." -- Schneier & Ferguson
GPG fingerprint: 50A1 15C5 A9DE 23B9 ED98 C93E 38E9 204A 94C2 641B
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
