Re: Java encryption implementation

Lars Schoening wrote:
>> Either you develop a really secure PRNG, which I highly doubt for someone
>> who claims and proofs to be a n00b, or you implement a known good
>> PRNG. And
>> then, you would just reimplement something that has already been
>> implemented in the default J2SE runtime.
>
>
> Ok, I guess I'm just making another LFSR with this one:
>
> x(n+1) = (xn 275604541 - 2n + cn) mod 2^64
> where c is the byte at position n
>
> Im checking it with cn=0 right now and it didn't repeat til n=2^32 yet,
> not sure if that makes the thing any good...
>
> Sorry about the fullquotes, didn't mean to annoy.

It is much better that you asked what people thought rather than as most
casual posters do, put their idea into a product and try to sell it even
though it is deeply flawed. Crypto is very interesting, but if it is to
be a publicly used product it is also a very serious and technical area.

I do not pretend to be an expert, but you might find it useful to google
for stream ciphers and ready yourself for a long read.

http://www.cacr.math.uwaterloo.ca/hac/about/chap6.pdf is a chapter from
  "Handbook of applied cryptography" - specifically stream ciphers

You could also try searching for terms "RC-4" "Sober" "Snow" "Dragon"
These are just stream cipher names from the top of my head, they will
show you a little of what goes into a stream cipher design - there are
many other stream ciphers. You might also find some papers on attacks
of at least some of these ciphers, which will highlight the point that
no matter how clever you are, if there is a flaw, someone will trip you up.

Also have a look at,

https://www.cosic.esat.kuleuven.be/nessie/

which has lots of information as will

www.ecrypt.eu.org/stream/
Received on Sat Dec 3 04:20:08 2005