|
||
|
8 April 2013 Cipher-Breaking Techniques
Date: 8 Apr 2013 11:15:56 -0000 It's a good idea to take the usual cipher-breaking techniques -- I think http://www.schneier.com/paper-self-study.pdf is a reasonable starting point; for newer techniques I don't know any better source than the FSE proceedings -- and check how many rounds of your cipher you can break using those techniques. If you do a good job of writing up your best attacks then you'll save time for cryptanalysts who are looking for improved attacks. This savings, in turn, tends to attract more attention from cryptanalysts. Without such attention, nobody will have a reason to think that your cipher is secure. Note that nobody will believe that you've found the optimal attacks on your own cipher, whether or not you do a good job of writing up your best attacks; third-party cryptanalysis is critical. Other well-known ways to attract cryptanalytic attention to a cipher include (1) simplicity, (2) proofs, and (3) excellent performance. This doesn't mean that a single cipher needs all of these features to do well. For example, my own submission Salsa20 is very simple and very fast, and did well in eSTREAM even though at submission time my own best attack estimates were too rough to be worth seriously writing up, never mind proving anything about. The formal CAESAR submission requirements won't prohibit slow ciphers, won't prohibit complex ciphers, won't require proofs, and won't require serious cryptanalysis. There are many different ways that submissions will attract attention by going beyond the minimum formal requirements. There will be a meta-requirement for each submission to explain how it's better than AES-GCM at least for some important applications, but different submissions will meet this meta-requirement in different ways.
> The other thing I don't know is where or whether to
There are several venues that are willing to publish interesting new ciphers,
but this won't have any formal connection to CAESAR.
|