[tahoe-dev] crypto notes

[zooko]

Folks:

I updated the allmydata.org Bibliography page [1] to include the  
following notes in the "symmetric cryptography" section:

Salsa20 Design [2] -- a fast and secure cipher

Salsa20 Security Arguments [3] -- why Salsa20 is probably safe  
against this and that threat

EnRUPT [4] -- a very simple, fast, and flexible primitive which could  
be used as stream cipher, secure hash function, or MAC (the first two  
are primitives that we currently need, and the third one -- MAC -- is  
a primitive that we may want in the future) and which relies for its  
security on a large number of rounds. The question of how many rounds  
to use is decided by semi-automated cryptanalysis.

defectoscopy.com [5] -- a table of semi-automated cryptanalysis  
results from the inventors of EnRUPT. This technique is not well  
accepted by the mainstream of cryptographers. I (Zooko) can't judge  
how valid it is. Note that Tiger is one of only two hash functions  
that are predicted to be secure by this analysis -- the other is  
Whirlpool. MD-4/5, SHA-0/1/2, and GOST are predicted to be insecure.

Regards,

Zooko

[1] http://allmydata.org/trac/tahoe/wiki/Bibliography
[2] http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.59.9522
[3] http://cr.yp.to/snuffle.html#security
[4] http://enrupt.com/
[5] http://defectoscopy.com/results.html