Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10.2 9/18/84; site brl-tgr.ARPA Path: utzoo!linus!philabs!cmcl2!seismo!brl-tgr!gwyn From: gwyn@brl-tgr.ARPA (Doug Gwyn) Newsgroups: net.crypt Subject: Re: Crypto puzzle. Message-ID: <2745@brl-tgr.ARPA> Date: Sat, 2-Nov-85 18:21:16 EST Article-I.D.: brl-tgr.2745 Posted: Sat Nov 2 18:21:16 1985 Date-Received: Tue, 5-Nov-85 05:23:05 EST References: <1046@ttds.UUCP> Organization: Ballistic Research Lab Lines: 48 A much better test would be to include a complete description of the encryption system, omitting only the particular keys used (and the plaintext, of course). In practice, this information will become available to the cryptanalyst one way or another. Most professional cryptanalysts are not especially interested in solving challenge cryptograms, for the same reason that most mathematicians don't bother with proofs of Fermat's last theorem sent to them and that most physicists don't check out unsolicited theories of the universe that arrive in the mail. This may be a good cryptosystem or it may not, but if it takes much effort to crack, people are only going to attempt it if they have sufficient motivation. Suppose for example that someone discovers a weakness that allows him to unravel the message, and that he reports that to you. Would you at that point give up? No, much more likely you'd modify your encryption scheme slightly to plug that particular loophole. The analyst would then have to start over, find the next loophole (there is almost certain to be one), inform you of that, and watch as you fail to get the idea and instead apply yet another patch. One way to really subject your scheme to a good test would be to publish a description of the workings of the cryptosystem along with a very large continuous sample of encrypted text, and to offer a substantial monetary reward for the first person who can mail you a prespecified length of decrypted text, enough to compensate for the hours of hard work that may be involved. Of course, if it is really not a very good cryptosystem, some hacker may break it just from what you posted, but failure to have it broken that way will not prove anything about its security against a determined attack by experts. I hope these suggestions will be taken in the constructive spirit in which they are offered.