| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 19 Nov 2015 16:05:17 +0200 From: Ismail Kizir <ikizir@...il.com> To: Łukasz Stelmach <l.stelmach@...sung.com> Cc: linux-kernel@...r.kernel.org Subject: Re: A new, fast and "unbreakable" encryption algorithm Lukasz, Clemens, Herald, Others Linux and Open Source Enthusiasts: You are all invited to collaboratively improve our encryption algorithm at: https://github.com/ikizir/HohhaDynamicXOR Write down every weaknesses you find, every idea to improve; every code piece you think necessary. Let us not disturb kernel group anymore. Thank you very much in advance On Thu, Nov 19, 2015 at 2:31 PM, Ismail Kizir <ikizir@...il.com> wrote: > Francly Lucasz, > > I am not an expert and never claimed it. > And I accept it's vulnerable to side channel attacks like the one you mentioned. > With this occasion, I want to emphasize one point: > I don't claim that the my algorithm is perfect. > But, take a look at this: > > But, I am sure, this "dynamic key model" is the right way to follow > for the encyption. > You are all on the top of the "IT food chain" guys. > It is a GPLed algorithm and code. > Let's develop it ourselves for ourselves. > Let's think together. > For example; Clemens's "all zero" file is another weak point. I am > thinking about it too. > Help me. Criticise the algorithm. wrote you all to be criticised. > Show me the weaknesses Let's think together and get it better. > Some people think that's not the right place for this discussions and > they may be right. Write me privately please. And I am constantly > updating the code on > http://ismail-kizir.blogspot.com.tr/2015/11/hohha-dynamic-xor-algorithm-source-code.html > > Ismail Kizir > CTO, Hohha Internet Services Ltd. > > On Thu, Nov 19, 2015 at 2:12 PM, Łukasz Stelmach <l.stelmach@...sung.com> wrote: >> It was <2015-11-18 śro 06:25>, when Ismail Kizir wrote: >>> Hello, >>> >>> I've developed a new encryption algorithm, which dynamically changes >>> the key according to plaintext and practically impossible to break. >> [...] >>> I will be glad to see my algorithm included in Linux distributions. >>> Please feel free to ask if you have any questions. >> >> How resistant to side-channel attacts is or can be an implementation of >> your algorithm? Not being an expert I am a bit worried about this >> particular line >> >> XORVal ^= *(Salt + (LastVal&(SALT_SIZE-1))); >> >> which if I understand it correctly makes a memory access depending on >> secret data. Because memory accesses are note constant time operations >> due to cache one might try (and succeed?) learning about secrets by >> measuring time required to encrypt or decrypt data. >> >> -- >> Łukasz Stelmach >> Samsung R&D Institute Poland >> Samsung Electronics -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists