I've just developed a block cipher symmetric-key algorithm and I am using it in some of my products. I want to put it to real test.
How would one go about entering their encryption algorithm into an international encrytption contest?
encryption
I've just developed a block cipher symmetric-key algorithm and I am using it in some of my products. I want to put it to real test.
How would one go about entering their encryption algorithm into an international encrytption contest?
While I don't know of any books/papers that discuss this exact problem, it seems to me that any solution to "the synchronization problem", paired with any solution to "the avoid-re-encrypting-file-with-new-key problem", should solve your original problem. Each of those sub-problems have several solutions.
The synchronization problem
You have one "common file" (in this case, a symmetric key) that, ideally, you want to be the same across all devices. However, for one reason or another, the data is somehow different from one device to the next -- split-brain syndrome -- and you want all the devices connected to the network to somehow reach a consensus as to whether to use version A from now on, or use version B from now on, or perhaps some entirely new version C from now on.
There are three popular approaches:
One of many possible solutions goes like this:
In particular, if every device has a different version of this file, then the "birthday problem" practically guarantees that, after enough iterations of this algorithm, eventually 2 devices will pick the same version of the file, and eventually all the online devices will converge on the same version of the file.
The avoid-re-encrypting-file-with-new-key problem
All problems in computer science can be solved by another level of indirection. But that usually will create another problem. -- attributed to David Wheeler in the book Beautiful Code (2007)
As I understand it,
The standard way of doing that is to store the data in OpenPGP format (as standardized in RFC 4880). a b c d e
You already have one layer of indirection -- a person types a passphrase, which is used to decrypt the device-specific password.
The OpenPGP process uses a second layer of indirection: Every file is encrypted with its own unique symmetric key.
It works something like this:
Every time new data is created or edited, a completely new symmetric key is generated, the new key itself is encrypted with the user's public key and that encrypted key is stored in the header of the encrypted file. The data is encrypted with that new symmetric key and stored afterward in that encrypted file. (This can all be done before the device ever connects to the network).
Later that encrypted file is synchronized unmodified over the network. (Except the sender somehow obtains the receiver's device-specific key, encrypts the file-specific symmetric key with the receiver's key, and then adds that encrypted key to the file header).
To decrypt that file and read the data,
To make the system easier to change/migrate,
Use an encrypted file format (such as OpenPGP) that specifies exactly which encryption algorithm was used for this particular file. That allows future software to detect which encryption algorithm was used to create a particular file. Then the device can decrypt today's shiny new files using today's shiny new preferred algorithm. The device can also decrypt dusty old files with yesterday's dusty old algorithms -- and optionally re-encrypt using today's shiny new preferred algorithm.
Use an encrypted file format (such as OpenPGP) that allows you to store the particular file-specific symmetric key in the header several times, each time encrypted with a different public key or device-specific key.
When a user changes the passphrase, only the device-specific key gets re-encrypted, just like what you are doing already.
If for any reason the device-specific key needs to change, then the device must re-encrypt the file-specific key in the header of each and every encrypted file it holds. That's probably faster than decrypting and re-encrypting the entire file.
Have you considered using some off-the-shelf implementation of OpenPGP, such as "Pretty Good Privacy" or "GNU Privacy Guard"?
With email encryption there are two possible options (over-simplified):
When to use each really depends on the purpose of encrypting the email. Do you want to prevent someone eavesdropping while your mail is being sent or to you want to ensure that only the intended recipient can read the email?
If you want to prevent someone on your network from eavesdropping than you would want to consider encrypting the transport. What this means is that the contents and the headers of the email still remain in plain-text, but the transmission between your mail software and your mail server are encrypted.
The mail server will likely store the plain-text email ready to be forwarded to the next mail sever in line for delivery. How this is done depends on the configuration of the mail server and the protocols available between it and the next mail server. It may be sent in plain text, over an un-encrypted channel.
The key to know here is that the email will be plain-text between you can all the intermediate mail servers that may handle the email.
If you want to prevent anyone other than the intended recipient than you want end-to-end encryption as you've described in your question.
This form of encryption is where you and the recipient agree on way that you will be securely communicating and use this method to perform the encryption and decryption. In your question you've described a PKI (public key infrastructure, asymmetrical encryption) way, but there is nothing preventing you from also using a pre-shared key and using symmetrical encryption.
There are a few plugins, such as PGP & GPG, that allow you to encrypt, sign, verify & decrypt email that has been sent using PKI methods.
You are essentially correct in your scenario.
Best Answer
Yes but they are normally the other way around.
Well respected experts in crypto are invited to submit their algorithms and everyone else in the world is invited to break them. The one that does best ends up as the next standard. These algorithms have already stood up to the mathematical tests of their own inventors, their students and fellow researches as well as the experts at various inteligence agencies.
Sorry but nobody is going to put time/effort/resources into trying to break an algorithm by an amateur with no reputation, publications or standing in the field.