Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

What Would You Do With a New Form of Encryption? 868

Kip Knight asks: "I've been sitting on an invention for six months now. I'm debating whether to 'give it to the world' or patent it. I would obviously like to feed my family on the fruits of my endeavour but don't see much hope in the open source route. My invention improves upon the 80 year old One-Time Pad encryption turning it into a 'Many-Time Pad'. Since I haven't got my export license to speak about the details yet, I won't describe further. The advantages are proof (i.e. unbreakable) against brute force attacks and known-plaintext attacks (unlike the OTP). The disadvantage is carrying around a very large digital key (which could easily fit on one of those USB memory key fobs). My question is this: Could I sell enough $10 shareware GPG extensions to compensate for not locking in 20 years of patent protection (and the $20,000 to patent it)?" While the claims made by the submittor have yet to withstand the crucial test of time (and prying eyes), if you had developed a new form of encryption, what would you do?
This discussion has been archived. No new comments can be posted.

What Would You Do With a New Form of Encryption?

Comments Filter:
  • Easy. (Score:5, Insightful)

    by superdan2k ( 135614 ) on Wednesday October 09, 2002 @01:50PM (#4417817) Homepage Journal
    1. Patent it. Period.
    2. Allow it to be used freely by open source programs. License it to commercial companies that stand to make money.
    3. ...
    4. Profit.
    • Re:Easy. (Score:4, Funny)

      by dattaway ( 3088 ) on Wednesday October 09, 2002 @02:00PM (#4417922) Homepage Journal
      I'm sorry, everything that hasn't been invented yet has already been patented last decade. Never underestimate an infinite number of lawyers on an infinite number of typewriters submitting claims to the US Patent Office.
    • Re:Easy. (Score:5, Insightful)

      by Lokni ( 531043 ) <reali100@chapman.COMMAedu minus punct> on Wednesday October 09, 2002 @02:02PM (#4417936)
      I definitely agree with the above poster on 1, 2 ,4. As far as coming up with the $20,000, find a lawyer that will draw up a rock solid non disclosure agreement and then shop it around to rich businessmen and patent lawyers after you get a signed NDA.
      • Re:Easy. (Score:4, Informative)

        by stephanruby ( 542433 ) on Wednesday October 09, 2002 @02:47PM (#4418364)
        As far as coming up with the $20,000, find a lawyer that will draw up a rock solid non disclosure agreement and then shop it around to rich businessmen and patent lawyers after you get a signed NDA.

        Before you go to a lawyer, start an invention journal, document your invention, document how you thought up of the invention, and have two trusted friends read/understand/sign/date every page of it. If the need arises, those two friends of yours have to be credible in a court of law, so don't ask your girlfriend or your family to do this. Then you can go to a lawyer to ask for further advice.

      • Re:Easy. (Score:5, Insightful)

        by JonTurner ( 178845 ) on Wednesday October 09, 2002 @03:39PM (#4418839) Journal
        And then what? "Rock solid" legal agreements don't mean shit unless you have the money to take then to court if they violate the terms or even outright steal the idea. That they did it isn't enough. You have to PROVE it in court, and that takes $$$. Are you prepared for the appeals, motions for discovery, and dozens of other motions filed that are designed to tie you up and run up your legal bills? And even if you do win a decision you have to collect which is another matter entirely.
        A bunch of words on paper isn't going to do much good for someone who may have trouble scraping together the $20,000 for the patent work, the $100,000+++ needed to sue a large corporation with a fleet of slick attorneys is going to be difficult to find.

        Don't just do something, stand there!

      • by Johnboi Waltune ( 462501 ) on Wednesday October 09, 2002 @04:23PM (#4419249)
        Just go to the bank you do business with and get a $20,000 loan. If you have a decent credit rating, it should be no problem at all. You could also take out a loan against your 401(k), or even a home equity loan. Rates are great right now. The point is, there's no reason to involve a third party who has an interest in your invention, just to get the funds to patent it.
      • Re:Easy. (Score:4, Informative)

        by mbogosian ( 537034 ) <matt@arenaunlCUR ... minus physicist> on Wednesday October 09, 2002 @05:19PM (#4419731) Homepage
        As far as coming up with the $20,000, find a lawyer that will draw up a rock solid non disclosure agreement and then shop it around to rich businessmen and patent lawyers after you get a signed NDA.

        I agree, patent the algorithm. Some useful things to remember:

        US$20,000 is the initial cost of patenting your algorithm. It may cost upwards of US$1 million to defend it in courts if people piss all over you.

        Also, NDA's are hardly ever enforceable. It's best to use a trusted friend or family member if available (we should all be so lucky).

        The angel investing approach to funding the patent may work, but you'll probably have to give up a percentage of the proceeds.

        Good luck. I hope you're successful!
    • Re:Easy. (Score:5, Interesting)

      by twilightzero ( 244291 ) <mrolfs AT gmail DOT com> on Wednesday October 09, 2002 @02:04PM (#4417961) Homepage Journal
      The above post definitely has this one right. Patent it, that way somebody else can't steal the idea and claim they invented it and make YOUR profit from it. That being done, you can easily distribute it freely to the masses for common use, or sell shareware, or whatever. If it's really as good as you claim, you shouldn't have problems selling $10 or whatever shareware licenses. Also, if it's that good, corporations would be climbing all over you for access to it. You could charge a very reasonable fee for its use, even allow yourself to be hired as a security consultant/whatever, and make your profit from it.

      I realize it's an up-front cost for patenting, but look at the alternative: someone stealing/adapting your invention and making the money that YOU could've had. Don't let that happen to you. And if it's really that good, there are services out there that will help you patent inventions, although I will admit to not being entirely familiar with them having never patented something myself.
      • There's even a better method that has been discussed for years. Document everything. Mail it to yourself. The postmark is sufficient proof of the date.

        It doesn't matter if you intend to make a product or wait until someone else uses your best kept secret. If you plan to ramp up a production line to pump out your products and are sued by someone who finally does (and will) get a patent on your idea, just show them the evidence. Rather than having their patent nullified due to prior art, they will give you cash to shut up. Same if someone else makes it and they happened to patent it. Threaten to sell your prior art to others. Hush money will come your way (or someone will come over to fit you with a pair of concrete shoes.)

        You can be assured this will happen. The introduction of new technology makes new obvious things possible. Its a race with time. Better put the cards in your pocket and hide them until the dealer has a lot of cash on the table.
      • Re:Easy. (Score:5, Insightful)

        by blibbleblobble ( 526872 ) on Wednesday October 09, 2002 @03:11PM (#4418565)
        Hang on a sec... this guy says he has a revolutionary new encryption algorithm that's as secure as a one-time pad? Now, even for people who don't have the first clue about cryptography*, that sounds like the inventor needs a breath of fresh air and a healthy dose of reality, never mind a patent lawyer.

        Hint: Encryption systems only become revolutionary after they've been in the public domain for 5-10 years. Even then, they won't get used if there's a patent attached.

        One-time pad? Bull. Crypto inventions come at a rate of one every 5 years, and the next one due is quantum cryptography. Think the idea is so smart it's better than quantum? Even claiming it's comparable to elliptic-curve crypto is one hell of a claim, and not something to be believed until it's published in a journal. Several times. And reviewed by people we've heard of. Even then, we won't believe it's unbreakable until the inventor has been imprisoned by the FBI for publishing it.

        Nevermind the patent issue: there's a common-sense issue to be solved first. Thousands of crackpots a year come up with unbreakable [by them] encryption; having a patent doesn't make it any less snake-oil.

        *Clues to be found in:
        Book: Applied cryptography
        Book: Secrets and Lies
        Article: Phil Zimmerman's writings on the PGP page
        Helpfile: PGP helpfile

        • Re:Easy. (Score:5, Insightful)

          by jovlinger ( 55075 ) on Wednesday October 09, 2002 @03:42PM (#4418866) Homepage
          I think schneier was the one to point out that we are all able to invent ciphers that we can't break ourselves. The good ciphers are the ones that can't be broken by others.
        • Re:Easy. (Score:5, Insightful)

          by Bagheera ( 71311 ) on Wednesday October 09, 2002 @04:09PM (#4419125) Homepage Journal
          Looks like you've hit this one on the head. Crypto is a very conservative world and people don't adopt new algorythms untill they've been analyzed to death. Being unwilling to publish it makes me suspecious right from the start. Once it's published he'll at least have copyright protection and can worry about the patent later.

          We won't go into professional cryptologists opinions of amatures with "new and revolutionary ideas." (But some of the threads in the USENET crypto groups can be very enlightening on that count)

          To answer his specific question, I would say NO. Unless he plans to use some form of free license, there are far too many good, unencumbered, crypto systems out there already for it to be worth it to add yet another patented one. At least for implementations at the application level. If there's going to be money in it, it'll be made from a good implementation of the system.

          • Re:Easy. (Score:5, Insightful)

            by j7953 ( 457666 ) on Wednesday October 09, 2002 @05:24PM (#4419761)
            Being unwilling to publish it makes me suspecious right from the start.

            Huh? A patent is a method of publishing your invention, in fact, that is (or used to be) one of the points of the patent system: to make it profitable for people to share their inventions instead of keeping them secret. The idea of patents is, as your constitution puts it, "to promote the progress of science."

            Of course, this doesn't work if patents are granted on solutions that are obvious once you know the problem, but that is not the case here. (Assuming the cryptographic algorithm actually works, it is likely that it was not obvious.)

            Remember that RSA is a very successful cryptographic technology, despite being protected by a (now expired) patent.

            • Re:Easy. (Score:4, Interesting)

              by Bagheera ( 71311 ) on Wednesday October 09, 2002 @08:20PM (#4420750) Homepage Journal
              Good point (as was the other response to this). I'm obviously not a patent attorney, but still have a less than sterling opinion of the current patent process. My point here is that there is a lot of effort required to patent an idea. There are patent searches, etc., to name just the most obvious. Putting the effort into patenting the new algorythm if you're not absolutely sure it's going to stand up to analysis is almost certainly not worth the expenditure.

              If you're an experienced cryptologist, chances are you already know the chances your algorythm has of withstanding attack and analysis. But then you'd also have a good idea whether it was worth patenting - or the company you're working for will make the decision on whether or not to patent it.

              And yes, RSA is a highly successful algorythm - created by three of the finest cryptologists in the business. It was patent protected, but had a reasonable license model for application development. If it hadn't, and hadn't been created by folks with a known track record, it wouldn't have gotten anywhere near as far.

              I don't mean to put the original poster down at all here (being an amature (very amature) cryptologist myself) but if he's asking /. for our collective opinion, I seriously doubt he has the credentials required.

    • Re:Easy. (Score:4, Funny)

      by Nogami_Saeko ( 466595 ) on Wednesday October 09, 2002 @02:07PM (#4417984)
      Same thing as other (unmentionable) companies...

      Patent it, allow people to use it for free, once it becomes a worldwide standard, change your license terms to demand royalties from everyone using it.

      Ethically and morally repugnant, but it makes a few bucks...
    • Re:Easy. (Score:3, Interesting)

      It is interesting to me all of the highly-marked comments suggest the patent route whereas the general tenor of /. discussions concerning patents is that THEY ARE BAD. What gives? Is it that the "little guy" is not as likely to abuse the patent process? That's hardly relevant, especially if you subscribe to Knuth and Ullman (as noted in this [slashdot.org] /. posting).
      • Re:Easy. (Score:3, Insightful)

        by nelsonal ( 549144 )
        Patents in themselves are not bad, just as licenses are not bad (remeber that the same powers that protect Microsoft protect the GPL), in all cases they protect an author from another using his idea. In this case the poster could patent their idea, and license it royalty free to whomever. What the general consensus dislikes is patents that prevent them from using their idea for implimenting a project because the patent is very broad, or common sense enough to be invalid.
      • Re:Easy. (Score:5, Insightful)

        by pizza_milkshake ( 580452 ) on Wednesday October 09, 2002 @02:30PM (#4418208)
        It is interesting to me all of the highly-marked comments suggest the patent route whereas the general tenor of /. discussions concerning patents is that THEY ARE BAD

        i wouldn't say that the general thinking is that all patents are bad, but frivolous patents on things that aren't patent-worthy (like Amazon's "One-Click Shopping") are certainly bad.

        Patents are meant to protect individual inventors' inventions from being ripped off. Instead, many companies try to patent everything (even things that are common and that they didn't "invent", for instance if/when eBay tries to patent "online auctions" ) and then use their squads of lawyers to go out and try to slow down, fine or destroy any company that develops any products that bear any resemblance as a means of intimindation via multi-million dollar lawsuits.

        Patents should be used as a means of defense, not offense.

      • Re:Easy. (Score:5, Insightful)

        by Darth_Burrito ( 227272 ) on Wednesday October 09, 2002 @03:03PM (#4418498)
        It is interesting to me all of the highly-marked comments suggest the patent route whereas the general tenor of /. discussions concerning patents is that THEY ARE BAD. What gives?

        Reality? Whether or not Patents are evil is debatable, but whether or not you need a patent to maintain ownership of your intellectual property isn't.
    • by Sun Tzu ( 41522 ) on Wednesday October 09, 2002 @04:32PM (#4419341) Homepage Journal
      ...which is close to zero -- until you elaborate a bit on step 3, above, just before '4. Profit.' or insert a new step 2.5. :) My symmetric encryption algorithm has the following characteristics:
      • Encrypts blocks of arbitrary size
      • Chains blocks by default (it should be possible to disable this. heck, I can't remember)
      • any bit changed in either the key or the encrypted block (let's make it 16K...) flips about 50% of the bits in the encrypted output
      • The key can be an arbitrary size with negligible effect on efficiency
      • It is very efficient since it was designed from the beginning based on computer operations natively implemented in integer processing units
      • It is very inefficient (are you still paying attention? :) ... in setting up the 'encryption engine -- the first byte en/decrypted takes a setup time proportional to the block size, but subsequent bytes are very fast to en/decrypt. The advantage of this is it makes brute force attacks with some future supercomputer much less efficient while having little slowing effect on the entire stream of data -- unless the data stream is very small, of course

      Sounds good for packet streams or disk blocks (with block chaining disabled), right?

      Well, it isn't. I am nobody in the encryption world. My algorithm hasn't been published and peer reviewed. And, even if I published it, it would hardly be taken seriously. No one would trust it. Therefore, noone would even waste their time analyzing it.

      I submitted a patent disclosure document, then I presented it to a security group at Novell.

      They weren't really interested for all of the reasons listed above and only looked at it because of a request from Ray Noorda. (it was a few years ago). I gradually began to realize the magnitude of the problem and shelved the project to work on my various hobbies [starshiptraders.com] and pasttimes [tfn.net]

      At least I can have some fun from them while not making any money. ;

    • wait... (Score:4, Insightful)

      by Zemran ( 3101 ) on Thursday October 10, 2002 @03:04AM (#4422405) Homepage Journal
      The first thing the guy should have done is to post an encrypted article. So that people could try and prove him wrong. If he really had faith in his product he would allow people to attempt to crack it. The advantage of this is two fold. If he is right, and it is unbreakable, then he gets lots of free advertisement and if he is wrong he saves the cost of the patent.
  • by hpa ( 7948 ) on Wednesday October 09, 2002 @01:51PM (#4417824) Homepage
    ... patent it, *then* you can figure out what business model you want to use.

    Note, however, that the claims made by the submittor is basically a laundry list of the kinds of claims that makes seasoned cryptographers go "oh no, not again."
    • by markk ( 35828 ) on Wednesday October 09, 2002 @02:02PM (#4417945)
      I would reinforce this comment - the claims in the original submission are invalid on the face of it in the real world. There is no plaintext attack on a real 'otp' with enough randomness in the key since the key is used only once.
      To all of the people with new cryptosystems - with all due respect - we now have really good, well understood cyphering methods up to a level where the failure in security won't be from the method of encryption. Key exchange could be improved, but actual symmetric cypher methods aren't going to revolutionize things anymore. We can always use better, and people will continue to look for flaws (as in Rijndael) but none of this is big time.
    • by ENOENT ( 25325 ) on Wednesday October 09, 2002 @02:04PM (#4417964) Homepage Journal

      Note, however, that the claims made by the submittor is basically a laundry list of the kinds of claims that makes seasoned cryptographers go "oh no, not again."

      No kidding. Read sci.crypt for a while, and you'll see any number of "revolutionary" encryption schemes, most of which are obviously junk invented by naive crypographer-wannabes. (Note: I'm not a cryptographer, nor do I play one on TV.)

      At least the submitter understands that OTP only works if you have a big chunk of shared secret data to use as a pad. However, his mention that OTP is vulnerable to chosen-plaintext attacks makes me think that he's just another crackpot. Think about it--you use the random bits in the OTP only once, and they contain no information about future bits in the pad. Thus, OTP is 100% resistant to chosen plaintext.

      My advice: DON'T BOTHER SPENDING ANY MONEY ON PATENTING THIS!!! If you decide that I'm full of it, at least do some serious study into cryptography before giving a dime to a patent lawyer.

    • by Anonymous Coward on Wednesday October 09, 2002 @02:29PM (#4418194)
      Yeah, we see this all the time on sci.crypt. It's the cryptologic
      analog to inventing a perpetual motion machine.

      Not only is the true one-time-pad proven to provide perfect secrecy, we
      can also prove that no system that uses less key material can provide
      perfect secrecy (at least not for arbitrary plaintext languages).

      The results are found in the first half of Claude Shannon's seminal and
      quite readable paper:

      "Communication Theory of Secrecy Systems", Bell System Technical
      Journal, vol.28-4, page 656--715, 1949.

      which is available on-line, see:

      http://www.cs.ucla.edu/~jkong/research/security/ sh annon.html

      Also, the "known plaintext" weakness of the OTP is a myth. The idea is
      that an attacker who knows the plaintext can compute the ciphertext of
      any message he chooses, and substitute it for the intended ciphertext.
      But the classic OTP is a secrecy system, and attacks on authentication
      are irrelevant to its function.

      We can, incidentally, also obtain provable authentication, and this also
      requires use of one-time keys. Look up "universal hashing" for further

      --Bryan Olson
      Cryptologic Engineer, Certicom Corp
    • by coyote-san ( 38515 ) on Wednesday October 09, 2002 @03:40PM (#4418847)
      Or we can save him the effort and tell him what his "revolutionary" idea is, thus simultaneously providing proof of prior art (making the patent question moot) and that he needs to spend more time studying cryptology before his next big idea.

      The fact that he says it's "multiple use" and that it requires a "digital key" suggests that he's using the key as the seed for some crypto PRNG (e.g., you recursively encrypt your salt with your key as the password, then pull out some of the bytes to create your OTP. Put the random salt as the first few bytes of the cipher text and voila, instant multiuse OTPs. Not weak (not if you use a good crypto PRNG), but hardly an original thought that would not occur to the casual practitioner of
      the science.

      (There's also the pesky fact that most experts would consider this approach foolhardy. If you have a decent encryption routine, use it to encrypt the data directly. Crypto PRNGs are believed to be strong, but I don't know if this has been formally studied. There would well be an emergent property in the implementation that makes the PRNG highly predictable.)

      A refinement would involve recognizing that DSA keys actually have a 'generator' attribute, and you could use that to map your salt to a seemingly random sequence of values. It should be much more efficient than the recursive crypto approach, but again is hardly original since the very reason that these keys include generators is that they're used to efficiently generate ephemeral session keys via the same property.
  • Get the patent... (Score:5, Informative)

    by BTWR ( 540147 ) <americangibor3&yahoo,com> on Wednesday October 09, 2002 @01:52PM (#4417826) Homepage Journal
    I'd get the patent. Even consider trying one of the previously mentioned do-it-yourself patent methods [slashdot.org]. Protecting your invention is worth the effort and capital.
  • by i_want_you_to_throw_ ( 559379 ) on Wednesday October 09, 2002 @01:52PM (#4417833) Journal
    Replace the one that NSA has broke already...
  • by MagicFab ( 7234 ) on Wednesday October 09, 2002 @01:52PM (#4417834) Homepage
    then encrypt the patent.
  • by killmenow ( 184444 ) on Wednesday October 09, 2002 @01:52PM (#4417835)
    Try to take over the world...
  • Feed the Family (Score:5, Insightful)

    by syrupMatt ( 248267 ) on Wednesday October 09, 2002 @01:53PM (#4417840) Homepage Journal
    Fact is, if i need money, then liscense it to a company who will do the dirty work for me and live off the proceeds. If it is, in fact, a brilliant discovery, you should fight for provisions which will ensure some amount of open review.

    Not everyone who comes up with such a proven idea is a software developer, and they may not be able to live off of creating cutting edge software or maintaining said software for a living. The bazaar method doesn't apply to theory.
  • Too late (Score:4, Funny)

    by jsse ( 254124 ) on Wednesday October 09, 2002 @01:53PM (#4417843) Homepage Journal
    I've been sitting on an invention for six months now.

    Butt is a prior art, iirc.
  • Hehehehe (Score:5, Insightful)

    by tomstdenis ( 446163 ) <tomstdenis@gmCOMMAail.com minus punct> on Wednesday October 09, 2002 @01:53PM (#4417846) Homepage
    Ten bucks says five mins after he publishes it it will get broken.

    "many-time" otp are quite nonsense. See the problem is people think that good ciphers can have security approaching the OTP. The OTP is an absolutely different type of security.

    For instance, *no* ammount of time is sufficient to break an OTP without the key. Whereas a block cipher can be broken at least in theory.

    I'd suggest to the original poster that he try to get his design published. When it gets horribly broken it will serve as a learning experience as how "not" to approach science.

    • Re:Hehehehe (Score:5, Informative)

      by Proaxiom ( 544639 ) on Wednesday October 09, 2002 @02:08PM (#4417996)
      You're right. He says he has proven it, but before spending $20,000 on a patent it would be a very smart thing to have a cryptographer review his proof. I suspect a flaw would be readily apparent to someone skilled with the subject.

      It can't be 'unbreakable' under the normal definition of the word. It's impossible because truly unbreakable crypto requires a key that contains at least as much information as the plaintext, and a 'many-time pad' does not satisfy this precondition.

      It would seem to me that this simple observation disproves his claim without even knowing his algorithm.

    • Re:Hehehehe (Score:5, Insightful)

      by X-rated Ouroboros ( 526150 ) on Wednesday October 09, 2002 @02:39PM (#4418289) Homepage


      I seriously doubt the guy has looked at this from all angles or considered how it would be implemented digitally. Some ideas that seem really good on paper break down when you get to the nuts and bolts of how to do it with bits and bytes. Considering the guy's tendency to throw around OTP and, gag, "many-time pad," I don't see a lot of familarity with the way these terms are percieved by the lay crypto.

      Still, if he's got that much faith in it, patent it, or write it up and copyright the description (not really ironclad, but it could get a settlement if OmniCorp steals the idea). I think the only reason the guy is asking about rather than just doing it is because he fully expects it to be broken shortly after going public and all the costs of filing a patent going to waste.

      Considering he says it's invulnerable to known plaintext attack he could post some plaintext and ciphertext for people to whack at for a while. It might just be security through obscurity if no one breaks it, but it could also illustrate that while he's so busy looking at ways to break the algorithm he's too close to see he's taking the long route around a much more straightforward (and trivial) transform.

      Posting ciphertext and plaintext and inviting people to attack it should keep the encryption method safe if it's as secure as he thinks it is. If some reverse engineers the algorithm (or an equivalent) it will show it wasn't worth patenting in the first place (or that it's already been patented).

  • Do Nothing (Score:5, Funny)

    by RAzaRazor ( 562318 ) on Wednesday October 09, 2002 @01:53PM (#4417853)
    Don't do anything to make it public. Just keep it for your own personal use.

    That would be the best encryption you can have. The one only you know about.
    • Re:Do Nothing (Score:5, Insightful)

      by Anonymous Coward on Wednesday October 09, 2002 @01:58PM (#4417905)
      Security Through Obscurity Does Not Work. Period.
      • Re:Do Nothing (Score:3, Insightful)

        Not by itself, at least. I always figured that obscurity would be the first element of any robust defense in depth. You'll have trouble picking the locks on my door if you have no idea where I live. But I don't rely only on your ignorance to protect my home--I also have really good locks. Of course, now that you know I have really good locks, your job becomes a little bit easier. If I told you the make and model of my locks, that would make your job easier yet. You'd probably also like to know about my alarm system, guard dogs, and surveillance cameras. Every piece of information you have about my security improves your chances of breaching it, and reduces my obscurity by an unacceptable amount. Obscurity is a vital component of any physical security system. Period.
  • by Faggot ( 614416 ) <choads@g a y . c om> on Wednesday October 09, 2002 @01:53PM (#4417855) Homepage
    It's heartwarming that you've invented a new form of crypto. However, before anyone takes it seriously, you're going to have to reveal it to the cryptographic community. "Many eyes make bugs shallow" as they say, and in few places is this more important than in crypto. An algorithm you've looked at 10000 times may have a logical error you've never caught, that would be glaring to a knowledgable pair of fresh eyes.

    Plus no self-respecting paranoid freak is ever going to use a new cipher that hasn't had any time in the spotlight. Release it to the field and ask for comments.
  • 'Many-Time Pad' (Score:4, Interesting)

    by wiredog ( 43288 ) on Wednesday October 09, 2002 @01:53PM (#4417856) Journal
    Yeah. Right. Let me guess. It's a one time pad, but one where the unused code groups get remapped/reused, which is just another type of one time pad.
  • 99.9 percent sure (Score:5, Insightful)

    by PD ( 9577 ) <slashdotlinux@pdrap.org> on Wednesday October 09, 2002 @01:54PM (#4417857) Homepage Journal
    That this invention is a bunch of crap. Most likely scenario: inventor releases a press release that gets widely reported and the most secure thing ever invented. Claims like "unbreakable" and "proven secure" and "many time pad" will be thrown around freely.

    And then someone with a decoder ring will crack that puppy wide open.

    Yawn. Snake oil.
  • Well (Score:5, Funny)

    by llamalicious ( 448215 ) on Wednesday October 09, 2002 @01:54PM (#4417864) Journal
    First, I wouldn't "Ask Slashdot"
    (sound of pitter-pattering many greedy feet scurrying to the nearest PTO)

    1. Patent new encryption algorithm.
    2. Sell to highest bidder.
    3. ???
    4. Profit.

    Ah well, you could always be more philanthrophic than me, and support FSF, but hell, I'm just a capitalist at heart.
  • by egg troll ( 515396 ) on Wednesday October 09, 2002 @01:54PM (#4417865) Homepage Journal
    I think you should trade this patent for some stock in VA Systems! How could that fail to make you wealthy?!
  • by Joel Ironstone ( 161342 ) on Wednesday October 09, 2002 @01:54PM (#4417866)
    IF you patent the idea, you retain all rights to give it away freely, sell it or whatever, to whomever. If you don't you lose your rights over the invention.

    I say patent it and then decide based on what offers you get. Once you patent it you can shop around for people to license it to. You can define the terms of the license (3 years and then you can offer it as GPL or NOT)

    Don't be a fool, its your blood and sweat, you deserve to own it.

  • by splattertrousers ( 35245 ) on Wednesday October 09, 2002 @01:54PM (#4417874) Homepage
  • by unicron ( 20286 ) <unicron@LIONthcnet.net minus cat> on Wednesday October 09, 2002 @01:56PM (#4417891) Homepage
    Don't let the 15 year old's working at Taco Bell try to tell you shit about selling out. Especially because you have a family due whatever is necessary to secure your financial future. I would weigh my options, and find out the best scheme involving reward vs. control of project lost. Find a nice happy medium between the two. But please, look at your family, think about all the things a higher standar of living could provide them before listening to anyone with advice like "Make it completely free and open source". You don't have to feed those people, you do have to feed your children.
  • Careful what you say (Score:4, Interesting)

    by harrisj ( 14577 ) on Wednesday October 09, 2002 @01:57PM (#4417899) Homepage
    From my somewhat scanty introduction to patent laws, you might want to be careful about how much you reveal about it before you file a patent or at least provisional paperwork. My company recently did work to patent a product and we were told we couldn't really discuss it with many people. Furthermore, doing an openly public action such as showing it at a trade show before applying the patent would seriously jeopardize the patent process. Now I'm not a lawyer or an expert in patent law, so I can't really say how valid an objection this is, but I'm sharing it here in case it's relevant. If it is correct, I want you to be able to decide whether to patent and not have it decided for you. (Any real experts have a better assessment).
  • by Havokmon ( 89874 ) <rickNO@SPAMhavokmon.com> on Wednesday October 09, 2002 @01:57PM (#4417901) Homepage Journal
    Granted, I'm just a techno dude. But Dictionary.com says:

    A grant made by a government that confers upon the creator of an invention the sole right to make, use, and sell that invention for a set period of time.

    Official or legal permission to do or own a specified thing. See Synonyms at permission.

    I would patent it, then license it. It could be licensed for free use to non-profit groups, and governments could be required to pay a yearly sum.

    But that sounds almost too easy to me :)

  • by TheSync ( 5291 ) on Wednesday October 09, 2002 @01:58PM (#4417908) Journal
    Patenting something (properly) will cost thousands of dollars and will require a patent lawyer.

    The US is a first-to-invent not a first-to-patent country, so make sure you have a hardcopy of your invention description dated and notarized.

    Then let some Net crypto people beat on your idea, make sure you say "Patent Pending."

    If it holds up, you should easily be able to raise the money to get it patented properly. (Actually, if so, email me, I may know a few investors)

    Judging from your description, I'd say your invention has a high probability of not truly doing what you think it does. Developing novel and useful cryptographic technology is a rare occurance, generally done by people who have a ton of experience in the area. No point in wasting money if it won't stand up to 30 minutes in sci.crypt
  • by Lord Greyhawk ( 11722 ) on Wednesday October 09, 2002 @01:59PM (#4417918)
    My invention improves upon the 80 year old One-Time Pad encryption turning it into a 'Many-Time Pad'.

    Information theory proves that the One-Time Pad (OTP) is optimal - it cannot be improved.

    The advantages are proof (i.e. unbreakable) against brute force attacks and known-plaintext attacks (unlike the OTP).

    The OTP has no known-plaintext vulnerability. By submitting even a chosen plaintext to be encrypted, and studying the encrypted message, you only learn the piece of the One-Time pad used on your own content. It does not help you break any other part of any other message.

    The only way to break a OTP is to get a copy the pad or by breaking the random number generator used to create the pad.

    This post's claim is the usual nonsense. So patent it if you wish - release it if you wish - I doubt anyone will find it usable.
    • Information theory proves that the One-Time Pad (OTP) is optimal - it cannot be improved.

      That is not correct. Information theory proves that one-time pad is unbreakable. Optimality, on the other hand, is a whole other thing. For one you have to specify what you are measuring: Security? Easyness of operation? Ability to distribute keys easily (like PKC)?

      Many people think PKC is best because key distribution is a lot simpler than for most other encryption schemes.

    • by AnotherBlackHat ( 265897 ) on Wednesday October 09, 2002 @02:27PM (#4418174) Homepage
      My invention improves upon the 80 year old One-Time Pad encryption turning it into a 'Many-Time Pad'.

      Information theory proves that the One-Time Pad (OTP) is optimal - it cannot be improved.

      Sorry, I can't let that one pass -
      Information theory doesn't prove anything of the sort.
      OTP are provably unbreakable in one, limited sense.
      There's plenty of room for improvement in all the other senses however.

      The OTP has no known-plaintext vulnerability.

      Not true.
      The traditional XOR - OTP is vulnerable to a man-in-the-middle active change attack.
      Picture a bank deposit protected with an XOR OTP.
      The MitM XORs the account number of the victim with (victim's account number ^ MitM's account number)

      This post's claim is the usual nonsense.

      At least we agree on something.

      - this is not a .sig
  • Here's a quote... (Score:5, Insightful)

    by Bald Wookie ( 18771 ) on Wednesday October 09, 2002 @02:00PM (#4417920)
    It is impossible to make money selling a cryptographic algorithm. It's difficult, but not impossible, to make money selling a cryptographic protocol.

    Who said it? Bruce Schneier, one of the current gurus of crypto. Where did he say it? Here on Slashdot [slashdot.org]

    The whole article is worth a read.

    My perspective is that I seriously doubt your claims. Until there is strong peer review of your entire cryptosystem from top to bottom, I won't touch it. Unless it solves some problem with other cryptosystems already in use, the market won't touch it. If you can these two objections then you might have a shot at some money. Otherwise...
  • by Srin Tuar ( 147269 ) <zeroday26@yahoo.com> on Wednesday October 09, 2002 @02:00PM (#4417924)

    There are tons of symmetric encryption methods ranging from patented to totally free. They all have the property of being effectively unbreakable with decent keysizes. Unlike your proposed method, they dont require ridiculously large keysizes. I really dont see the commercial potential, or even the potential for significant non-commercial use.

    The method you describe would actually have significant *disadvantages*, such as being ill-suited for use with asymmetric cyphers.

    The advantages are proof (i.e. unbreakable) against brute force attacks and known-plaintext attacks (unlike the OTP).

    I dont see how a one time pad wouldnt have these properties. Note that the name is One Time Pad, so if you reuse the pad, its not one time anymore.

  • Eat your cake... (Score:4, Interesting)

    by thrillbert ( 146343 ) on Wednesday October 09, 2002 @02:01PM (#4417929) Homepage
    Just because you patent the information, does not mean that it cannot be made available to the Open Source community. There is plenty of software out there that is available for free for personal use, but requires licensing for business use.

    Patenting the software will ensure that *YOU* get some of that dough, while ensuring that *YOU* decide how it is going to be used, and who will use it. If you do not patent it, chances are that someone else will figure out a way to patent something extremely similar to it, and then charge *YOU* to use your software.

    If you need some help with the $20k, let me know. I am almost sure you can raise it by asking 1000 /.'ers for $20 each.. I know I'll be more than happy to help!

    Children seldom misquote you. In fact, they usually repeat word for word what you shouldn't have said.
  • by tezzery ( 549213 ) on Wednesday October 09, 2002 @02:01PM (#4417932)
    The first thing I would do is change my ISP/e-mail address.. no one is going to believe you with your current AOL one.
  • by sssmashy ( 612587 ) on Wednesday October 09, 2002 @02:02PM (#4417939)
    1. Sign a non-disclosure agreement with a reputable encryption expert.

    2. Pay said expert a fee to examine your system and comment on its merit.

    3. If your system has potential but needs adjustment, repeat #1 and #2 as necessary, if possible with different experts (within the limits of your financial resources, of course).

    4. If you are still convinced that your system is worthy, hire a patent lawyer and patent it.

    5. Don't try to sell it on your own. Instead, try selling it to an encryption firm or software distributor, using the expert opinions from #1 and #2 to bolster your sales pitch.

    6. If you find a buyer, try to license your encryption system rather then sell it outright.

    7. ...

    8. Profit!
  • What to do first? (Score:3, Informative)

    by Frobnicator ( 565869 ) on Wednesday October 09, 2002 @02:03PM (#4417947) Journal
    It isn't a matter of "do I patent or publish freely?" since in the US, you can patent a year after publishing. If you really care, the steps should be:
    1. Talk to a lawyer and tell him that you have an idea. If it REALLY IS a good idea, the small investment in a good IP lawyer at that point is a good thing. The idea still needs community work and approval, but you still want to retain ownership should the idea succeed. He should advise you that a patent is a bad idea at that point, a better idea would be one of many publication or trade secret options.
    2. Talk with the community. Post everything about it to all the crypto newsgroups. Get the routines published in the proper community forums and conferences. If it is good enough it will make it into any of the IEEE or ACM conferences. Encourage feedback. That cannot be stressed enough. ANY GOOD SECURITY MECHINISM, PATENTED OR PUBLIC, MUST HAVE ALL ITS PARTS STUDIED CAREFULLY BY EXPERTS. There is no way around that.
    3. Write and publish the extensions. Write the GPG extension, and extensions for the Windows shell, and Outlook, and Eudora, and Pegasus, and everything else. If it doesn't get adopted it won't matter if you patent it since it won't get used.
    4. If at the end of the year it looks profitable, patent it. Your lawyer should have told you that also. If you know that it won't be possible to recoup the money, don't do it.
    So that should answer the original question: "Could I sell enough $10 shareware GPG extensions to compensate for not locking in 20 years of patent protection (and the $20,000 to patent it)?" If at the end of the first year you haven't made a dime and haven't had the routine published or accepted in the community, you probably never will.


  • aol... (Score:5, Funny)

    by zsmooth ( 12005 ) on Wednesday October 09, 2002 @02:03PM (#4417948)
    Does it bother anyone else that the creator of the encryption scheme that will save the world uses AOL? (check his email addy...)
  • by Erbo ( 384 ) <amygalertNO@SPAMgmail.com> on Wednesday October 09, 2002 @02:03PM (#4417949) Homepage Journal
    I suggest you begin by reading this [counterpane.com], and maybe also this [counterpane.com], both by Bruce Schneier, one of the foremost experts in cryptography and computer security today. Then re-evaluate your expectations about the potential success of your new algorithm, because it's possible you're deluding yourself.

    I'm sorry to burst your bubble, but there have been a lot of great mathematicians and cryptographers that have tried to design good, secure algorithms over the past few decades. Very few have actually managed to create algorithms that'll stand up under analysis. You may think you've done so, but it's going to take a lot to convince everyone of that.

  • by L. VeGas ( 580015 ) on Wednesday October 09, 2002 @02:04PM (#4417962) Homepage Journal
    Iay avehay ay ewnay encryptionay ethodmay ootay. Itay amecay otay emay inay ay eamdray.
  • by vlad_petric ( 94134 ) on Wednesday October 09, 2002 @02:10PM (#4418020) Homepage
    IMHO it is much better to become renowned and not make money out of it than waste your money on a patent and get zero return.

    The chances of making money out of a patent are slim. Moreover, the cryptography market is "canibalized" - even if your system is, as you claim, a lot better than the existing techniques, most people will still use something that stood the test of time (e.g. RSA, which has become free)

    Anyway, the US Patent system allows you to publish your idea one year before you file for a patent. Get some peer reviews (a proof is simply not a proof if kept secret) before embarking on a patent adventure.

  • by HEbGb ( 6544 ) on Wednesday October 09, 2002 @02:24PM (#4418151)
    I'm surprised no one has mentioned this.

    A provisional patent costs $85, and you don't need a lawyer. It essentially keeps your patent claim alive for one year, and establishes a filing date, allowing you to disclose the invention without (as much) fear of losing your rights.

    Once you assess it's commercial viability, you can decide on the >$10k formal patent.

    I've done this many times. It's definitely the way to go.
  • by thenerdgod ( 122843 ) on Wednesday October 09, 2002 @02:26PM (#4418159) Homepage
    Memo to the Amateur Cipher Designer

    Congratulations. You've just invented this great new cipher, and you want to do something with it. You're new in the field; no one's heard of you, and you don't have any credentials as a cryptanalyst. You want to get well-known cryptographers to look at your work. What can you do?

    Unfortunately, you have a tough road ahead of you. I see about two new cipher designs from amateur cryptographers every week. The odds of any of these ciphers being secure are slim. The odds of any of them being both secure and efficient are negligible. The odds of any of them being worth actual money are virtually non-existent.

    Anyone, from the most clueless amateur to the best cryptographer, can create an algorithm that he himself can't break. It's not even hard. What is hard is creating an algorithm that no one else can break, even after years of analysis. And the only way to prove that is to subject the algorithm to years of analysis by the best cryptographers around.

    "The best cryptographers around" break a lot of ciphers. The academic literature is littered with the carcasses of ciphers broken by their analyses. But they're a busy bunch; they don't have time to break everything. How do they decide what to look at?

    Ideally, cryptographers should only look at ciphers that have a reasonable chance of being secure. And since anyone can create a cipher that he believes to be secure, this means that cryptographers should only look at ciphers created by people whose opinions are worth something. No one is impressed if a random person creates an cipher he can't break; but if one of the world's best cryptographers creates an cipher he can't break, now that's worth looking at.

    The real world isn't that tidy. Cryptographers look at algorithms that are either interesting or are likely to yield publishable results. This means that they are going to look at algorithms by respected cryptographers, algorithms fielded in large public systems (e.g., cellular phones, pay-TV decoders, Microsoft products), and algorithms that are published in the academic literature. Algorithms posted to Internet newsgroups by unknowns won't get a second glance. Neither will patented but unpublished algorithms, or proprietary algorithms embedded in obscure products.

    It's hard to get a cryptographic algorithm published. Most conferences and workshops won't accept designs from unknowns and without extensive analysis. This may seem unfair: unknowns can't get their ciphers published because they are unknowns, and hence no one will ever see their work. In reality, if the only "work" someone ever does is in design, then it's probably not worth publishing. Unknowns can become knowns by publishing cryptanalyses of existing ciphers; most conferences accept these papers.

    When I started writing _Applied Cryptography_, I heard the maxim that the only good algorithm designers were people who spent years analyzing existing designs. The maxim made sense, and I believed it. Over the years, as I spend more time doing design and analysis, the truth of the maxim has gotten stronger and stronger. My work on the Twofish design has made me believe this even more strongly. The cipher's strength is not in its design; anyone could design something like that. The strength is in its analysis. We spent over 1000 man-hours analyzing Twofish, breaking simplified versions and variants, and studying modifications. And we could not have done that analysis, nor would we have had any confidence in that analysis, had not the entire design team had experience breaking many other algorithm designs.

    A cryptographer friend tells the story of an amateur who kept bothering him with the cipher he invented. The cryptographer would break the cipher, the amateur would make a change to "fix" it, and the cryptographer would break it again. This exchange went on a few times until the cryptographer became fed up. When the amateur visited him to hear what the cryptographer thought, the cryptographer put three envelopes face down on the table. "In each of these envelopes is an attack against your cipher. Take one and read it. Don't come back until you've discovered the other two attacks." The amateur was never heard from again.

    I don't mean to be completely negative. People occasionally design strong ciphers. Amateur cryptographers even design strong ciphers. But if you are not known to the cryptographic community, and you expect other cryptographers to look at your work, you have to do several things:

    1. Describe your cipher using standard notation. This doesn't mean C code. There is established terminology in the literature. Learn it and use it; no one will learn your specialized terminology.

    2. Compare your cipher with other designs. Most likely, it will use some ideas that have been used before. Reference them. This will make it easier for others to understand your work, and shows that you understand the literature.

    3. Show why your cipher is immune against each of the major attacks known in literature. It is not good enough just to say that it is secure, you have to show why it is secure against these attacks. This requires, of course, that you not only have read the literature, but also understand it. Expect this process to take months, and result in a large heavily mathematical document. And remember, statistical tests are not very meaningful.

    4. Explain why your cipher is better than existing alternatives. It makes no sense to look at something new unless it has clear advantages over the old stuff. Is it faster on Pentiums? Smaller in hardware? What? I have frequently said that, given enough rounds, pretty much anything is secure. Your design needs to have significant performance advantages. And "it can't be broken" is not an advantage; it's a prerequisite.

    5. Publish the cipher. Experience shows that ciphers that are not published are most often very weak. Keeping the cipher secret does not improve the security once the cipher is widely used, so if your cipher has to be kept secret to be secure, it is useless anyway.

    6. Don't patent the cipher. You can't make money selling a cipher. There are just too many good free ones. Everyone who submitted a cipher to the AES is willing to just give it away; many of the submissions are already in the public domain. If you patent your design, everyone will just use something else. And no one will analyze it for you (unless you pay them); why should they work for you for free?

    7. Be patient. There are a lot of algorithms to look at right now. The AES competition has given cryptographers 15 new designs to analyze, and we have to pick a winner by Spring 2000. Any good cryptographer with spare time is poking at those designs.

    If you want to design algorithms, start by breaking the ones out there. Practice by breaking algorithms that have already been broken (without peeking at the answers). Break something no one else has broken. Break another. Get your breaks published. When you have established yourself as someone who can break algorithms, then you can start designing new algorithms. Before then, no one will take you seriously.

    Creating a cipher is easy. Analyzing it is hard.

    See "Self-Study Course in Block Cipher Cryptanalysis": http://www.counterpane.com/self-study.html
  • Publish it.... (Score:3, Informative)

    by nweaver ( 113078 ) on Wednesday October 09, 2002 @02:26PM (#4418160) Homepage
    A) Patenting requires a few thousand dollars easily. Questionable value if what you have turns out to be valueless.

    B) The fundimental building blocks for crypto these days are all patent free: You have free hashes, free block cyphers (AES), free public key (RSA). There is no reason for someone theses days to choose a patent-entangled encryption primitive.

    C) A one time pad is not vulnerable to known plaintext. I don't know what the poster is talking about. Since one time pads are never reused, the known plaintext tells NO information about the rest of the pad.

    D) For the US, you can publish THEN patent, you do have a year between when there is a public disclosure and when you can patent it. This does NOT apply to non-US patents. But since the US is at least half the market, who cares about the rest?

    D is really critical, because the post does raise many "snake oil" warning flags. If it's NOT snake oil, he can disclose it and patent it after people at least get a look at it. If it IS snake-oil, then it can be shot down before spending the k$s needed to patent it.
  • by Ratbert42 ( 452340 ) on Wednesday October 09, 2002 @02:26PM (#4418168)
    The intersection of the sets {AOL users, guys named Kip, actual inventors} is null.
  • by eagl ( 86459 ) on Wednesday October 09, 2002 @02:31PM (#4418215) Journal
    Create a little tune and lyrically read your patent submission, any source code, and detailed description of your technology. Then the MPAA's actions will cover you. ROT-13 it and the DMCA will also cover you especially if you also distribute decoder rings with your developer's package (pricing and availability not specified at press time)
  • by autopr0n ( 534291 ) on Wednesday October 09, 2002 @02:34PM (#4418242) Homepage Journal
    I seriously doubt you've found anything substantial that some of the worlds greatest mathematical minds just sort of 'passed over'. I mean, seriously. It's been proven that the only secure encryption technique is OTP. You could no more have come up with something more secure then I could add 2 + 2 and end up with 64,000.

    Finally, you can actually both "give it to the world" and "make money". In fact, the whole point of the patent system is to get people to give out their secrets by granting them a limited monopoly.

    If you really have something worth while, you can simply license you're concepts for general use. Public Key crypto has been patented for 30 years (almost expired) but it's used everywhere and has been a great boon to secure communications. Why? Because the authors licensed it for reasonable rates and allowed it to be used for free.

    Patents only cost about $700, and once you get one it's yours for the next N years (or whatever, not sure about the exact number of years, it may be different in different fields). You can still let people use it for N-1 years and then try to get money out of it in year N (see the Unisys GIF patent). Patents aren't like trademarks where you have to keep policing them or you lose them, despite what morons on Slashdot (such as Hemos, even... btw whatever happened to him?) seem to believe.

    One other thing:

    The advantages are proof (i.e. unbreakable) against brute force attacks and known-plaintext attacks (unlike the OTP).

    If I'm reading this right, you seem to think OTP is susceptible to brute force attacks. If this is true, you basically know jack about encryption.
  • I would... (Score:3, Funny)

    by blackbeaktux ( 525688 ) on Wednesday October 09, 2002 @02:38PM (#4418286)
    ... name the algorithm threefish, then sell the patent and name to Microsoft, then watch Counterpane sue them and then read Bruce add another reason to hate Microsoft security on Crypto-Gram, like he does every other issue.
  • by kevinank ( 87560 ) on Wednesday October 09, 2002 @02:40PM (#4418301) Homepage
    I'm afraid you've fallen into a very common trap. You imagine that because a One Time Pad is unbreakable, that it is also 'the best' encryption imaginable. It isn't.

    Encryption is the ability to spread a limited source of entropy over a broad amount of data. The One Time Pad simply recognizes that if you have equal amounts of entropy and data then you don't need a very good mixing algorithm; just XOR the data with the pad and voila, the data becomes unreadable.

    The challenge of good algorithms is to limit the amount of entropy needed to generate unreadable text to as small a size as possible. Typical algorithms in use today will by changing a single bit in the key, ultimately flip about 50% of the encrypted output. Half of the bits is optimum. Fewer and your entropy isn't getting mixed in very well. More and your bit is just inverting the data.

    If you really want to contribute to the world of cryptography, don't bother with encryption algorithms. The ones we have are quite good. Honestly. Instead you should try to figure out a new use for the basic operations in cryptography. We know how to protect content, add signatures, authenticate content, and do non-repudiation. We can encrypt for a small number of readers each with his own key, or for broadcast, we can build webs of trust, and hierarchies. Come up with a new use that makes as much business sense as digital signatures and you'll have something worth patenting.

  • by noahtheviking ( 615018 ) on Wednesday October 09, 2002 @05:41PM (#4419874)
    There is a little known loophole in the filing of patents that allows you to mail your idea to them. Once the letter arrives, you have 2 years to file the patent for your idea (that is just the submission, not the entire process).

    This loophole exists for people like you who have an idea, but are not willing to pay a patent lawyer without testing it.

    PS: This is my first slashdot post, so please be kind...
  • by rknop ( 240417 ) on Wednesday October 09, 2002 @06:16PM (#4420139) Homepage

    Your description sounds like the classic descrption of what Bruce Schneider calls "snake oil". You have a great new encryption algorithm that you've been sitting on.... If you've been sitting on it, nobody knows if it's any good. The best cryptographers don't really know if their algorithm is really any good until lots of other cryptographers have had time to beat on it and test it. The only algorithms that anybody with any sense will use are ones that have been open, and for a long time, so that they can truly be scrutinized.

    So, in a word, it doesn't matter. I'd rather you didn't patent it, because software patents are generally evil anyway, and if the algorithm turns out to be useful for something, it could create headaches later. But, as far as cryptography goes, if it is truly as you describe, it's effectively worthless at the moment, and will continue to be so until lots of people have had a chance to see and work on the algorithm.


"Never give in. Never give in. Never. Never. Never." -- Winston Churchill