This is my cryptography page. Recently I've been reading a wonderful book called Applied Cryptography, and for a couple of reasons I thought it would be a good idea to put some of the ideas I've had while reading it here. The reasons are:

  • I didn't think I had anything on my webpage yet which was really hard-core geeky
  • It is really illustrious to have something on my page which might end up being export-controlled by the NSA
  • I like making stuff
  • I think it might potentially be useful

Note that none of these reasons are "these are good ideas" or "I'm hoping to sell them", because I really don't have the training or experience to believe either. All of the ciphers and related source code are released under the GNU public license, so feel free to take the ideas, improve them, use them, and enjoy. But be warned that these are just my ideas, untested, unguaranteed.

REPEAT: I am not a trained cryptographer. All of the things I say seem true to me, but none are supported by the sort of mathematical rigor which makes a real cryptographic algorithm good.

That said, I do hope that some of this is useful to someone. Take it, get ideas from it, make good ciphers from it. Or show me huge faults in it. That's what it's here for.

Tom7-fselect: a stream cipher using independent generators and several combining functions
Tom7-skipstate constructions: Some constructions based on skipstate generator devices.
Tom7-inline-bridge: for combining inline generators
Tom7-byteselect: another stream cipher which uses a key-dependent substitution driven by 8 inline generators
Tom7-ecrypt: a stream cipher using an imaginary processor with 256 bytes of memory.

stat program for tentatively testing bit distribution

I use a number of terms when talking about this stuff, some of which I made up. Here is what I mean when I say certain things:

Generator: Any circuit with the following properties:

  • Has internal state.
  • In one cycle, produces a bit 0 or 1 on its output which is determined from its internal state, and advances its internal state.
  • If unclocked, produces a bit each cycle.
  • If clocked and its clock line is high, it advances its internal state and produces an output.
  • If clocked and its clock line is low, it repeats its previous output.

    And, optimally:

  • Has a long period before repeating.
  • Produces statistically random output.
  • Is reasonably implemented in hardware or software or both.

n-input Generator: A generator with n inputs. The generator should perform as an ordinary generator when the input lines are low, and should output different random bits when the input line is high (uncorrelated to the input stream). Two or more multiplexed standard generators would qualify. Performing a xor operation with the input line and the output of a generator would not, because the output is highly correlated to the input stream.

Inline Generator: A 1-input generator. A skipstate generator is a good example.

LFSR: "Linear Feedback Shift Register". A sort of generator which consists of a shift register (a sequence of bits which shift to the right each cycle), in which the leftmost bit is replaced by the exclusive-or of certain bits in the register. The output of this generator is the least significant bit. A more in-depth description of LFSRs and a table of useful bit-tapping sequences (bad choices can give extremely poor generators) can be found in Applied Cryptography.

Back to Tom 7's CMU Page.