Scott Brickner writes:
"Perry E. Metzger" writes:
Amateurs pretending that they are professionals going out and selling snake-oil crypto are one of the biggest threats in our business.
and then...
I suspect it would take a real cryptographer very little effort to break your system, but that no one will bother doing so because it isn't really worth anyone's time.
Well, Perry, if it's really such a threat, isn't it worth someone's time to combat it?
Wasn't that point driven home by the Netscape PRNG problems?
Netscape is in wide use. If a substantial number of people bothered to use the Privsoft, then it might be worth breaking it. As it stands, I don't think its worth my while. Maybe someone out there wants to bother to do it as an exercise. It unfortunately has a bit of added complexity because you have to learn a bit about image statistics in order to do a good job of segregating the images, but it also looks like you might be able to use multiple anagramming to get a nice handle on the thing so your statistics don't have to be particularly good. Perry