• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Encryption
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Encryption

  • Subject: Re: Encryption
  • From: Robert Tito <email@hidden>
  • Date: Wed, 07 Jan 2004 16:01:15 +0100
Hi all,

This was part of the posting also:

First I must clarify the role of VZG. It is not an insurance company and it
is not the manufacturer of Salutis. The company acts as the reseller for the
Dutch market.

Salutis uses encryption engines that are available to the cryptographers and
most of the engines where candidates for the new NIST standard encryption
algorithm as examples MARS, SERPENT, TWOFISH, RIJENDAEL etc.

Salutis is unique because it uses a network of encryption engines. This
network will change for each encryption process to a different random
selected encryption engine. Random is impossible for a computer and the
manufacturer uses several NIST pseudo random number generators such as
defined e.g. at the NIST site.

What is an encryption engine? It is executable code based on an encryption
algorithm. The code is autonomous which allows for reorganizing data in a
random way. Each engine will encrypt with a 256 bit key for every 128 or 256
bit of data dependent upon the chosen engine.

Critics will point out that it is a bad practice to encrypt the information
with encryption engines in a serial process mainly because there is a
synchronization problem. Therefore, the information is distributed in chunks
of 256 bits and these chunks send this information across the network of
encryption engines. For the careful observer it is a network of processes
that is created to send information in chunks to a for that chunk chosen
encryption engine. The basic version of Salutis used five different
encryption engines.

Timestamps are essential to determine when the message was send and if the
user was trusted at the time. Timestamps to create a key are a bad practice
as demonstrated by the SSL incident. However Salutis uses the timestamps as
a reference point and searches the index of the code book. The code book is
part of the certificate and is generally speaking altered each month. This
unique code book concept allows sending encrypted information without the
need of sending a key not any information about the encryption process.

The web of trust is complex as used in all secure data transmitions and
specifically less bothering with transactions as database driven
occurrences. This is a problem not yet solved in a proper way with any
PKI/PKC concept. Salutis keeps things simple. The web of trust must be setup
by the organization and there is no need for the user to verify the
authenticity anymore. The process to verify the authenticity is hidden from
the prying eyes of the users. The security officer is the sole person able
to determine who, when and where information was send from.

Salutis doesn9t allow the user to interfere in the encryption process. It4s
designed for good quality encryption at all times.

A list of literature references will follow asap.
The actual documents are too large to get posted, I do have to look the
links up again as I have them as pdf.

We are gearing things up for the task, we do need to disconnect machines
from a network and get capacity freed from (paid) jobs so it might take a
few days before we actually start. But then it will be reported: start time
and end time, no need to be fooling around.
There also will be an engine posted in assembler. Just one of them since
there goes the same: it is too tightly enwrapped in the enigma network we
have created, and that network is our company's secret.


Regards

Rob



On 7-1-2004 15:10, "Steve Bird" <email@hidden> wrote:

> On Jan 7, 2004, at 8:52 AM, Chris Ridd wrote:
>
>> On 7/1/04 1:26 pm, Robert Tito <email@hidden> wrote:
>>
>>> Tobias,
>>>
>>> This was posted yesterday
>>> Regards
>>>
>>> Rob
>>
>> I don't seem to have received it here, and I can't see it in the
>> archives at
>> cocoa.mamasam.com either. Can you resend it please?
>
> My MAIL threads show there was nothing on this thread from
> 2004.0103.0901 until 2004.0107.0728 (EST).
>
> Unless it was encrypted, so that MAIL couldn't recognize it...
>
>
> ----------------------------------------------------------------
> Steve Bird
> Culverson Software - Elegant software that is a pleasure to use.
> www.Culverson.com (toll free) 1-877-676-8175
> _______________________________________________
> cocoa-dev mailing list | email@hidden
> Help/Unsubscribe/Archives:
> http://www.lists.apple.com/mailman/listinfo/cocoa-dev
> Do not post admin requests to the list. They will be ignored.
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.
References: 
 >Re: Encryption (From: Steve Bird <email@hidden>)

  • Prev by Date: Cocoa Application Without GUI
  • Next by Date: Re: Cocoa Application Without GUI
  • Previous by thread: Re: Encryption
  • Next by thread: Re: Encryption
  • Index(es):
    • Date
    • Thread