Stories
Slash Boxes
Comments

SoylentNews is people

Open Sourcing FNR an Experimental Block Cipher

posted by janrinok on Monday June 23 2014, @08:13PM   Printer-friendly
from the who-would-have-trusted-them-if-it-hadn't-been-opened? dept.

AnonTechie writes:

CISCO is offering up an experimental cipher which, among other things, could help preserve the anonymity of data in cloud environments. In putting what it calls "FNR" (Flexible Naor and Reingold) into the hands of the public ( http://blogs.cisco.com/security/open-sourcing-fnr-an-experimental-block-cipher/ ), CISCO says its work is currently experimental rather than production software.

The FNR specification, described here ( http://eprint.iacr.org/2014/421.pdf ) (PDF), explains that privacy of fixed-length fields (such as collected in NetFlow formats) is an emerging challenge for cloud providers, who collect lots of telemetry for analysis and don't want to change their field formats to encrypt the information.

 
This discussion has been archived. No new comments can be posted.
Open Sourcing FNR an Experimental Block Cipher | Log In/Create an Account | Top | 13 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 3, Informative) by opinionated_science on Monday June 23 2014, @09:00PM

    by opinionated_science (4031) on Monday June 23 2014, @09:00PM (#59135)

    maybe. but i would not trust a cipher until it has been vetted by the mathematicians(!) The implementation also needs to be vetted by CS experts, but the basis for encryption is mathematical, not computational.

    This is why backdoors are often subtle inhomogeneities in external information (e.g. bad random numbers, incorrect primes, special constants). Since ultimately all mathematics is blind to the data, the data carries its own baggage!!!

    Starting Score:    1  point
    Moderation   +1  
       Informative=1, Total=1
    Extra 'Informative' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   3  

  • (Score: 1) by cyrano on Monday June 23 2014, @09:31PM

    by cyrano (1034) on Monday June 23 2014, @09:31PM (#59148) Homepage

    What they are trying to do is implementing flexible Naor and Reingold in a very safe way, building on vetted fundaments (Feister).

    Naor and Reingold have been proven by mathematicians and by open sourcing everything, the implementation can be audited by anyone.

    --
    The quieter you become, the more you are able to hear. - Kali [kali.org]

    • (Score: 2) by juggs on Tuesday June 24 2014, @05:31AM

      by juggs (63) on Tuesday June 24 2014, @05:31AM (#59256) Journal

      Wonderful, the implementation can be audited. Doesn't really help if the unencrypted payload is being snarfed by some evil chippery before hitting the encryption algorithm.

      And from there it's turtles all the way down maaaan! :D