• 0

My Encryption Algorithm...


Question

I was unsure what forum to post this in...

I've been working on an encryption algorithm for sometime now which I simply call Cypher. The problem is the max keylength is 131072 bytes (128k). Because of this, I worry that it would be illegal to release this algorithm.

Back in Jan '04, a friend opened up a Sourceforge project for me, located here. Because of the 'legal' issues, I have yet to upload anything to this page. And due to the inactivity, somebody has put in a request to take the project name "Cypher". Details on that can be found here. I'm unsure if I should let them take over the project or not.

I was hoping to find someone here on Neowin who might know a thing or two about this. I need to know if it would be worth the trouble, if there might be some chance that it would be legal for me to upload source files for Cypher.

Please don't bring up issues about security. I personally have no proof that the algorithm is secure, other than my own recognition. I'm sure no one here trusts me, and I don't blame you either. I can assure you this is much more than just some crappy XOR encryption though...

Link to comment
https://www.neowin.net/forum/topic/336243-my-encryption-algorithm/
Share on other sites

8 answers to this question

Recommended Posts

  • 0

IANAL, but in general, it should be OK, because ITAR no longer classifies strong cryptography as arms. Although you said don't mention security... I don't want to be to discouraging, but cipher design should really be left to the experts...

Also, http://www.rsasecurity.com/rsalabs/node.asp?id=2327 has some more notes about this subject.

  • 0

Thanks for the reply zeta.

Quoted from the link:

Today, any cryptographic product is exportable under a license exception (that is, without a license) unless the end-users are foreign governments or embargoed destinations (Cuba, Iran, Iraq, Libya, North Korea, Serbia, Sudan, Syria, and Taleban-controlled areas of Afghanistan as of January 2000).

I'm not sure what they would consider 'exporting' under these laws. For example, if I were to upload code to a server, and a person from one of those areas downloads it, could I get in trouble for that?

  • 0
  xinok said:
Thanks for the reply zeta.

Quoted from the link:

Today, any cryptographic product is exportable under a license exception (that is, without a license) unless the end-users are foreign governments or embargoed destinations (Cuba, Iran, Iraq, Libya, North Korea, Serbia, Sudan, Syria, and Taleban-controlled areas of Afghanistan as of January 2000).

I'm not sure what they would consider 'exporting' under these laws. For example, if I were to upload code to a server, and a person from one of those areas downloads it, could I get in trouble for that?

586114988[/snapback]

put a licence agrement on it, basically saying do not use if you are in these countrys

  • 0

I *think* it's safe to export source code, but it was illegal to export actual strong encryption software. Now these rules are changed to the ones mentioned above.

This trick was used by PGP to circumvent the export restriction. The code was exported, compiled in another country but the US and the imported in binary form. This way it was legal.

So I think it's perfectly safe to upload your sources to sourceforge. (but don't hold me liable if this is not 100 percent accurate)

  • 0
  MurrayF1 said:
put a licence agrement on it, basically saying do not use if you are in these countrys

586115012[/snapback]

Sounds good :)

For now, I'm going to reclaim my Cypher project on Sourceforge. Then I should probably find somebody to write a license agreement for me, as I'm sure I would mess it up :blink:

I'm still gonna hold back on releasing source code until I'm absolutely sure its safe, but hopefully I'll be able to do so soon enough.

  • 0
  code_monkey said:
http://www.crypto.com/exports/ - Send the email and you should be fine.

586115204[/snapback]

Thanks a lot for that link. So just to be sure, I simply send an email with a URL to where the source code will be available? And should I wait for a reply in my email or anything before uploading the code?
  • 0
  xinok said:
Thanks a lot for that link. So just to be sure, I simply send an email with a URL to where the source code will be available? And should I wait for a reply in my email or anything before uploading the code?

586115329[/snapback]

I've fairly certain that its just notification, you don't need a confirmation.

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Posts

    • Microsoft's "Athena" AI: A blueprint for your own dev team's productivity boost by Paul Hill Last month, Microsoft made many developer-oriented announcements at its annual BUILD conference. One of the tools that it announced at the time was called Athena, an artificial intelligence agent that lives in Microsoft Teams and aims to speed up product development processes. Now, however, Microsoft has released the blueprint of Athena so anyone can begin implementing a similar helper for their work. Rather than just another chatbot, Athena is a deeply integrated agent accessible through Teams that helps to connect people, tools, and data throughout the product development process. Athena is smart enough to work out what needs to happen next and helps team members get it done without having to go to different applications - Athena controls it all from Teams and you just have to communicate in natural language. Athena can be embedded in several developer workflows including Teams, Azure DevOps, and GitHub. Perhaps the greatest thing about Athena is that it’s not a new product being sold by Microsoft, but rather a methodology and open-source template (Dex) that organizations or individuals can take to build their own AI agents, allowing for more customization. To get started with Athena, you'll want to set up the Dex agent. Microsoft has also published a breakout session video about Athena so you can take a deeper dive. Who it affects, and how The primary beneficiaries of Microsoft’s decision to release Athena open source are engineering teams everywhere who will be freed from boring, repetitive tasks such as pull request (PR) reviews, work item management, and security checks. This will let them get on with coding new features and innovating - something that Microsoft has been pushing hard for since the start of the latest AI revolution. For product managers and engineering leaders, Athena also looks set to be incredibly useful as they will get better real-time visibility into the status of projects, if a release is truly ready for launch, and to ensure the team is aligned. Organizations from small to large will be able to benefit from using Athena. Due to its open-source nature, Athena can be tailored to meet specific development processes. This could unlock faster delivery cycles and improve code quality across the board. Why it's happening Athena is already being used internally at Microsoft by over 2,000 of its engineers. The Redmond giant explained that this has led to “measurable gains” in speed, quality, and focus. Aside from faster review cycles for developers, Athena is also surfacing release-blocking bugs earlier, enabling the consistent completion of security and privacy workflows, and providing quicker health assessments so that teams can gauge the overall health of their software delivery. By handling all these more boring tasks, Athena can free up developers to build more features into their projects. It also has the potential to speed up delivery times so that end users can use the new software faster, and with potentially less bugs. We often hear the term “democratization” in tech, a process that makes technologies more accessible and affordable. According to this definition, Microsoft’s release of Athena delivers on democratizing AI for developers as its open source and allows people to integrate AI Into their workflows, without starting from scratch. The move also aligns with Microsoft's AI strategy, that is, putting it all throughout its products. Copilot is probably the most notorious for its omnipresence in essentially every Microsoft product including Windows and Edge. Unlike Copilot, developers get a bit more freedom with Athena, but it’s still tied up with Microsoft products, namely Teams and GitHub. Caveats and what to watch for While it’s great that Microsoft is making its Athena blueprint accessible, one issue is that developers may still find it a bit complex to implement as there are still specific customizations organizations will want to make. Additionally, this solution involves a more involved setup process as outlined in the GitHub README. Another thing organizations should be wary about is data privacy and security implications when it comes to integrating with sensitive internal systems. Organizations that are working on secretive projects probably wouldn’t want to use Athena as this could put sensitive code in the hands of third parties. It’s not only technical issues that need considering either, there is also the human element. Some people may have concerns about AI hallucinating or ethical concerns around job security that could hurt adoption. To this end, Microsoft has reaffirmed that Athena is supposed to assist teams only, not replace team members. While Athena can be extremely useful, as shown by the results internally at Microsoft, human oversight and judgment will still be vital. Complex decision and creative problem-solving in development are some areas where a human still needs to be involved. Source: Microsoft
    • How could it not be optional? ChatGPT isn't going to guess people's credentials :P
    • Mmmm, spread too thin into 2 quite different things
    • Only good thing shown at the showcase and it's not even an exclusive. And people keep saying that Xbox has no games 😅 Microsoft is going to wipe the floor with Sony this weekend.
    • flight? Maybe if they call it an arcade stick that'll help.
  • Recent Achievements

    • First Post
      James courage Tabla earned a badge
      First Post
    • Reacting Well
      James courage Tabla earned a badge
      Reacting Well
    • Apprentice
      DarkShrunken went up a rank
      Apprentice
    • Dedicated
      CHUNWEI earned a badge
      Dedicated
    • Collaborator
      DarkShrunken earned a badge
      Collaborator
  • Popular Contributors

    1. 1
      +primortal
      382
    2. 2
      +FloatingFatMan
      176
    3. 3
      ATLien_0
      174
    4. 4
      snowy owl
      169
    5. 5
      Xenon
      133
  • Tell a friend

    Love Neowin? Tell a friend!