ANNOUNCEMENT: RPK ENCRYPTONITE ENGINE CHOSEN

Jack Oswald joswald at rpkusa.com
Mon, 01 Feb 1999 17:40:25 -0800 

All - We have been requested to join the discussion.

First of all, there has never been, and never will be any intention to
hide any of the methods, techniques or any other element of how RPK is
used and implemented.  Therefore, I am as concerned as you are that you
were not able to find all of the answers to your questions at our web
site.  If you have not yet found it, on the web site www.rpk.com is a
Downloads page where you will find two 25-page(+/-) papers that describe
the algorithm in detail.  If that has not been sufficient, we may be
able to make available directly to individuals who request one of our
toolkits with source code purely for the purposes of evaluation and
analysis.  The source code is the definitive implementation.

Also, other analyses have been done which have yet to be made public. 
We will do so as soon as we can obtain all of the necessary releases.

Also, in the future, please fell free to contact us directly.  We have
nothing to hide.  Our business is based on the fact that RPK works as
marketed.  If anyone can prove otherwise, we sincerely need to know.

Jack Oswald
President and CEO
RPK Security Inc.
"Securing the Internet"

joswald@rpkusa.com
+1 415-563-1800
+1 415-440-0950 fax

www.rpkusa.com
www.InvisiMail.com

1755 Filbert Street, Suite 1U
San Francisco, CA 94123



-----Original Message-----
From:	owner-ukcrypto@maillist.ox.ac.uk
[mailto:owner-ukcrypto@maillist.ox.ac.uk] On Behalf Of William Whyte
Sent:	Sunday, January 17, 1999 7:10 AM
To:	'ukcrypto@maillist.ox.ac.uk'
Subject:	RE: ANNOUNCEMENT: RPK ENCRYPTONITE ENGINE CHOSEN

[I said...]
> > It's annoying that people don't realise that RPK is actually only
> > about as fast as Diffie-Hellman; it's a public-key operation with a
> > bolted-on stream cipher.
[Jim said...]
> Perhaps annoying, but not surprising: I browsed their website and can't
> find a description of what they're really doing.  I'm left with the
> impression that the stream cipher part is a home-brew invention that's
> been looked at by a grand total of two outside cryptographers -- one each
> stream cipher specialist and public key specialist.  Do I have that right?
> Could a serious company rely on security through obscurity in this day and
> age?

I haven't looked at the site in any detail for a year or so, but as I 
remember they use the first 256 bytes of output from the LFSR to create
a permutation box, and the remainder forms an XOR stream. They then have
a kind-of block cipher, where each block is 256 bytes and is permuted
according to the permutation box and then XORed with the current output
from the LFSR. There's things like "stutter" put into the LFSRs to
make them slightly trickier to follow, and the basic set-up is to have
two main shift registers and a third one to select whether the next byte
of output is from the first or second of the main registers.

So that much was clear, at least a year ago. But it's still not _quite_
enough detail to be sure.

It's a bit unfair having this discussion behind their backs. Does anyone
fancy getting someone from RPK to subscribe to UK Crypto?

William