Talk:eSTREAM

From Wikipedia, the free encyclopedia
Jump to: navigation, search
WikiProject Cryptography / Computer science  (Rated Start-class, Low-importance)
WikiProject icon This article is within the scope of WikiProject Cryptography, a collaborative effort to improve the coverage of Cryptography on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.
Start-Class article Start  This article has been rated as Start-Class on the quality scale.
 Low  This article has been rated as Low-importance on the importance scale.
Taskforce icon
This article is supported by WikiProject Computer science (marked as Low-importance).
 

Big Momma Table[edit]

I'd suggest removing the submitters from the big momma table, to shrink it considerably. I'd like to add a column that covers whether eSTREAM have published any cryptanalysis too... — ciphergoth 11:13, September 5, 2005 (UTC)

Personally, I find the names of the designers to be helpful summary information ("ah, that's Biham and Seberry's design"). That is, if you've heard of the cryptographers before, it's useful. Maybe we can take a couple of the "big team" rows like DECIM and SOSEMANUK, and replace most of them "et al"?
A column on published cryptanalysis would be very handy, and perhaps one on "type" as recorded on the individual pages (self-synchronising or synchronous)? — Matt Crypto 11:24, 5 September 2005 (UTC)

It looks to me like we need a better way to display cipher status in the table. Crossing out names makes them hard to read, the reference links next to them are far from informative, and with all the broken-fixed-unbroken-withdrawn changes back and forth there are so many statuses. Can't just cross them out. I propose changing the row's background colour reflecting the cipher's current status. Let's say white or light green for those with no attacks against them (that includes Salsa-20 and all other erroneous/bogus attacks), light gray for 'broken and fixed', yellow or light brown for 'broken and not fixed yet', and red or pink for 'broken and withdrawn', and maybe also light blue for 'attack published but not confirmed yet'. We can add a short list describing the colours above or below the table. Any other ideas? Ruptor 13:11, 7 October 2005 (UTC)

You're right. The only quibble I'd add is that colour has disadvantages as a way of doing these things - not everyone browses in colour, including those on mobile devices or using text-to-speech or versions of Wikipedia rendered for portable devices and such. Perhaps what we need are symbols, the way you get symbols in product reviews indicating features. We could choose a few suitable-looking Unicode characters, and provide a key at the top or bottom of the table. Suitable Unicode dingbats might include ✘, ✔, ☀, ☺, ☻. I'm not sure "broken and fixed" means much - eSTREAM aren't accepting fixes AIUI, so once broken the cipher is out of the eSTREAM race. The authors may propose a successor, but that isn't much to do with eSTREAM any more.
Another tricky problem is how to be NPOV about breaks. An-Ping's "analysis" of Salsa20 is undoubtedly bogus, but it's not clear what verifiable, NPOV fact we're referring to when we treat it differently to any other attack that hasn't been acknowledged by the cipher authors. I'd be interested in your ideas here. — ciphergoth 13:40, 7 October 2005 (UTC)
Another case is where Courtois claims an attack which breaks SFKINKS, but Bernstein disagrees. It's difficult when the state of affairs is constantly changing. Perhaps, for the short term, we should just bite the bullet and use a different colour for any disputed break, even one that seems very dubious (like An-Ping's). I suspect that we'll reorganise the table once the Phase II "finalists" are chosen anyway, and at that point we can use the eSTREAM report (which will presumably be published at that point) as a fair judge of whether an attack is accepted. — Matt Crypto 11:49, 8 October 2005 (UTC)
Now Dragon joins the problematic list. Again the break is disputed, but in this case it looks to me like the break is good; the cipher authors claim it requires a large amount of output from a single key/IV pair, but this isn't so, it can work using the output from many IVs. An anon user removed the attack from the table, but I've restored it, marking it disputed. — ciphergoth 07:03, 13 October 2005 (UTC)

Cleanup notice[edit]

This article is being actively maintained, so there's no need for a cleanup notice - I've reverted that change. Please discuss what failings you feel the article has that call for a cleanup here in Talk. — ciphergoth 06:39, September 7, 2005 (UTC)

Organising the table again[edit]

Key
F a "Focus Phase 2" cipher
2 A "Phase 2" cipher
A An "archived" cipher
M Includes a mac
P Patented
Cipher eSTREAM
webpage
Profile 1
(software)
Profile 2
(hardware)
Properties Submitters
Dragon [1] F Ed Dawson, Kevin Chen, Matt Henricksen,
William Millan, Leonie Simpson, HoonJae Lee,
SangJae Moon
Grain [2] F Martin Hell, Thomas Johansson and Willi Meier
Phelix [3] F F M Doug Whiting, Bruce Schneier, Stefan Lucks
and Frédéric Muller
Salsa20 [4] F 2 Daniel Bernstein

Here's a proposal for how the table should look. Feel free to directly edit it to improve the proposal. I'm doing it here rather than the article space since things like adding or moving columns is easier when there are only a few example ciphers in the list.

You will note that this removes all the information on what is broken and what isn't. This is because it's proving incredibly hard to summarize; some ciphers have been through many tweaks and variants, and many breaks are disputed - for example, Biham disputes my and Sekar et al's attack on Py (cipher). We link to the eSTREAM page which lists everything everyone's written about a cipher; if we want to provide more information on its security we should report it in the article about the cipher rather than trying to summarize it in this table.

I look forward to your edits. Probably best to comment on them as replies to these paragraphs and to leave the table as the first thing in this section, otherwise it will get hard to read. — ciphergoth 14:12, 1 April 2006 (UTC)

Very late reply on this, sorry. Yes, I agree that the proposed table looks much better and that is probably best to track changes in attacks, status etc for the candidates on their respective page. One thing I would like to see in the table though is key length and claimed strength in bits. Or is that too much detail also? /Joachim
Also very late reply from me. I think the table is fine the way it is. As for the attack status, there is a reason that not even eSTREAM itself makes definite claims about that. I think that Wiki is the wrong place to make disputed claims about the cipher security before an official eSTREAM statement exists. Erik Zenner 11:32, 4 May 2006 (UTC)
Tricky question. In theory, the only requirements for putting something on Wikipedia are that it be verifiable, NPOV and not original research; even Li An-Ping's attacks on Salsa20 meet these criteria even though everyone else knows that they're garbage. In practice, however, notability is also taken into account. One cound try and argue that An-Ping's attacks are not notable, but I think that could be considered to be POV. So the attacks are mentioned in the Salsa20 article, along with the reception they've received from the community.
To put it another way, I don't think mentioning the existence of unconfirmed attacks is a problem (the Py attacks definitely belong on that page, in my biased opinion) but I don't want to try and summarize the attack status of a cipher, because that would introduce big distortions. So I've moved it out of the table; it can live in the articles for each cipher. — ciphergoth 13:22, 4 May 2006 (UTC)

I have added a list of the Phase 3 candidates. Can I ask someone better than me to put them into a Phase 3 table please. rossum 2007-06-10

Why were the Phase 2 non-focus ciphers cut out of the page? Either they should be added back in, or the Phase 1 ciphers should be removed too. 80.202.214.164 15:00, 1 September 2007 (UTC)

Combining less significant cipher pages[edit]

Looking at a few random cipher pages (e.g., Frogbit, CryptMT, TRBDK3 YAEA), I notice they have very little content and hardly seem worth having dedicated pages for each. Stories/games often have a single page for lists of lesser characters/places/events. How about a single page for eSTREAM submissions that haven't received as much attention? 198.205.33.93 18:40, 5 December 2006 (UTC)

I don't see why we shouldn't, particularly when a cipher's only notability is within the context of eSTREAM. If we get too much detail on any one cipher, we can easily split it out to its own page again. — Matt Crypto 21:26, 5 December 2006 (UTC)

Rabbit Patent Status[edit]

The current text says that "Rabbit is the only one to which a patent applies, and it was announced that this would be the subject of an immediate free worldwide license in October 2008". In fact, no patent applies to Rabbit. Rabbit was patent pending during the eStream project. Now the company has abandoned the patenting altogether, i.e. the cipher is patent free. Ciphergoth, do you want to change the text yourself, or shall I make a proposal? We also have to change the text on the Rabbit_(cipher) page accordingly. --Erik Zenner (talk) 13:37, 16 December 2008 (UTC)

I would suggest keeping a very brief (one sentence if possible?) mention that it was originally pending, and the patent app was abandoned. And it would be really nice if the abandoned statement be sourced with a reliable reference. But yes, plesae feel free to make the change! Have fun! —Mrand TalkC 14:21, 16 December 2008 (UTC)
Okay, I've changed the text as to reflect the situation better. There is no official source for the statement that Cryptico (the company behind Rabbit) has abandoned the patenting process. But I am in contact with the management (I used to work for the company), so I hope that you take my word for it. --Erik Zenner (talk) 08:20, 17 December 2008 (UTC)
Thanks! ciphergoth (talk) 23:22, 18 December 2008 (UTC)