PMC Ciphers - The Inventors of Polymorphic Encryption

Bruce Schneier puts down Polymorphic Encryption

Author: C. B. Roellgen

May, 2007

“Bruce Schneier is an internationally renowned security technologist and author. Described by The Economist as a "security guru," Schneier is best known as a refreshingly candid and lucid security critic and commentator. When people want to know how security really works, they turn to Schneier.”

This is what the man writes about himself on his own website (http://www.schneier.com).

When visiting page http://en.wikipedia.org/wiki/Bruce_Schneier , readers will learn this: “Before Counterpane, he worked at the United States Department of Defense and then AT&T Bell Labs.” and “..is the founder and chief technology officer of BT Counterpane, formerly Counterpane Internet Security, Inc.”.

It is important to know that BT Counterpane is a competitor to PMC Ciphers, Inc. and that it’s unlikely that somebody who has connections to the U.S. military is really interested in making really secure encryption algorithms publically available (on a worldwide scale).

It should also be noted that it is likely that even the NSA uses Polymorphic Encryption today (to read more about this simply read below).

On March 15, 2003, Mr. Schneier writes in his “Crypto-Gram” newsletter:

The Doghouse: Random Cryptography Companies
I am continually amazed by how many of these there are. Thanks to everyone who sends me these Doghouse nominations.
…
PMC Ciphers. The theory description is so filled with pseudo-cryptography that it's funny to read. Hypotheses are presented as conclusions. Current research is misstated or ignored. The first link is a technical paper with four references, three of them written before 1975. Who needs thirty years of cryptographic research when you have polymorphic cipher theory?
http://www.ciphers.de/products/...
http://www.ciphers.de/products/bpp_disk.html

As that’s pretty thick, I have tried to contact Mr. Schneier by e-mail with exactly this text:

Dear Mr. Schneier,

my name is Clemens Bernhard Roellgen and I’ve invented the so-called “Polymorphic Cipher” in 1999. I can understand your comments on the publically available documentation of it. Your comments certainly have a negative effect on current and future projects.
It would have a been a great pleasure to have had an e-mail conversation with you earlier. Anyway, it would be a great honor to have a technical discussion with one of the greatest crypto experts of our time.

It is understandable that your newsletter should warn of snake oil. But what happens if hasty conclusions are made by accident? We all can be wrong sometimes.
What if the proposed cipher is as secure as ciphers like Rijndael or Twofish? It might even be substancially faster, or DPA-proof, or have other positive and negative features?

Shortly after patenting the idea in 1999, the German authorities wanted to make the cipher a state secret, but dropped that attempt after two months. Later I found out (partly with the help of a news editor) that the proper experts had never been asked! They didn’t say if in the end it was right or wrong not to make the patent a state secret.
Then we asked Prof. Dieter Bartmann from the Institute for Bank Computer Science and Bank Strategy from the University in Regensburg (the name of the department has been translated from the German language as good as possible), voice: +49 941 943-1881, e-mail: dieter.bartmann@wiwi.uni-regensburg.de, for his judegement. It was positive.
Dr. Schirle from IZB Soft in Munich (voice: +49 89 4907-1750, e-mail: Matthias.schirle@izb-soft.de), a mathematician, found some errors in our documentation, but also came to a positive result. IZB Soft is a comparably big IT security company which works entirely for banks.

I don’t think that you will ever have the chance to revise your judgement, but isn’t it a probably simple but good idea to be able to choose from two different ciphers like Rijndael and Twofish with one password bit? Maybe the software can make the choice dependent on two password bits. The choice could be one out of these 4 ciphers: Rijndael, Serpent, Mars and Twofish.
By doing this, the password can be as long as 258 bits. The two “cipher select” bits don’t play a role during the actual encryption and decryption process any more. They don’t consume CPU time after the choice has been made. Such an implementation is just as fast as the average of all four worker ciphers when encrypting a big amount of data, but comes with two additional password bits.

A brute force attack on this kind of “cipher” takes 4 times as long as a brute force attack on just one of the worker ciphers (Rijndael, Serpent, etc., alone).
If (by very hard work and much more than luck) a method is found to crack one of the 4 worker ciphers, then the other three are still likely to be secure.
If the number of available worker ciphers isn’t only limited to just 4, wouldn’t it be tedious and hopeless to try and crack each of the available worker ciphers? Let’s think of 128 such worker ciphers which could be available from 7 additional password bits. Cracking one of these is probably impossible, but cracking a number of them, if they are of the calibre of Twofish, is definitely hopeless.

This is (basic) Polymorphic Encryption. It’s not much more, but it’s also not much less.

We would be pleased if you could have a less superficial look at our cipher. I would send you source code, as well as a number of papers which describe the source code in detail. But as not all aspects of the cipher are patented so far, we would kindly ask you to sign an NDA. If you are still negative after having another look at the concept, you can publish this of course, as long as the information which is sent out cannot be used by competitors to create a similar cipher or ideas can be “borrowed”.

Hope to hear from you soon!

Best regards,

Bernd Roellgen
PMC Ciphers, Inc.
Josephsburgstr. 85
81673 Muenchen
Germany
voice: +49 (0)89 454198-09
mobile: +49 (0)172 89 58158

The incredible (but logical) happened: Mr. Schneier refused to communicate with me.
Why is this incredible?
Well, trying to crush a competitor by misusing somebody’s high profile certainly shows everything but:
- a high moral standard
- professionalism
- impartiality
- unwillingness to understand a rather simple but effective mechanism (it cannot be lack of intelligence)

It might probably be a little weird for Mr. Schneier to read more and more about actual implementations of Polymorphic Encryption.
We suspect that even the NSA is using it.
Please read page 28 of this Powerpoint presentation from Prof. Anita Jones from the University of Virginia:
http://www.cs.virginia.edu/~jones/cs451/slides/crypto2%20blk%20cipher.ppt

Well, for a security commentator who is best known for being refreshingly candid and lucid, it would be nice if he would finally start to understand that there are people out there who want to use algorithms that are different from what has been invented in the past 25 years.
I’ve had refreshing conversations with people who said that there was nothing new since Feistel, Diffie-Hellman and RSA. Ok, Elliptic Curves should really be mentioned as well. There are only many so-called “commentators” out there who try to scotch everything new so that nothing but AES is used.

That makes sense: If AES isn’t as secure as these “commentators” want to make us believe, it would be damned easy to hack into almost every security system in the world.

What in the world makes me doubt about AES?
Well, read here and read carefully paragraph 6. Applicability:
http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf

6. Applicability. This standard may be used by Federal departments and agencies when an agency determines that sensitive (unclassified) information (as defined in P. L. 100-235) requires cryptographic protection.
Other FIPS-approved cryptographic algorithms may be used in addition to, or in lieu of, this standard.
Federal agencies or departments that use cryptographic devices for protecting classified information can use those devices for protecting sensitive (unclassified) information in lieu of this standard.
In addition, this standard may be adopted and used by non-Federal Government organizations. Such use is encouraged when it provides the desired security for commercial and private organizations.

In other words:

AES is only approved for encrypting unclassified information! The section that I’ve marked red says that devices which are used to encrypt classified information can also be used to encrypt unclassified information. Well, this is somewhat logical.

The document (Fips-197) has been approved by the U.S. Secretary of Commerce.

All I can say is: “People, start to use your brains!!!”.
Why the hell are companies and private organizations encouraged to use AES? Why is AES royalty-free? How many more incentives do people need?
Ah, yes. Commentators who tread down every little plant that might grow and that might become a threat to the policy that is pursued.

By the way: We offer our disk encryption product “TurboCrypt” on http://www.turbocrypt.com in two versions: AES and PMC. Both have the same price.
Guess how many AES versions and how many PMC versions are downloaded?

80% PMC vs. 20% AES.

Here's to you Mr. Schneier.

C.B. Roellgen

Unchallenged since 10 years

	No attack has ever reported. Why does renowned expert curse our invention? Read more...

Earn money! Break it!

	Try to do it better than Bruce Schneier. Break Polymorphic Encryption. Read more...

Become a member. Use TurboCrypt

	Encrypt your music, videos and files. Nobody but YOU has access. Read more...

Secure telephony

	The ONLY truly secure telephone in the world - NINJA from Global IP Telecommunications. Read more...