You are looking at the basic model which I tried to outline from a different view. Your conclusion sounds somewhat logical. Let's summarize the different views:
1.) 1 out of 4 base ciphers has been cracked. If there is an equal probability for all base ciphers to be cracked one fine day, then the probability for that event to take place is 4 times higher for a "cipher of ciphers". In order to crack the full cipher, all 4 base ciphers rather than one must be cracked. 2.) If 1 of the 4 base ciphers is cracked, there are still 75% of all encrypted messages safe. This would have helped the German submarine fleet in world war 2 quite a lot, but they fully relied on the Enigma, a certified mechanical cipher machine! If the concept of a "cipher of ciphers" uses a large number of such bases ciphers, the number of "exposed" messages decreases linearly with a growing number of available base ciphers. The limes for a possible revelation of encrypted messages is 0 for an infinite number of available base ciphers. For real it is no fun to try and crack one out of 128 base ciphers or even one out of 65536 base ciphers. Practical 256 bit Polymorphic Ciphers can have a set with as many as 1.1E77 base ciphers. Honest discussions are pretty rare in this world. Fair discussions are even more rare. The best proof is Bruce Schneier who obviously tried to shrug off our ideas. You wrote: "ah, what a nice summary of what you are doing. did you reply to that? is that reply available somewhere? if you replied to schneier, did he reply as well? that would be a very interesting discussion to read." You don't sound "biased" at all, do you? Well, I replied to that. Here's my e-mail (I only had to cross out the names of the two experts because I don't have the permission to publish their names). No answer since March 18, 2003 when I e-mailed the following message to Bruce Schneier's e-mail address [EMAIL PROTECTED]: " Dear Mr. Schneier, my name is Clemens Bernhard Roellgen and I've invented the so-called "Polymorphic Cipher" in 1999. I can understand your comments on the publically available documentation of it. Your comments certainly have a negative effect on current and future projects. It would have been a great pleasure to have had an e-mail conversation with you earlier. Anyway, it would be a great honor to have a technical discussion with one of the greatest crypto experts of our time. It is understandable that your newsletter should warn of snake oil. But what happens if hasty conclusions are made by accident? We all can be wrong sometimes. What if the proposed cipher is as secure as ciphers like Rijndael or Twofish? It might even be substancially faster, or DPA-proof, or have other positive and negative features? Shortly after patenting the idea in 1999, the German authorities wanted to make the cipher a state secret, but dropped that attempt after two months. Later I found out (partly with the help of a news editor) that the proper experts had never been asked! They didn't say if in the end it was right or wrong not to make the patent a state secret. Then we asked Prof. XXXXXXX XXXXXXXXX from the Institute for Bank Computer Science and Bank Strategy from the University in Regensburg (the name of the department has been translated from the German language as good as possible), voice: +49 941 xxxxxxxx, for his judegement. It was positive. Dr. xxxxxxxxx from IZB Soft in Munich (voice: +49 89 xxxxxxxxx), a mathematician, found some errors in our documentation, but also came to a positive result. IZB Soft is a ... big IT security company which works ........ for banks. I don't think that you will ever have the chance to revise your judgement, but isn't it a probably simple but good idea to be able to choose from two different ciphers like Rijndael and Twofish with one password bit? Maybe the software can make the choice dependent on two password bits. The choice could be one out of these 4 ciphers: Rijndael, Serpent, Mars and Twofish. By doing this, the password can be as long as 258 bits. The two "cipher select" bits don't play a role during the actual encryption and decryption process any more. They don't consume CPU time after the choice has been made. Such an implementation is just as fast as the average of all four worker ciphers when encrypting a big amount of data, but comes with two additional password bits. A brute force attack on this kind of "cipher" takes 4 times as long as a brute force attack on just one of the worker ciphers (Rijndael, Serpent, etc., alone). If (by very hard work and much more than luck) a method is found to crack one of the 4 worker ciphers, then the other three are still likely to be secure. If the number of available worker ciphers isn't only limited to just 4, wouldn't it be tedious and hopeless to try and crack each of the available worker ciphers? Let's think of 128 such worker ciphers which could be available from 7 additional password bits. Cracking one of these is probably impossible, but cracking a number of them, if they are of the calibre of Twofish, is definitely hopeless. This is (basic) Polymorphic Encryption. It's not much more, but it's also not much less. We would be pleased if you could have a less superficial look at our cipher. I would send you source code, as well as a number of papers which describe the source code in detail. But as not all aspects of the cipher are patented so far, we would kindly ask you to sign an NDA. If you are still negative after having another look at the concept, you can publish this of course, as long as the information which is sent out cannot be used by competitors to create a similar cipher or ideas can be "borrowed". Hope to hear from you soon! Best regards, Bernd Roellgen PMC Ciphers, Inc. Josephsburgstr. 85 81673 Muenchen Germany >From your newsletter: PMC Ciphers. The theory description is so filled with pseudo-cryptography that it's funny to read. Hypotheses are presented as conclusions. Current research is misstated or ignored. The first link is a technical paper with four references, three of them written before 1975. Who needs thirty years of cryptographic research when you have polymorphic cipher theory? <http://www.ciphers.de/products/polymorphic_cipher_theory.html> <http://www.ciphers.de/products/bpp_disk.html> " 'Honest discussions'? I'd immediately take part in a fair discussion. Until 1992 the catholic church denied that the earth revolves around the sun. If the pope was considered a leading astronomer, the earth would still be the center of the universe. It took 359 years, observatories, geostationary satellites (even used by the Vatican!), moon landings, etc. to make this organisation change their mind. Thank god there were people who realized the bug, came out of their "doghouse" and managed to speak freely after a few centuries. Why this inertia? Meet the pope and have an "honest" discussion. If you even manage to be received in audience you'll have my full respect! C.B. Roellgen PMC Ciphers, Inc.