New Encryption Algorithm - GordianCrypt

[Anze Jensterle]

Hey all,

On Wed, 2 Apr 2025 at 11:50, Andrew Gallagher via Gnupg-users <
gnupg-users at gnupg.org> wrote:

> Hi, Ben.
>
> On 1 Apr 2025, at 14:11, Gordian Crypt via Gnupg-users <
> gnupg-users at gnupg.org> wrote:
>
>
> I am writing to introduce myself and share details about a new encryption
> algorithm I have developed—GordianCrypt. With over 10 years of experience
> in security and networking, I have dedicated my career to advancing
> encryption technologies. This algorithm is the culmination of that work,
> and I am eager to receive insights and feedback from experts like you.
>
>
> GordianCrypt is designed to provide robust security through an innovative
> approach to public key encryption. I invite you to visit the demo website at
>  www.gordiancrypt.com, where you can review the white paper and
> experiment with the encryption and decryption processes firsthand.
>
>
> Without a copy of the code, we are not doing anything firsthand, it’s just
> a web form with unclear properties. It could be doing anything in the back
> end for all an external observer can know. And your white paper contains no
> technical info; it reads as a press release. If you want meaningful
> feedback, you need to publish your algorithm - in excruciating detail.
>
> What little I can glean from your website is concerning, for example when
> you sum the bit lengths of each of your ten (!) layers - this merely
> provides an upper bound on the cryptographic strength, which could be
> orders of magnitude lower (or even zero) depending on the implementation
> details. In general, superimposing multiple layers of algorithms with
> smaller individual key spaces does not compare to using a single algorithm
> with a larger key space, and these layers may interact in non-trivial ways
> - see 3DES for a real world example of how such a construction can fail.
>
> You claim that your algorithm is quantum-safe, but provide no security
> proof. You also claim that it is “unbreakable by AI”, which is a trivial
> property since AI can’t even break the weakest known ciphers. It is not
> clear that you have any experience in cryptanalysis or algorithm design -
> might I humbly suggest that you start with something a little less
> ambitious?
>
> In short, there is nothing here (yet) to review.
>
> Thanks,
> Andrew.
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> https://lists.gnupg.org/mailman/listinfo/gnupg-use
> <https://lists.gnupg.org/mailman/listinfo/gnupg-users>rs

I really hope this message was just an April Fools joke, since if you
really want us to audit what you made, technical details of the algorithms
need to be public. I also noticed this was only sent to the GnuPG mailing
list. Do you have anything to support your backing like academic
affiliation or a company? Deciding to launch a cryptography product without
proper peer review is just plain irresponsible.

Have a good one,
Anze

>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20250402/00f99a7f/attachment-0001.html>