Welcome to Justin Troutman's Section

Justin Troutman is an independent contract cryptographer and cryptanalyst, based in the general Charlotte-Gastonia-Salisbury metropolitan area of North Carolina's southern Piedmont region, who sports a forte consisting of a specialization in the structural design semantics of cryptographic primitives and their mathematical cryptanalyses, on which he has authored publications and lectured abroad. His prominent areas of interest are the design strategies, and cryptanalysis, of block ciphers (i.e., wide-trail, in particular), MAC functions, and cryptovirological protocols and their game theoretical implications, using both symmetric and asymmetric primitives as components.

On a contract basis, his array of engagements include consulting, conceptualizing, constructing, and cryptanalyzing tactful cryptographic protocols and their respective algorithmic components, as well as authoring publications on cryptanalysis, and conservative policies for implementing cryptography. On an academic basis, he is pursuing doctorate-level research in the pure mathematical corpus of cryptology.

He can be contacted at justin at justintroutman dot org, for general inquiries, speaking engagements, or consulting (cryptanalytical evaluation at the systematic and primitive levels). His weblog, curriculum vitae, publications, and other miscellany, can be found at his autobiographical site: http://www.justintroutman.org.

Justin Troutman's Latest Contributions

Block Party: A Cryptographic Standard Shindig: Date - Jun 27, 2007; Section - Articles / Authentication, Access Control & Encryption; The greatest product of modern cryptography is probably the competition for a new cryptographic standard which will, in the near future, give us a new hash function standard.
Shopping For The Right Ingredients: A Small Grocery List For The Secure Channel: Date - Dec 12, 2006; Section - Articles / Authentication, Access Control & Encryption; The requirements needed to design a secure channel centering around AES.
The Layman's Unconventional Guide to the Advanced Encryption Standard (Part 2): Date - Sep 27, 2006; Section - Articles / Authentication, Access Control & Encryption; This article looks at the core of Rijndael – the round transformation – which will be broken down into its four steps: SubBytes, ShiftRows, MixColumns, and AddRoundKey.
Milking Tucows: The Udder Truth About Cryptographic Software Reviews: Date - Jul 19, 2006; Section - Articles / Misc Network Security; It's this piece of writing's duty to inform you of what you can conclude from software reviews, and what you can't.
The Layman's Unconventional Guide to the Advanced Encryption Standard (Part 1): Date - Jun 23, 2006; Section - Articles / Authentication, Access Control & Encryption; An unconventional, elaborate glance at the mathematics behind the Advanced Encryption Standard, geared towards the non-mathematician.
Calamitous Cryptography: The Extortoise and the Haregretful: Date - May 31, 2006; Section - Articles / Authentication, Access Control & Encryption; Cryptovirology - cryptography's evil younger sibling. Let's look at how the intensity of this dark science feeds directly from the security of its older, defensive brother.
The Simplistic Trio: Three of the Many Musketeers Fighting in the Name of Simplicity: Date - Feb 22, 2006; Section - Articles / Authentication, Access Control & Encryption; Simplicity is a pillar of good cryptography. In this article, we'll cover several "acts" of simplicity, ranging from independence in modularity, reduction of complexity, and conservative threat modeling, along with a final spiel on the importance of using message authentication.
Caveat Lector: Authentication, the Forgotten, Should-be Predominant: Date - Feb 02, 2006; Section - Articles / Authentication, Access Control & Encryption; Using the familiar Alice and Bob model, we'll take a look at the concept of integrity preservation, through the use of a MAC, or Message Authentication Code. This article will define what it is, what it does, and why it's vital in the majority of cases, although often overlooked in most of them.
Ideal-to-Realized Security Assurance In Cryptographic Keys (Part 2): Date - Aug 23, 2005; Section - Articles / Authentication, Access Control & Encryption; In the final installment of this two-part series, we'll cover two closely related collision attacks - the birthday attack and the meet-in-the-middle attack. We'll conclude by emphasizing the importance of simplicity through conservatism, and establishing a "golden rule" for instantiating the lengths of many cryptographic values.
Ideal-to-Realized Security Assurance In Cryptographic Keys (Part 1): Date - Aug 16, 2005; Section - Articles / Authentication, Access Control & Encryption; In the first installment of this two-part series, we'll cover key length, and relative concerns, such as entropy and how password etiquette affects key space complexity. We'll look at how the length of the key doesn't inherently equate to the security of the key, and why security isn't even just about keys, at all.