Under the Wassenaar Arrangement and applicable export control law, symmetric cryptography of an (effective) key size of 56 bits or less is (generally) exempted from export control. I am forced to work within this constraint. My goal is to maximize security regardless. Encryption and decryption operations may take about 0.125 seconds per byte.
In theory, it would be possible to design a cipher that performs many rounds, similar to password-based key derivation, such that brute force approaches become less feasible as they are too computationally expensive for non-dedicated attackers.
What other measures can be taken to stretch the practical security of a cipher as much as possible while adhering to this key length requirement?
I am only aware of DES taking advantage of the maximum key length. Modern designs of other ciphers either seem to overshoot the exportable key length, often to 64-bits (e.g. SPECK-32/64).
For reasons outside of the scope of this question, it is assumed that:
- The goal is to release the source code under an open source license.
- It it not reasonably affordable or possible to obtain a license as an individual.
- the jurisdiction in question does not apply the public domain rule of the general software note (GSN) before exporting the software, even if released as open source software and thereby; in other words, publication e.g. by uploading to GitHub is considered violation of applicable export control law and may be prosecuted by the authorities as a criminal case.
- It is not intended to use existing free software implementations of ciphers that would fall under the GSN.
