Re: How good an encryption algorithm is this?

From: Bonj (benjtaylor)
Date: 11/23/04

• Next message: Igor Tandetnik: "Re: How good an encryption algorithm is this?"
• Previous message: Bonj: "Re: How good an encryption algorithm is this?"
• In reply to: Igor Tandetnik: "Re: How good an encryption algorithm is this?"
• Next in thread: Carl Daniel [VC++ MVP]: "Re: How good an encryption algorithm is this?"
• Reply: Carl Daniel [VC++ MVP]: "Re: How good an encryption algorithm is this?"
• Reply: Igor Tandetnik: "Re: How good an encryption algorithm is this?"
• Reply: Tim Roberts: "Re: How good an encryption algorithm is this?"
• Messages sorted by: [ date ] [ thread ]

---

Date: Tue, 23 Nov 2004 21:52:03 -0000

(please see my other post asking how to protect the actual key, given that
the algorithm shouldn't need to be secret - but inline also.)

> Note two facts. First, XOR is associative and commutative, that is, a
> sequence of XOR's can be executed in any order without changing the
> result. Second, x XOR x == 0 for any x, and x XOR 0 == x for any x.

Interesting... I would say that only on average 1 byte of each key is going
to be zero...this is less than 0.5% of the values....., so would it matter?
Only 1 in 255 of the values wouldn't be changed, and that's only on this
step.

>
> Suppose key2[n] happens to be even.
> Let the data byte at position n be x. Then your inner loop, the one that
> loops 'levels' times, XOR's x

yes...

> with itself

no, not with itself! Where have I said it XORs it with *itself*? It would be
quite *obvious* to even me that that would produce zero...!

> an even number of times (the result is 0), then XORs some key material on
> top of that. The result _does not_ depend on x _at all_. Which means,
> there's no way to recover plain text from ciphertext - the data is
> irretrievably lost in encryption.

Well.... I don't think that to be the case. If you try the algorithm, you'll
see that it does indeed work. It's just unlikely to be very secure, such as
has apparently been drummed into me. But my current quandry is how would
*any* algorithm, as the key has to be hidden somewhere. Perhaps I need a
key-hiding algorithm..... but that's just another cryptographic algorithm
though... aaaargghh! Is it just a vast hall of mirrors that leads unto
infinity?

>
> Thus, this modification of your algorithm is equivalent to a naive XOR
> cipher - XORing the input data with a fixed key. If I happen to know both
> a plaintext and a ciphertext for some message (known-plaintext attack),
> I'll just XOR them together and get the key

Right, I see what you mean here - yes. So you're saying that however many
keys I invent, they will all 'boil down' to one master one, which even if
not defined, will exist, such that it will just convert all cipher back to
plaintext instantly?

(note that the
> attacker often has access to at least some bytes of plaintext, since many
> messages contain known signatures in fixed places, like protocol headers
> and such). Even if I don't, a simple XOR cipher is a particular case of
> polyalphabetic aka Vigenere cipher - all the rage in 16-17th centuries
> until broken in 1863.

Surely XOR requires binary, which was only invented in the1940s or
something?
Why would people before the age of computers understand binary?

>
> http://www.trincoll.edu/depts/cpsc/cryptography/vigenere.html
>
> --
> With best wishes,
> Igor Tandetnik
>
> With sufficient thrust, pigs fly just fine. However, this is not
> necessarily a good idea. It is hard to be sure where they are going to
> land, and it could be dangerous sitting under them as they fly
> overhead. -- RFC 1925
>

---

• Next message: Igor Tandetnik: "Re: How good an encryption algorithm is this?"
• Previous message: Bonj: "Re: How good an encryption algorithm is this?"
• In reply to: Igor Tandetnik: "Re: How good an encryption algorithm is this?"
• Next in thread: Carl Daniel [VC++ MVP]: "Re: How good an encryption algorithm is this?"
• Reply: Carl Daniel [VC++ MVP]: "Re: How good an encryption algorithm is this?"
• Reply: Igor Tandetnik: "Re: How good an encryption algorithm is this?"
• Reply: Tim Roberts: "Re: How good an encryption algorithm is this?"
• Messages sorted by: [ date ] [ thread ]

---

Relevant Pages Re: How good an encryption algorithm is this? ... If you try the algorithm, ... this modification of your algorithm is equivalent to a naive XOR ... > cipher - XORing the input data with a fixed key. ... > a plaintext and a ciphertext for some message, ... (microsoft.public.dotnet.languages.csharp) Re: How good an encryption algorithm is this? ... >> know both a plaintext and a ciphertext for some message ... This is pretty much what happens with any encryption algorithm that uses ... XOR alone. ... (microsoft.public.dotnet.languages.csharp) Re: How good an encryption algorithm is this? ... >> know both a plaintext and a ciphertext for some message ... This is pretty much what happens with any encryption algorithm that uses ... XOR alone. ... (microsoft.public.vc.language) sci.crypt "Sandbox" [Was: Re: Small streamcipher MiniTrixor 48-bit] ... > ciphertext-only cipher has less chance of being secure compared to a known ... generated from a plaintext exactly 1024 bytes in size (but need not itself ... Full and clear disclosure of algorithm, ... Maintain a "running balance" for each algorithm. ... (sci.crypt) Re: puzzle ... >> One real problem, however, with the XOR algorithm is that it assumes ... Using XOR, you just happen to get lucky, in the sense that XOR just ... It didn't state that the language, in which the algorithm was written ... I had to beat the XOR solution out of you. ... (comp.programming)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(12)