RE: Kryptor Whitepaper released



Ooops,

Didn't read the code well, the keystream is not reused after each iteration,
(Angelo showed me my mistake).

This is what happens when you don't read well and are too quickly to answer
:-). Please disregard my previous comments.

Regards,

Omar

-----Original Message-----
From: Omar A. Herrera [mailto:omar.herrera@xxxxxxxxx]
Sent: Wednesday, February 15, 2006 8:44 PM
To: angelo@xxxxxxxxxxxx; focus-linux@xxxxxxxxxxxxxxxxx
Subject: RE: Kryptor Whitepaper released

Hi Angelo,

I just took a quick look at it but it seems to me like a polyalphabetic
substitution cipher with an effective block length of 16 bytes (i.e. every
16 bytes you have a monoalphabetic substitution cipher).

I mean, this doesn't hide the underlying language frequencies within each
block of 16 bytes (the length of your MD5 hashed keys). Of course I'm not
a
cryptanalyst but it really seems to be crackeable with pen and paper
(granted, probably not as easy as a Vigenère cipher because of the
manipulations of the keys, but not much more difficult though).

Probably the only situations where this cipher is secure is when the
length
of the text to be enciphered is <= 16 bytes (the length of your keys),
provided that you do not reuse the keys of course :-).

Pending the opinion of an experienced cryptographer, I would say that even
without the source code the Friedman and Kasisiki tests would quickly show
up the type of the encipherment (polyalphabetic) and the length of the key
(16 bytes).

As far as I know, this is the reason why modern strong symmetric ciphers
use
both diffusion and confusion (as suggested by Claude E. Shannon). This
piece
of code only implements substitution, and reminds me of a comment made by
Bruce Schneier regarding the simple XOR algorithm (Chapter 1, Foundations)
in his book "Applied Cryptography" ;-):

...
crypted[x] = plainBlock[x] ^ MD5pwd[streamMd5pwd] ;
...

Best regards,

Omar A. Herrera

-----Original Message-----
From: angelo@xxxxxxxxxxxx [mailto:angelo@xxxxxxxxxxxx]
Sent: Wednesday, February 15, 2006 2:48 PM
To: focus-linux@xxxxxxxxxxxxxxxxx
Subject: Kryptor Whitepaper released

As I announced in previous threads, we released the full white paper of
the algorithm implemented in Kryptor
(http://www.rosiello.org/archivio/kryptor-0.1.2.tar.gz).

The paper can be found at:
http://www.rosiello.org
or
http://www.rosiello.org/modules/smartsection/item.php?itemid=8

cheers,
Angelo

Rosiello Security,
http://www.rosiello.org



Relevant Pages

  • Re: =?windows-1252?Q?The_Renaissance_is_Here_=96_SD_cryptography=2E?=
    ... cipher in itself. ... alphabet later to create keys ad hoc, ... All modern cryptography depends on going public with the vitally ... Even RSA and other public-key algorithms do not ...
    (sci.crypt)
  • Re: Initializing GFSR Generators.
    ... It is important to see the system around "the cipher" ... I innovated an "alias file" to hold the actual keys, ... somebody has to get through a combiner ...
    (sci.crypt)
  • Re: Im still amused.
    ... keys with certain algorithms. ... independent operation to the encryption algorithm that will use it. ... cipher whenever you wish to call it. ... Reference: "Theoretically Unbrakable Cryptography" ...
    (sci.crypt)
  • Re: Is encrypting twice much more secure?
    ... so if one pass is secure enough you're okay. ... Wouldn't an 'definition' of 'statistically independent keys' (not very ... imply that the 2nd cipher couldn't weaken the work of the ... Consider a block cipher as a set of permutations of plaintext into ...
    (sci.crypt)
  • Re: Is there a Mathematician Cryptographr in the House.
    ... N must divide Sum just once and leave the residue (Mod ... This is the algorithm that produces two sets of random keys in the ... following cipher in modular arithmetic. ... designed the OTP in conjunction with his contemporary Gilbert Vernam. ...
    (sci.crypt)