Re: Cryptanalysis Blocking Method

From: Bryan Olson (fakeaddress@nowhere.org)
Date: 02/10/03 

From: Bryan Olson <fakeaddress@nowhere.org>
Date: Mon, 10 Feb 2003 08:40:16 GMT

mattar wrote:

> My company [...]
> This new method makes difficult the guess or partial knowledge of the
> plain text by inserting an unpredictable or random value into the
> original data before applying the cryptographic algorithm.

There are many such methods, and no market for them. Current
ciphers remain unbroken in the face of adaptive chosen
plaintext/ciphertext attacks. Given a non-repeating value, a
cipher can generate an unpredictable IV, and an unpredictable IV
is all that the ciphers require for semantic security.

> The random data is to be mixed with the original data by a given
> algorithm within a block whose size is equal to the cryptographic
> algorithm input block size.

See the Crypto 82 proceedings for papers on randomized symmetric
encryption. The paper by Rivest and Sherman contains what I
think is a particularly elegant scheme: add an error correction
code, then change as many randomly-chosen bit positions as the
code can correct.

Much as I admire the authors, I doubt the papers from Crypto 82
would be publishable today. Clever ideas are no longer enough;
a paper needs definite results.

I once posted a scheme showing one way to add major randomness
to a typical block cipher. My post responded to an incorrect
claim that efficiently adding significant randomness to a block
cipher requires the cipher to have a large block size. See:

 
<http://groups.google.com/groups?selm%3D8la8p8%2524s4f%25241%2540nnrp1.deja.com%26rnum%3D1>

Mattar's post suggests an attempt to market and profit from such
schemes. My advice: whatever you do, don't use your own money.

The situation is quite different for public-key ciphers. There
are proven weaknesses of older schemes which randomized
encryption conditionally-probably fixes. See the papers by
Bellare and Rogaway for some significant results. 

-- 
--Bryan

Relevant Pages