Re: Simple cipher program help
From: Benjamin Goldberg (goldbb2_at_earthlink.net)
Date: 04/30/03
- Next message: M.S. Bob: "Re: Anyone looked at Mithra ?"
- Previous message: Benjamin Goldberg: "Re: when the rain begins to fall"
- In reply to: John E. Hadstate: "Re: Simple cipher program help"
- Next in thread: ošin: "Re: Simple cipher program help"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 29 Apr 2003 22:31:57 -0400
"John E. Hadstate" wrote:
>
> "Benjamin Goldberg" <goldbb2@earthlink.net> wrote in message
> news:3EAEBE08.B60DCA5C@earthlink.net...
> > IIRC, it's possible for 56-bit DES to be broken by brute-force in about
> > 3 hours.
> >
> > If a single encryption operation with this new cipher takes as long as a
> > single DES encryption, then, using 8 keyboard chars for the key to this
> > cipher would mean that a brute force break takes 1/10th as long as brute
> > forcing DES. In other words, about 18 minutes. Even less, if one takes
> > into account the fact that letters are unlikely to be used in an evenly
> > distributed manner.
> >
> > Whereas, if you used 8 *truly random* bytes, (and a single encrypt takes
> > as long as a single DES encrypt), then it would take 256 times *longer*
> > to brute force... or 32 days.
> >
>
> Thanks for pointing out my error with regard to the keyspace size. You are
> absolutely correct in every respect. But I wouldn't waste any more time on
> the analysis of Dumcifer.
Oh, I never even looked at Dumcifer. My analysis was purely a denunciation
of why a user should *not* choose to use X many keyboard characters as the
key, when a cipher asks for X many truly random bytes.
The short-short version of what I said was:
A truly random byte has exactly 8 bits of randomness, whereas a keyboard
character has *AT MOST* ~6.585 bits of randomness.
If the cipher calls for 8 random bytes, and you supply 8 keyboard chars,
then you're supplying at most 52.68 bits of randomness when 64 bits were
called for. This is at least 11.32 fewer bits, and thus can be brute
forced in at most one 2557th of the time that it would take if a full 64
bits of randomness were supplied. (Or about one tenth of what it would
take if 56 bits were supplied.)
> "Dumcifer" doesn't have any of the niceties of Lucifer or DES. The "key
> schedule", for example, is pathetic. The cipher could probably be cracked
> in significantly less time than required for a brute force search of the
> keyspace. The whole purpose in creating Dumcifer was to demonstrate how the
> OP's ideas (which wouldn't work at all) could be salvaged and sharpened-up
> to produce a reversible cipher. With any luck, we'll get Paul interested
> enough in cryptography that he'll learn all the reasons why Dumcifer is not
> a good cipher.
Well, I was just comparing to DES for it's keyspace, and the time it takes
to brute force it, not any of it's other properties.
Certainly if there are faster methods to break a cipher than brute-force,
they should be used.
--
$a=24;split//,240513;s/\B/ => /for@@=qw(ac ab bc ba cb ca
);{push(@b,$a),($a-=6)^=1 for 2..$a/6x--$|;print "$@[$a%6
]\n";((6<=($a-=6))?$a+=$_[$a%6]-$a%6:($a=pop @b))&&redo;}
- Next message: M.S. Bob: "Re: Anyone looked at Mithra ?"
- Previous message: Benjamin Goldberg: "Re: when the rain begins to fall"
- In reply to: John E. Hadstate: "Re: Simple cipher program help"
- Next in thread: ošin: "Re: Simple cipher program help"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
