Re: Is this Possible?

From: John E. Hadstate (nospam_at_null.nil)
Date: 06/24/03 

Date: Tue, 24 Jun 2003 12:46:39 -0400

"Myrddin Emrys" <myrddin@iosys.net> wrote in message
news:7500c01.0306240015.c3f17ec@posting.google.com...
> I'm a novice at cryptography, so I apologize if this could be answered
> in Crypto-101. If it can, please direct me to the appropriate website
> or publication.

This is Crypto-101 ;-)

>
>
> I wish to encrypt an IP:PORT datum, 6 bytes. I do not wish the
> encrypted form to be longer than 8 bytes. I need to be able to reform
> the original result after an arbitrary length of time with no
> additional data. The encrypted chunks will have a massive degree of
> duplication, but I wish the encrypted results to be as random as
> possible. I need it to be impossible for an attacker, given the
> hundreds or thousands of encoded chunks, to be able to break the
> cypher.
>

A couple of ideas come to mind. Later in your post you indicated you were
comfortable using DES or something equivalent, so I'll proceed with that
idea in mind.

Idea I (DES-CTR)

(1) Define a 64-bit integer together with the following methods:
    (a) Set to some initial value (like zero).
    (b) Increment
    (c) Store it to non-volatile storage
    (d) Load it from non-volatile storage.
    (e) Encrypt it using DES.

(2) Each time you want to encrypt an IP:PORT data value, Load your 64-bit
integer, increment it, Store the result and then Encrypt it using DES and
some key that you've protected from prying eyes. Take the first 6 bytes
from the DES result and XOR it with the IP:PORT data value.

(3) To decrypt, you will have to count the number of IP:PORT data values
that were previously encrypted before the one you want to decrypt. You then
Encrypt the count using DES and the same protected key. Again, take the
first 6 bytes from the DES result and XOR it with the encrypted data item.

Idea II (DES-CBC)

(1) Using DES, encrypt some known value (like 0, or 12345, etc) and store
the 64-bit result in non-volatile storage.

(2) Each time you encrypt an IP:PORT data value using DES, XOR the 64-bit
result with the previously stored 64-bit value.

(3) To decrypt, XOR the previous store IP:PORT value against the value you
plan to decrypt. The decrypt the result using DES and the secret key.

Relevant Pages

  • Re: Encrypt and Decrypt a file using .NET 2.0?
    ... public static string GenerateKey() ... DES des = DES.Create; ... // Distribute this key to the user who will decrypt this file. ... // Get the Key for the file to Encrypt. ...
    (microsoft.public.dotnet.languages.csharp)
  • Re: Stupid Triple DES question
    ... Shouldnt it then be 3 times as secure ... With triple-DES this kind of "meet in the middle" attack does not ... type of double DES that avoids that attack. ... THen you encrypt with first key. ...
    (sci.crypt)
  • Re: End of a scanning era in Arizona
    ... >>the phoenix metro area with several services, but phoenix police ENCRYPT ... >>each handheld. ... > It doesn't have to be - DES is a published standard. ...
    (rec.radio.scanner)
  • Re: Random ID numbers...32 bit version of DES...possible?
    ... If indeed you want to reversibly encrypt a 32 bits value, ... You could alter DES for this, ... Decryption is similar with the two operations above ... it is possible to find the mapping for the remaining ...
    (sci.crypt)
  • Re: 2 Keys decrypts same message
    ... If I encrypt the password with DES using the same password I'm going ... Password to be encrypted: somepassword ... > a security risk for other systems. ...
    (sci.crypt)