Re: manual cryptography

From: John Savard (jsavard_at_ecn.aSBLOKb.caNADA.invalid)
Date: 10/30/03

• Next message: Benjamin Choi: "Provable security against differential cryptanalysis"
• Previous message: puzzolino: "What ? I can't use cryptography in my app..."
• In reply to: John E. Hadstate: "Re: manual cryptography"
• Next in thread: Mok-Kong Shen: "Re: manual cryptography"
• Reply: Mok-Kong Shen: "Re: manual cryptography"
• Reply: Jim Gillogly: "Re: manual cryptography"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 30 Oct 2003 12:21:17 GMT

On Thu, 30 Oct 2003 06:31:31 -0500, "John E. Hadstate"
<jh113355@hotmail.com> wrote, in part:

>Hmmm. You're right. Suppose one were to generate the key material by
>autokeying the secret key and the alphabet (or any other pre-agreed text).
>Then just encrypt the plaintext by adding the resulting key material mod 26.
>It would take twice as much time, but would pretty well close the "probable
>word" loophole.

I'd be more inclined to follow the kind of thing Douglas Gwyn pointed
out - Playfair followed by a transposition.

But let's _really_ get fancy: use a straddling checkerboard, then
"Giant Playfair" using a 10 x 10 square of two-digit pairs, then
double transposition.

>Now, do you know of a way that is practical to compute manually to
>authenticate the ciphtertext?

With manual encryption, if it decrypts and makes sense, it's
authentic... as long as you _don't_ use something like the one-time
pad. Authentication is too prone to error to do manually, although I
suppose autokey might work as an intermediate layer.

John Savard
http://home.ecn.ab.ca/~jsavard/index.html

• Next message: Benjamin Choi: "Provable security against differential cryptanalysis"
• Previous message: puzzolino: "What ? I can't use cryptography in my app..."
• In reply to: John E. Hadstate: "Re: manual cryptography"
• Next in thread: Mok-Kong Shen: "Re: manual cryptography"
• Reply: Mok-Kong Shen: "Re: manual cryptography"
• Reply: Jim Gillogly: "Re: manual cryptography"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: TrueCrypt 4.0 Out ... >the secret key was to let you encrypt your arbitrary data with his ... >secret key, then he doesn't have to use disk encryption at all. ... I suspect there are all sorts of ways that chosen-plaintext ... and your email client stores it to disk. ... (sci.crypt) Re: Secure email solution ... The recipients don't use a passwd to decrpyt the message, ... To use that secret key they need a passwd. ... It is possible to symmetrically encrypt a message, ... (alt.computer.security) Re: Crypto API / System.Security.Cryptography questions ... My requirements are to encrypt sensitive data in a web app. ... I had been using DPAPI user mode, but ran into problems with roaming ... I now plan to generate a secret key, and encrypt that with DPAPI machine ... (microsoft.public.dotnet.security) Decrypt ... document (by using secret key). ... It is possible using Crypto API, but the problem is, our customer ... require that encrypt of document must be executed by our code (source ... code will be review by client), not by Crypto API (source code is not ... (microsoft.public.platformsdk.security)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint