Re: How strong would randomizing data be ?
From: Skybuck Flying (nospam_at_hotmail.com)
Date: Thu, 5 May 2005 07:20:35 +0200
"Joseph Ashwood" <firstname.lastname@example.org> wrote in message
> "Skybuck Flying" <email@example.com> wrote in message
> > The question is if there is such a thing as true randomness ;)
> > In the end everything happens because of some sort of system ;)
> This is actually a somewhat open area of debate, no one has successfully
> proven that entropy exists, but at this point the theories suggesting it
> does not do not appear accurate.
> As to the strength of your "design" it is almost certainly flawed, and you
> haven't even given details. The reason is rather simple, you need to
> cryptographically strong pRNGs and these are in short supply unless you
> a good block cipher in CTR mode. Either way you've over designed and under
> engineered, especially in security.
> As others have noted you have basically reinvented the stream cipher,
> in a rather convoluted way. You really don't need all the layers you have
> and your reasons behind creating the design can be easily dealt with
> otherways, the short problem is dealt with through padding. That you are
> using ECB is easily addressed by switching modes, etc.
The number of layers is about the same.
My scheme might even be stronger than AES.
In AES the counter (IV) is simply incremented.
In my version the "counter" is randomized.
What I don't undestand is why it would be bad for AES in CTR mode if the
same counter is re-used...
if it is just re-used for a couple of bytes why would that be bad ?