Re: An hash-Encryption algorithm

Kristian Gjøsteen <kristiag+news@xxxxxxxxxxxx> wrote in news:ctbpa3-
7hk1.ln1@xxxxxxxxxxxxxxxxxxxxx:

> Neo <neoscandal@xxxxxxxxx> wrote:
>>Sebastian Gottschalk <seppi@xxxxxxxxx> wrote in news:43ucb4F1p9v0dU1
>>@news.dfncis.de:
>>
>>> Neo wrote:
>>>
>>> [a stateless streamcipher]
>>>
>>> Once I find a known plaintext (Px,Cx), I can decrypt all following
>>> blocks. Insecure as hell. Not to mention stream repeating...
>>>
>>
>>hmm.. how about changing the key generation a little.
>>
>>K(n) = MD5 ( K(n) + K(n-1) + K(n-2) + ... + K(1))
>>
>>that would add feedback. and solve the problms you've brought forward.
>
> That doesn't make sense. You would have to solve for K(n), which
> would be at least hard, probably impossible. If you take away K(n)
> on the right hand side, the attack above still works (given P1,C1).
>
> Second, the stream cipher would slow down as the MD5 step would
> have to process longer and longer strings.
>
> The right way to do this is to use MD5 as a pseudo-random function
> and use either counter mode, output feedback mode or ciphertext
> feedback mode. (You need to make sure that something the adversary
> _does not_ know is included in every application of MD5.)
>

Thank you for your suggestions.

Further R & D:

> Second, the stream cipher would slow down as the MD5 step would
> have to process longer and longer strings.

this is rectified below

-----------------------
K(0) = user entered key + salt (which is added plainly into the
encrypted file header)

K(1) = MD5(K(0))

C1 = K(1) XOR P1

for n = 2 onwards..

K(n) = MD5( K(n-1) + C(n-1)) <----------ciphertxt f/b
C(n) = K(n) XOR P(n)
-----------------------

Provided the attacker has ONE (Cn,Pn) pair.. n = 1 or n != 1 .. what are
the attacks possible.

Sincerely
.

Relevant Pages