Re: Enig4
- From: "Joseph Ashwood" <ashwood@xxxxxxx>
- Date: Mon, 30 Jan 2006 03:27:42 GMT
"crypticator" <crypticator@xxxxxxxxx> wrote in message
news:1138548962.343179.282310@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> Hi there ...
>
> here is a link to an encryption (sources and binairies ) program I'
> devised ...
> take it as my new year present to you ...
>
> http://www.ccc.ma/sw/enig4/
It is far better to provide an algorithm than an implementation. By far
better I mean, 99% of the time nobody will look at an implementation.
With that said, since the code is fairly self-obvious, I'm feeling generous:
I'm only going to deal with key generation and encryption, decryption should
be completely obvious from there
Keys are of a non-obvious type, they are {CTE = permutations of 0...16, CN =
64-bits}, this may make things difficult for actual use.
Encryption, this is an 8-bit feedback stream cipher I'll treat it as such.
For anyone attempting to follow along encryption begins at line 103
The biggest initial problem I see is that a chosen plaintext very quickly
spits out all the key material, and making correlations between them appears
to be easily possible within 16 bytes. Extrapolating this, assuming the
input is unknown ASCII text it should be possible to recover the entire
initial state within 64KBytes, with known plaintext I suspect the attack can
be easily reduced to 1KB. Once the entire state is known it is easily
possible to run the process backwards, as demonstrated by the decryptor.
I'd say that where the process falls apart is when you start splitting up
the byte for processing. In doing so you end up revealing more about your
state than I think you realized. My first suggestion is to have a look at
RC4, a lot of your ideas are very similar. It will show you some very
important design flaws, and should prove interesting for your situation on
how to begin to make it secure.
Also since you seem to be interested in feedback stream ciphers, I'd suggest
looking at how CCM and GSM both work, along with CBC and OFB. In particular
the proofs of security around them should be quite enlightening as to how to
do things securely.
It's not bad for a first public attempt. I think my personal first public
attempt lasted the couple of hours it took someone to make sense of what I
wrote. I do like though that you are experimenting in an area that is little
researched in the public arena, and I would like to see something very
interesting come of it. To that end I suggest you have a look at the Wide
Trail Strategy (Daemon and Rijmen both do a lot of work in this area) I
think adopting the techniques will make the path substantially easier for
you, especially if you examine the successes and failure of Panama.
Joe
.
- Follow-Ups:
- Re: Enig4
- From: crypticator
- Re: Enig4
- References:
- Enig4
- From: crypticator
- Enig4
- Prev by Date: Re: *** surviving my new CANCEL attack***
- Next by Date: Re: *** surviving my new CANCEL attack***
- Previous by thread: Enig4
- Next by thread: Re: Enig4
- Index(es):
Relevant Pages
|
|
