Re: a few questions about AES

<snip>
(1) "Complexity". Certainly, the strength of a cipher depends on the
algorithm that it uses. But some of these algorithms are amazingly
simple - you could write them down completely from memory. So, a
"simple" cipher might be very secure, and a "complex" cipher might be
trivially insecure. Rather than saying that the strength of a cipher
depends on the "complexity", I'd say that the strength depends on the
"algorithym (regardless of complexity)".

(2) "How many keys". Phil Carmody put this best. The # of keys
establishes an upper bound on the cipher strength. For exampe, if there
are only 2^10 keys, then, it is trivially easy to try each key in turn
(a brute force attack). So, few keys => a weak cipher. But the converse
is not necessarly true: many keys does /not/ necessarily => a strong
cipher.
<end snip>

the algorithm is very very simple, and i was referring to the complexity of
the key(s) used. the algorithm is a simple XOR stream cipher that
concatenates each key (each key is = the length of the userkey * 8. the
minimum size userkey is 8 bytes the maximum for the userkey is 64 bytes.).
this is why i have set a physical limit on the file size so that no keys are
repeated. the more permutation techniques AFAIK = more possible keys. the
lowerbound of possible keys is 3.43239^156 by my calculations, with an upper
bound of 1.0443^1233. keys use the whole ascii range.

<snip>
AFAIK, the only way to really establish the strength of a cipher, is to
have it crytanalyzed by a professional cryptographer. General
programming skills, are nowhere near enough for this. For example, I've
been a professional software developer for over 30 years; I've written
probably half a million lines of code in many different languages; I've
had an amateur interest in cryptography for several years; but I have
absolutely /no clue/ how to cryptanalyze a cipher to see if it is weak
or strong!
<end snip>

which is why i am asking in here, surely there is someone capable of
cryptoanalysing.


.

Relevant Pages

  • Re: a few questions about AES
    ... algorithm that it uses. ... trivially insecure. ... establishes an upper bound on the cipher strength. ... few keys => a weak cipher. ...
    (sci.crypt)
  • Re: a few questions about AES
    ... A cipher might have ... many keys there are. ... the strength of a cipher depends on the ... - a simple algorithm is not necessarily weak; ...
    (sci.crypt)
  • Re: Pseudorandom keystream ciphers
    ... cipher such as RC4 is wholly dependent on the pseudorandom ... My code is symmetrical but a truly hidden algorithm. ... I would have to overlay it with a real private key ... So now I am wondering if the original overlay ...
    (sci.crypt)
  • Re: =?windows-1252?Q?The_Renaissance_is_Here_=96_SD_cryptography=2E?=
    ... cipher in itself. ... alphabet later to create keys ad hoc, ... All modern cryptography depends on going public with the vitally ... Even RSA and other public-key algorithms do not ...
    (sci.crypt)
  • Re: cipher program
    ... > Both the program code and the cipher are, well, atrocious. ... > Determining that 16 bits of entropy is all the passphrase does. ... >> might be achieved with a more complex algorithm, ... > It's periodic XOR with a fixed period of 2^16 bytes. ...
    (sci.crypt)