Re: potential break or real break?

On 3 Feb, 02:35, rossum <rossu...@xxxxxxxxxxxx> wrote:
On 2 Feb 2007 08:17:22 -0800, j...@xxxxxxxx wrote:

At least i think this is true for let us say a 256 bit key and a 256
byte permutation like my simplistic cipher STREAMBUDDY, i don't think
it is a stream cipher it is a PNG based on "nonereversible/hard to
reverse" byte walks, creating two stream that is downmixed by XOR into
one stream, and then further obfuscated by XOR with and older round of
the combinatorial XOR shuffles.

If your key is 256 bits long, then your algorithm can only produce
2^256 different keystreams. If it produced more than 2^256 then the
algorithm would not be reversible and it would not work correctly as a
cypher.

That is correct each keystream can have more than a 2^256 block long
unique permutation string though. If you construct your cipher smart.

This allows an attacker to try every possible key, generating every
possible keystream and seeing what sort of plaintext results. A
simple statistical analysis of character frequencies will tell when an
interesting decryption is found. That is a brute force attack, and
every cypher with a fixed size key is vulnerable to it, no matter how
the keystream is generated.

Yes every cipher is vulnerable for a bruteforce attack except OTP, the
faster algorithm the more vulnerable. That is why it is a good idea to
consider building in a time factor in the key setup AKA make it
computable hard to generate the original keystream from the password.
I did so although my cipher is blazing fast the actual keystream
*initializing* generation will take a considerable time.

OTP is not vulnerable because the key (not the keystream) is as long
as the plaintext so a brute force attack just produces all possible
plaintexts with that length, from "aaa ... aaa" to "zzz ... zzz", with
no way for the attacker to tell which message is the correct one.

Yes that is how i also understood it.

rossum
Jonas

.