Re: AES 256 key and anti-key

On Apr 4, 8:55 am, Ertugrul Söylemez <e...@xxxxxxxx> wrote:
biject <biject.b...@xxxxxxxxx> wrote:
Now tell me, how would you ensure/prove an injective mapping from a
large key-space to an even much more larger permutation-space (where
even the cardinality is such a large number that you couldn't store
it)? How would you keep that mapping pseudo-random at the same
time?

I don't know how to tell if something like AES is designed in a way
that has it or not. I know that since scott19u can be run in a way
that it can produce every possible single cycle transform that It is
not hard to ensure no repeats. But its only for a 19bit sub-buffer.
For any actually file regardless of length not sure how many keys
would produce the same mappings for various files. I am not sure if
only allowing a single cycle is also bad for the way its used..

As far as I have understood from that, your cipher is a single, large
permutation cycle, and that cycle differs by the key. Don't you regard
that as a potential weakness?


it could be I am not sure how much of a weakness that would be I
have thought of making it randomly 1,2, or 4 cycles but that would
increase the key length.

Consider that 2^128 elements can be permuted in (2^128)! different ways,
whereas there are "only" (2^128 - 1)! single-cycle permutations. But
maybe I didn't understand your description right.


My code based on treating single file as a block but the heart of it
is the slection of any single cycle permutaion (2^19 - 1)! I know it
wouldbe ridiculus to try to design a 128 bit block cipher using my
method thekey would be to long for one thing.

What I was wondering does anyone know if there are duplicate keys
that work exactly the same in AES I realize if there is that its
mostly likely a small subset. But either it has duplicates or it
doesn't since its fully defined. I also realize if it does its most
likely a very very small subset.

Even if there were 2^255 redundant keys in AES-256, the cipher would
still have a strength of 255 bits, as long as this redundance is
uniformly distributed all over the key-space in some sense.

That isn't necessarily a contradiction, but really, how would you do
it? Do you see why I don't agree?

I think I am starting to see why you blieve an ideal cipher might
have there characteristics I don;t know how you know that AES has
this. unless there is a proof just for AES or if someone has actually
found two keys that map the same.

AES doesn't have this injectivity property, if you mean that. An AES
key is supposed to select a block permutation pseudo-randomly.


I think we are at an impass here. Just like I am at an impass with
Joe on the simple 2 bit key example.

May its over the defination of "pseudo randomly". AES is well
defined you run it on two different machines you get the same answer.
My question is are there at least two key that would map the set of
2^128 the same. Yes I see if it does it most likely would be
negligable. But either it has at least two keys with same mappings or
it doesn't. Is it possible nobody knows? In short don't just repeat
it selects a block permutaion pseido-randomly what makes you so sure
that at least two keys map all valuse of 128 bits the same. if code
not checking for match it doesn't mean that there are any matches.
Sorry maybe thread has gone on to long.


Regards,
Ertugrul.

--http://ertes.de/

David A. Scott
--
My Crypto code
http://bijective.dogma.net/crypto/scott19u.zip
http://www.jim.com/jamesd/Kong/scott19u.zip old version
My Compression code http://bijective.dogma.net/
**TO EMAIL ME drop the roman "five" **
Disclaimer:I am in no way responsible for any of the statements
made in the above text. For all I know I might be drugged.
As a famous person once said "any cryptograhic
system is only as strong as its weakest link"
.

Relevant Pages

  • Re: AES 256 key and anti-key
    ... I don't know how to tell if something like AES is designed in a way ... For any actually file regardless of length not sure how many keys ... only allowing a single cycle is also bad for the way its used.. ... key is supposed to select a block permutation pseudo-randomly. ...
    (sci.crypt)
  • Re: AES 256 key and anti-key
    ... So there are much more permutations than keys. ... permutation of that set. ... Fact is pseudo-random means its not a random permutation ... Are they single cycle or what is the cycle structure of the ...
    (sci.crypt)
  • Re: AES 256 key and anti-key
    ... So there are much more permutations than keys. ... neglible chance that two keys produce equivalent permutations. ... I think you meant to say if AES is any good at all there is only one ... permutation, then the probability that a two ...
    (sci.crypt)
  • Re: Brute Force bei WinZip (war: Brute Force - Geschwindigkeit)
    ... Du meinst jetzt ein RAR-Archiv mit AES? ... verwendete Hashfunktion aber nur 160 Bits. ... the resulting key space that can be as low as 160 bits. ... 256 bit AES keys are supported, users should be aware that these keys will not ...
    (de.comp.security.misc)
  • Re: Compression and crypto
    ... I stated that a one byte file could be easily decrypted using BICOM to ... random keys and eack time decrpt the one byte file using BICOM you will ... Well so far nobody has implemented QC for AES let alone BICOM so it's ... so that its it decrypts the 16 byte block. ...
    (sci.crypt)