Re: XOR as encryption - security considerations


"rossum" <rossum48@xxxxxxxxxxxx> wrote in message news:gao154lp0u7ejiqlef5vo1d98mqbkbl7h6@xxxxxxxxxx
On Wed, 11 Jun 2008 19:48:03 -0500, <Dan> wrote:


"Kristian Gjøsteen" <kristiag+news@xxxxxxxxxxxx> wrote in message
news:g2p1hq$p7m$2@xxxxxxxxxxxxxxxxxxxxxx
<Dan> wrote:
I'm still kinda new to this so please take it easy on me.

If you xor a large piece of text with the output of a prng, an adversary
with sufficient computing power can recover the text. That doesn't mean
that any real person can do it. This should be obvious.

If you xor two or more pieces of text with the same random string, a
real adversary can often recover a lot of both texts. Look up two-time
pad. This is not so obvious until you've studied it.

--
Kristian Gjøsteen

Thanks Kristian. I do see what you mean. I wish I would have studied this
a bit more. I have a feeling this is going to cost me.

To answer the pevious reply from rossum. The incentive to break the code
I posted... there is none. But if you are the first to break ten of
them... $5000.

Originally, I thought it would take months to break the ten codes I wrote.
Now I'm thinking days, maybe weeks. I guess Fred was right. Oh well,
$5000 to learn a valuable lesson, I can live with that. I'm going to have
to.

Thanks again,

Dan
You also need to tell us the exact algorithm you are using. The
attacker is always assumed to have access to the algorithm - not the
key, just the algorithm. We need to know what PRNG you are using and
how you are generating the seed for it. Reference Kerckhoffs'
Principle for why you need to do this.

rossum


More like rossum's principle...
I may be new, but I'm not that new.
Nice try.

If you join the challenge (I don't know if I can really call it that anymore),
good luck to you.

Dan

.

Relevant Pages

  • Re: XOR as encryption - security considerations
    ... If you xor a large piece of text with the output of a prng, ... with sufficient computing power can recover the text. ... You also need to tell us the exact algorithm you are using. ...
    (sci.crypt)
  • Re: XOR as encryption - security considerations
    ... If you xor a large piece of text with the output of a prng, ... with sufficient computing power can recover the text. ... You also need to tell us the exact algorithm you are using. ...
    (sci.crypt)
  • Re: XOR as encryption - security considerations
    ... If you xor a large piece of text with the output of a prng, ... with sufficient computing power can recover the text. ... You also need to tell us the exact algorithm you are using. ...
    (sci.crypt)
  • Re: XOR as encryption - security considerations
    ... with sufficient computing power can recover the text. ... If you xor two or more pieces of text with the same random string, ... To answer the pevious reply from rossum. ...
    (sci.crypt)
  • Re: Image Newbie Question
    ... and I'd like to be able to recover the names on the books. ... processing algorithm to try and recover the ... But it will amplify all the JPEG artefacts as well probably rendering it completely illegible. ...
    (sci.image.processing)
Quantcast