Re: THE SIMPLIEST SAFE CIPHER



On Dec 1, 4:53 am, "Joseph Ashwood" <ashw...@xxxxxxx> wrote:
"biject" <biject.b...@xxxxxxxxx> wrote in message

news:8ead2ba7-b24e-4f3e-be3f-6db3c1936100@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

 I don't see why you can't grasp the fact there is avalanche
basically each round is the result of an XOR that contains
roughly half zeros and half ones.

And thus you prove that you have no idea what avalanche effect is. Since you
cannot understand this, there is no point in continuing.

To summarize for those that haven't been keeping track:
The proposed "cipher" is not a cipher, it is a protocol
The proposed protocol is not secure, it has huge problems with lack of
Avalanche Effect
While not addressed previously, the XOR of the same key to every round makes
for easy pickings with Slide Attacks

I am will aware of the Slide Attack. At one time your
friend Wagner thought scott19u was vulnerable to the
slide attack. He later admitted after Horst tried to
break it that he never actually looked at it. In fact it
was not vulnerable to the attack. But why should facts
concern you.

Just like your stating the XOR of the same key to every
round. That's not what its about. In fact I suggested taking
a fixes length block for the message where each round consists
of two passes one the XOR pass which is made from the easy
to get expansion of PI. Its not repeating each round
continues with where the expansion left off. But I suspect
you found it not weak so you're pretending you don't
understand this. After each XOR with a different part of
the PI expansion you then do either a special binary
bijective BWTS or UNBWTS depending on if the key bit
is one or zero. You have as many pairs of rounds as
you have bits in the key.

Sorry if that's to hard for you to understand. I think
if I were you I would be embarrassed to reply too.
Look I admit my writting skills suck but by this timr you
should be able to follow what te cipher does.

The protocol appears to be extremely weak against differentials, but the
Slide and Avalanche problems are worse

Incidently, every time David Scott's algorithms are actually read, they seem
to be vulnerable to slide attacks.

Actually the only weak cipher I remember was scott16
at which time I only felt ciphertext only attacks were
valid. Paul Onions showed how a plaintext attack could
break out. So after reading more about cryto I decided
to play that part of the game.
I designed scott19u. Some where along the line Wagner
stated the slide attack defeated it. Well once someone
actaully tried to break and it felled Wagner fainlly
admitted that he never looked at the code it was to
complex or something like that. But the myth that it
fails to that is alive and well in you mind. So your
quick to jump on this and act all elite. But you have
no clue as to what your saying.
Its possible since its so simple that if an attack
exists a Paul Onions kind of guy could break it. But
I dought you have such skill or understanding to break
something like this. Even though its the simpiest safe
cipher I could think of.

Here is one place where Wagner admits its. I don't
dislike Wagner as much as I use to but its seems fools
keep repeating this slide attack thing since once Wagner
pronounced it weak to the attack. People have never
given it an honest look ant they keep repeating his
original comments.

http://groups.google.com/group/sci.crypt/msg/a31f8ce3a4ed2f6b

will not be bothering to reply further.
                Joe

Good let the people check it out for them selves.
And I'm sure Wagner can thank you for bringing up the
slide attack thing again.

David A. Scott
--
My Crypto code
http://bijective.dogma.net/crypto/scott19u.zip
http://www.jim.com/jamesd/Kong/scott19u.zip old version
My Compression code http://bijective.dogma.net/
**TO EMAIL ME drop the roman "five" **
Disclaimer:I am in no way responsible for any of the statements
made in the above text. For all I know I might be drugged.
As a famous person once said "any cryptograhic
system is only as strong as its weakest link"
.



Relevant Pages

  • Re: Simple block cypher for 8-bit microcontrollers
    ... Even an algorithm as simple as skipjack can be larger than this one. ... I've read the slide attack description yet again and still don't see ... The slide attack only works if there is a known plaintext attack on ... one round of the algorithm. ...
    (sci.crypt)
  • Re: Re-rolled Salsa20 function
    ... There is no slide attack on the Salsa20 cipher. ... state words than attacker-controlled inputs. ... A round counter is one way to introduce a state word that the attacker ... round counter as a missed opportunity, ...
    (sci.crypt)
  • Re: Re-rolled Salsa20 function
    ... simply inserting the round number (a la Skipjack) may be ... enough to fix the slide attack: ...
    (sci.crypt)