# Finding out how secure a cipher is

Is there a good source for information about deciding how secure a
cipher is?

I was looking at Solitaire and I came up with a simpler variation I
thought would be fairly secure, so I wrote a program to generate a
random key and use my method encipher 10 lines of known plaintext,
plus pick an equal amount of unknown text out of the middle of an e-
text novel from Gutenberg and print out the ciphertext for both.

From the known plaintext sample I was able in about an hour to
reconstruct the unknown key by hand and decipher the unknown text, so
my "brilliant" idea turned out to be garbage. http://fiziwig.com/crypto/halfdeck.html

So I am now looking at using the same method, but double enciphering
the plaintext with two different keys, which destroys all the patterns
I used to crack the single-enciphered version. So far I have not been
able to make any headway on cracking the double-enciphered version,
but that doesn't mean it's secure! It's probably crap too, but it
would be interesting to know how to prove that it's crap.

Are there educational resources I can consult to learn how to decide
if a given method of enciphering is strong or weak? As for level, I
have an MS in comp sci with some graduate level math and number
theory, but no formal training in crypto beyond being able to solve
the usual Aristocrats, transpositions, Vigeneres, Quagmires and
similar amateur pass-time sort of cryptograms.

BTW: I'm retired and this is just for fun, and for self-education.

thanks.

--gary
.

## Relevant Pages

• Re: Finding out how secure a cipher is
... From the known plaintext sample I was able in about an hour to ... reconstruct the unknown key by hand and decipher the unknown text, ... but that doesn't mean it's secure! ... A cipher is more secure if it is practical and ...
(sci.crypt)
• A secure hand cipher?
... I have been looking for a way to make a secure hand cipher similar to the ... The "encryption device" is a standard set of scrabble tiles with one ... Text1: From Sherlock Holms ...
(sci.crypt)
• Re: QC-proof cipher?
... to conventional computation techniques, let alone quantum computing. ... one "secure" symmetric cipher too, ... One thing I wonder is people always say this about OTP but what ... is the difference between OTP and a NULL cipher. ...
(sci.crypt)
• Re: triple algorithms
... matching of algorithms I would advise you don't do this. ... AES is secure insofar as nobody has yet found a viable attack for it. ... creating a new cipher out of a collection of others. ... security depends only on the single assumption that factoring is hard. ...
(sci.crypt)
• Re: An idea for a csprng with integers.
... Anyone who spends time evaluating your cipher gives up their spare time and resources for you. ... Many of the people who populate sci.crypt are professors, doctors, university lecturers and other cryptography professionals. ... If the method your cryptography uses must stay secret to remain secure then it is weak cryptography. ... It is not their fault that you did not know or did not think about the attack they describe. ...
(sci.crypt)