boomerbubba
join:2001-06-15
Austin, TX | reply to jansson_mark
Re: [Poll] What's the best symmetric cipher?
A One Time Pad, generated by some proprietary PRNG method known only to the parties involved in the communication.
--
A good lock will keep an honest man out. |
|
jansson_mark
Markus Jansson
Premium
join:2001-08-05
Finland
| said by boomerbubba  :
A One Time Pad, generated by some proprietary PRNG method known only to the parties involved in the communication.
It might be very secure or it might be very insecure. I would not advice on using such method.
But our military messaging system (SanLa) uses encryption somewhat similiar than that. It uses symmetric cipher(s) and "matrix" to encrypt. First the message is encrypted using symmetric ciphers and then that mess is encrypted using "matrix" similiar to that you descibed here. Without knowing the exact nature of the "matrix", its a pain in the *** to try to break it, since the message is already a mess before its putted throught the "matrix", so in practice you cant know when you have managed to "break" the "matrix" so you could start trying to break the symmetric cipher(s).  Hehehehehee...
btw. did you know that the only cipher that "anti-Allieds" side used that wasnt broken during the WWII, was Finnish cipher? It was called "worm box" and was used until 1980:s.
--
My privacy related homepage & PGP keys:»www.markusjansson.net |
|
Steve
I'm a PC, so shut up
Consultant
join:2001-03-10
Yorba Linda, CA
| reply to boomerbubba
said by boomerbubba :
A One Time Pad, generated by some proprietary PRNG method known only to the parties involved in the communication.
If it uses pseudo-random number generator, it's not a one-time pad. Plenty of ciphers have been broken by cracking the PRNG. Only truly random (e.g., not calculated in software) inputs are allowed, such as something that measures radioactive decay.
Steve
--
Stephen J. Friedl • Security Consultant • Tustin, California USA • my web site |
|
boomerbubba
join:2001-06-15
Austin, TX
| reply to jansson_mark
said by jansson_mark :
said by boomerbubba :
A One Time Pad, generated by some proprietary PRNG method known only to the parties involved in the communication.
It might be very secure or it might be very insecure. I would not advice on using such method.
Markus, a couple of follow-up questions:
1) Is the security/insecurity of my suggestion purely a matter of the quality of the PRNG? Or is it that there is no such thing as an acceptable PRNG for these purposes?
2) If a good PRNG method does exist and is publicly known, what if the methodology is changed to: Use that PRNG, and the secret symmetric key is the the seed value?
I'm not being argumentative. Rather, I'm glad to have a forum where I can ask questions like this. (I would be driven out of sci.crypt as a hopeless newbie.)
--
A good lock will keep an honest man out. |
|
jansson_mark
Markus Jansson
Premium
join:2001-08-05
Finland
| said by boomerbubba :
1) Is the security/insecurity of my suggestion purely a matter of the quality of the PRNG? Or is it that there is no such thing as an acceptable PRNG for these purposes?
Well, the problem is that its still PRNG. It has to be. If it was RNG, then you couldnt agree upon it and you would have to change keys in beforehand (like true OTP). As it is PRNG, it can be cracked open. It is very, very hard to determine how secure PRNG is so its very hard to tell what kinda security it would give.
quote:
2) If a good PRNG method does exist and is publicly known, what if the methodology is changed to: Use that PRNG, and the secret symmetric key is the the seed value?
Still the same problem exists. Its PRNG. Something quite similiar to what you are saying is actually RC4 or C4 cipher used in SSL/TLS connections (https that is). It basicly a PRNG which output is XOR:ed to datastream.
Something related to this is Jaxor. Its encryption program that I have designed (it should be out...some time...).
»www.markusjansson.net/erecent.html#jaxor
"Basicly what we are talking here is using the one-way hash function to create pseudorandom keys which are then XOR:ed to datastream. The "master key" (passphrase) is salted using the just created ciphertext to make new keys. "
Its actually very secure cipher. The security of these kinda of ciphers relies on the security of the hash function, since the hash function is the source of PRNG data. If the hash function is good, then its practicly RNG. But not in theory. Very close to RNG but not RNG...
quote:
I'm not being argumentative. Rather, I'm glad to have a forum where I can ask questions like this. (I would be driven out of sci.crypt as a hopeless newbie.)
And Im glad that we can have this kinda discussion here! Im a bit tired to all these "help, Im under attack because someone hit my port 2222 with a packet" -discussion we see too often... 
--
My computer security & privacy related homepage
»www.markusjansson.net
[text was edited by author 2002-11-25 14:14:53] |
|
