Prev: PE Scrambler
Next: Steganography Software
From: Mok-Kong Shen on 25 Apr 2010 10:58 In my humble view, indirectness and variability are principles/features that are to be strived at in encryption processing. Let's consider the case of employment of a (not too poor) PRNG. If one uses its outputs "directly" to xor the plaintext, then there is the well known risk of prediction in the scenario of known-plaintext attack. On the other hand, if one uses its outputs to pseudo-randomly select segments (the selection may be done dynamically also) from n publically known (readily available or computable) sequences, e.g. mathematical constants or published natural language texts, and combine these with xor or better with some nonlinear operations on the computer word level, then it is intuitively clear that the difficulty of analysis of the resulting stream would very quickly (super-exponentially I would think) increase with the value of n. I suppose that this is in fact entirely trivially evident but wonders why one doesn't see its practical relevance being explicitly mentioned in the crypto literatures (or did I miss the right references?). Thanks. M. K. Shen
From: WTShaw on 25 Apr 2010 13:32 On Apr 25, 9:58 am, Mok-Kong Shen <mok-kong.s...(a)t-online.de> wrote: > In my humble view, indirectness and variability are principles/features > that are to be strived at in encryption processing. Let's consider the > case of employment of a (not too poor) PRNG. If one uses its outputs > "directly" to xor the plaintext, then there is the well known risk of > prediction in the scenario of known-plaintext attack. On the other > hand, if one uses its outputs to pseudo-randomly select segments (the > selection may be done dynamically also) from n publically known > (readily available or computable) sequences, e.g. mathematical > constants or published natural language texts, and combine these with > xor or better with some nonlinear operations on the computer word > level, then it is intuitively clear that the difficulty of analysis of > the resulting stream would very quickly (super-exponentially I would > think) increase with the value of n. I suppose that this is in fact > entirely trivially evident but wonders why one doesn't see its > practical relevance being explicitly mentioned in the crypto > literatures (or did I miss the right references?). > > Thanks. > > M. K. Shen The agendas of many are rather mercenary, not scientific.
From: Mok-Kong Shen on 25 Apr 2010 14:10 WTShaw wrote: > The agendas of many are rather mercenary, not scientific. Sorry that my non-native English is not good enough to properly interpret your sentence in the present context. Could you kindly elaborate it? (The gist of my post was that I fail to find anything in the said direction 'at all'. I personally have no doubt of the seriousness of authors of the majority of textbooks or published papers.) Thanks, M. K. Shen
From: Maaartin on 25 Apr 2010 16:49 On Apr 25, 8:10 pm, Mok-Kong Shen <mok-kong.s...(a)t-online.de> wrote: > WTShaw wrote: > > The agendas of many are rather mercenary, not scientific. > > Sorry that my non-native English is not good enough to properly > interpret your sentence in the present context. In the meantime you should already know: NOBODY's English is good enough. Single words have meaning, sometimes even whole sentences, but it nearly never related either to cryptography or to what speaks about. I seams like you're trying to communicate to a program like emacs doctor. > Could you kindly > elaborate it? (The gist of my post was that I fail to find > anything in the said direction 'at all'. I personally have no > doubt of the seriousness of authors of the majority of textbooks > or published papers.) IMHO, the indirection doesn't get used much, see e.g., http://www.ciphersbyritter.com/GLOSSARY.HTM#DynamicSubstitutionCombiner Any key or data dependent memory access can make the thing (cipher, prng, ...) vulnerable to timing attacks because of cache misses. This was not quite clear in the times of the AES contest. Currently most people sticks with the simplest operations like XOR, ADD, AND, and fixed-distance rotations.
|
Pages: 1 Prev: PE Scrambler Next: Steganography Software |