From: adacrypt on
On Jul 18, 6:19 pm, Mok-Kong Shen <mok-kong.s...(a)t-online.de> wrote:
> adacrypt wrote:
> > Huge typo omission here,
>
> > I should have stated that N is in the range (X +127) and 2(X+32).
>
> > Then X works out to 63 (=>  N =190) and the number of N's (as keys)
> > works out to 14000 - 63.
>
> > The strength of this cipher is then in the decryption equation being
> > one equation in three unknowns - two of the unknowns are the random
> > keys (Key and N) in the equation - being random makes them totally
> > indeterminable to an adversary.
>
> Your formulation, also in the first post, is not clear for me. Anyway,
> if you want to exploit indeterminancy to enhance security, then simply
> xoring two pseudo-random strams R1 and R2 (assumed independent, both,
> say, of 32 bit units) will do the job:
>
>     C = R1 ^ R2 ^ P
>
> where P and C are the plaintext and ciphertext units. This is of course
> equivalent to:
>
>     R = R1 ^ R2      C = R ^ P
>
> So the xoring is properly to be considered to be internal to the
> single PRNG that generates R. One could however profitably do something
> more in the combination for achieving higer security, see my thread
> "A simple scheme of combining PRNGs" of 01.06.2010.
>
> M. K. Shen

Hi, There is much more to it than that - I am not sure really what you
mean because there is a suggestion of PRNGS in your methods which are
taboo to me - I don't use PRNGS ever.

The set of N's that can be paired with every possible pairing of Key
and Plaintext as moduli in the algorithm [(X +Key) + (X +Plaintext)]
(Mod N) = a residue (Mod N) >=0
are not found by any mathematical formula - they were found by
validating in a specially designed test program - the program is
called "Make_Moduli_Program_Mark_0" and is to be found in the download
that is available from my website (see link earlier) - the program can
be run just to satisfy a user's curiosity but once it is understood
the range of N's can be written down directly in future - a general
message length is decided first of all then the lower bound of N
becomes (X +127) and the upperbound is 2(X +32) where X is max
keylength +63. Why 63 - this is seen by experimenting - the general
idea is to understand how to write this down by direct inspection of
the scheme parameters - the theory behind it is related to the
Vigenere square being made mobile in the fourth quadrant of the XY
plane.

Test this as much as like. The set of N's as moduli are simply
consecutive positive integers in the given range above. Are these
transparent you may well ask - naw its a random set that is scrambled
and sliced. Secondary alphabets (as an alternative to the ASCII
printable subset) are quite feasible also - once you think the whole
thing through it is esay to see how the crypto strength is assured.

This is quite difficult and certainly not something you can think
through in a few seconds - the set of validated moduli could be said
to be a sequence of integers that have a rule in modular arithmetic
residue classes - cheers - adacrypt
From: David Eather on
On 19/07/2010 5:44 AM, adacrypt wrote:
> On Jul 18, 6:19 pm, Mok-Kong Shen<mok-kong.s...(a)t-online.de> wrote:
>> adacrypt wrote:
>>> Huge typo omission here,
>>
>>> I should have stated that N is in the range (X +127) and 2(X+32).
>>
>>> Then X works out to 63 (=> N =190) and the number of N's (as keys)
>>> works out to 14000 - 63.
>>
>>> The strength of this cipher is then in the decryption equation being
>>> one equation in three unknowns - two of the unknowns are the random
>>> keys (Key and N) in the equation - being random makes them totally
>>> indeterminable to an adversary.
>>
>> Your formulation, also in the first post, is not clear for me. Anyway,
>> if you want to exploit indeterminancy to enhance security, then simply
>> xoring two pseudo-random strams R1 and R2 (assumed independent, both,
>> say, of 32 bit units) will do the job:
>>
>> C = R1 ^ R2 ^ P
>>
>> where P and C are the plaintext and ciphertext units. This is of course
>> equivalent to:
>>
>> R = R1 ^ R2 C = R ^ P
>>
>> So the xoring is properly to be considered to be internal to the
>> single PRNG that generates R. One could however profitably do something
>> more in the combination for achieving higer security, see my thread
>> "A simple scheme of combining PRNGs" of 01.06.2010.
>>
>> M. K. Shen
>
> Hi, There is much more to it than that - I am not sure really what you
> mean because there is a suggestion of PRNGS in your methods which are
> taboo to me - I don't use PRNGS ever.
>

Yes you do. You just don't understand that you do. You have some shared
secret data. When you send a message than that shared data the process
to create more "key pad" to protect the message *is* a PRNG. FULL STOP.
PERIOD.
From: unruh on
On 2010-07-19, David Eather <eather(a)tpg.com.au> wrote:
> On 19/07/2010 5:44 AM, adacrypt wrote:
>> On Jul 18, 6:19 pm, Mok-Kong Shen<mok-kong.s...(a)t-online.de> wrote:
>>> adacrypt wrote:
>>>> Huge typo omission here,
>>>
>>>> I should have stated that N is in the range (X +127) and 2(X+32).
>>>
>>>> Then X works out to 63 (=> N =190) and the number of N's (as keys)
>>>> works out to 14000 - 63.
>>>
>>>> The strength of this cipher is then in the decryption equation being
>>>> one equation in three unknowns - two of the unknowns are the random
>>>> keys (Key and N) in the equation - being random makes them totally
>>>> indeterminable to an adversary.
>>>
>>> Your formulation, also in the first post, is not clear for me. Anyway,
>>> if you want to exploit indeterminancy to enhance security, then simply
>>> xoring two pseudo-random strams R1 and R2 (assumed independent, both,
>>> say, of 32 bit units) will do the job:
>>>
>>> C = R1 ^ R2 ^ P
>>>
>>> where P and C are the plaintext and ciphertext units. This is of course
>>> equivalent to:
>>>
>>> R = R1 ^ R2 C = R ^ P
>>>
>>> So the xoring is properly to be considered to be internal to the
>>> single PRNG that generates R. One could however profitably do something
>>> more in the combination for achieving higer security, see my thread
>>> "A simple scheme of combining PRNGs" of 01.06.2010.
>>>
>>> M. K. Shen
>>
>> Hi, There is much more to it than that - I am not sure really what you
>> mean because there is a suggestion of PRNGS in your methods which are
>> taboo to me - I don't use PRNGS ever.
>>
>
> Yes you do. You just don't understand that you do. You have some shared
> secret data. When you send a message than that shared data the process
> to create more "key pad" to protect the message *is* a PRNG. FULL STOP.
> PERIOD.

Not if he makes no attempt to make sure that the successive bytes are
uncorrelated with earlier ones. Eg if he just keeps reusing the same key
material.

From: David Eather on
On 19/07/2010 3:20 PM, unruh wrote:
> On 2010-07-19, David Eather<eather(a)tpg.com.au> wrote:
>> On 19/07/2010 5:44 AM, adacrypt wrote:
>>> On Jul 18, 6:19 pm, Mok-Kong Shen<mok-kong.s...(a)t-online.de> wrote:
>>>> adacrypt wrote:
>>>>> Huge typo omission here,
>>>>
>>>>> I should have stated that N is in the range (X +127) and 2(X+32).
>>>>
>>>>> Then X works out to 63 (=> N =190) and the number of N's (as keys)
>>>>> works out to 14000 - 63.
>>>>
>>>>> The strength of this cipher is then in the decryption equation being
>>>>> one equation in three unknowns - two of the unknowns are the random
>>>>> keys (Key and N) in the equation - being random makes them totally
>>>>> indeterminable to an adversary.
>>>>
>>>> Your formulation, also in the first post, is not clear for me. Anyway,
>>>> if you want to exploit indeterminancy to enhance security, then simply
>>>> xoring two pseudo-random strams R1 and R2 (assumed independent, both,
>>>> say, of 32 bit units) will do the job:
>>>>
>>>> C = R1 ^ R2 ^ P
>>>>
>>>> where P and C are the plaintext and ciphertext units. This is of course
>>>> equivalent to:
>>>>
>>>> R = R1 ^ R2 C = R ^ P
>>>>
>>>> So the xoring is properly to be considered to be internal to the
>>>> single PRNG that generates R. One could however profitably do something
>>>> more in the combination for achieving higer security, see my thread
>>>> "A simple scheme of combining PRNGs" of 01.06.2010.
>>>>
>>>> M. K. Shen
>>>
>>> Hi, There is much more to it than that - I am not sure really what you
>>> mean because there is a suggestion of PRNGS in your methods which are
>>> taboo to me - I don't use PRNGS ever.
>>>
>>
>> Yes you do. You just don't understand that you do. You have some shared
>> secret data. When you send a message than that shared data the process
>> to create more "key pad" to protect the message *is* a PRNG. FULL STOP.
>> PERIOD.
>
> Not if he makes no attempt to make sure that the successive bytes are
> uncorrelated with earlier ones. Eg if he just keeps reusing the same key
> material.
>

Oh come on Bill! He's not *that* stupid. Is he?? ;-)
From: Mok-Kong Shen on
adacrypt wrote:
> Mok-Kong Shen wrote:
>> Your formulation, also in the first post, is not clear for me. Anyway,
[snip]

> Hi, There is much more to it than that - I am not sure really what you
> mean because there is a suggestion of PRNGS in your methods which are
> taboo to me - I don't use PRNGS ever.
>
> The set of N's that can be paired with every possible pairing of Key
> and Plaintext as moduli in the algorithm [(X +Key) + (X +Plaintext)]
> (Mod N) = a residue (Mod N)>=0
> are not found by any mathematical formula - they were found by
> validating in a specially designed test program -[snip]

Your X and Key are two secret values that are randomly or pseudo-
randomly determined, right? So, I was using the practically more often
situation of employing PRNGs to get random values to illustrate my
point. So, independent of how you obtain these values, what is exactly
you point then? Is it 'somewhat' (because I am yet unclear of your
formulation) like that there are for the analyst two unknowns, namely
X and Key, but only one equation and that therefore there is
indeterminancy, which renders his work hard/infeasible? If that's the
case, then please re-read my previous post and compare your point with
what I described and tell if there is fundamental difference regarding
the issue of difficulty for the analyst. If not, please explain what
is 'special' of your point more clearly and use 'concrete' numbers to
illustrate one case of encryption and decryption according to your
scheme.

M. K. Shen