Simple ways to throw off frequency analysis?
in [Cryptography]
|
From: biject on 7 Jan 2010 19:46 On Jan 7, 4:47 pm, unruh <un...(a)wormhole.physics.ubc.ca> wrote: > On 2010-01-07, Dave -Turner <ad...(a)127.0.0.1> wrote: > > > Say I've encrypted a string with a monoalphabetic cipher (so I haven't used > > a polyalphabetic cipher to begin with nor do I want to at any stage) > > > What are some simple things I can do to throw off frequency analysis? > > Given your requirements, nothing. A monoalphabetic cypher means that > each letter in the source maps to a unique letter in the final. If there > are more E in the source there will be more C(E) in the final. > Now, you could do something like > O_i=C(O_(i-1) ^ M_i) > where M is the message, M_i is the ith letter, C is the substitution > cypher, and ^ is some invertible combination of the two letters (eg > addition mod (Number of letters in the alphabet), XOR,....) > > > > I have a simple program at my site that will XOR 2 files together if there lengths are different. take your encrypted message that is N bytes long Then get a random file M bytes long where M > N xor then together Your file A the random file B run XOR A B C this makes C the xor of A and B to get A back do XOR C B D or XOR B C D this does xor of C and B returning D which is the starting file A as long as A and B not the same file it works I have a version that works when they are the same I just have not posted it. The first XOR is at my site as xor.zip David A. Scott -- My Crypto code http://bijective.dogma.net/crypto/scott19u.zip http://www.jim.com/jamesd/Kong/scott19u.zip old version My Compression code http://bijective.dogma.net/ **TO EMAIL ME drop the roman "five" ** Disclaimer:I am in no way responsible for any of the statements made in the above text. For all I know I might be drugged. As a famous person once said "any cryptograhic system is only as strong as its weakest link"
From: Maaartin on 7 Jan 2010 21:42 On Jan 7, 11:41 pm, "Dave -Turner" <ad...(a)127.0.0.1> wrote: > Obviously i'm not after guaranteed security here, just simple ways to add a > decent level of frequency analysis protection with minimal code (the above > example is no doubt a poor one :) as the data being encrypted isn't of high > importance Even with unimportatnt data, if you want to minimize your effort, download some good free software (openssl, gpg, ...). Using something like y[i] = subst(x[i]) + i; where x denotes plaintext, y denotes ciphertext and all computation is done mod 256 (or you could use xor instead), should make the frequency analysis much harder - provided that the attacker doesn't know what you did. If they know, they can simply undo the addition. In fact, any operation done after the (last) use of the key or before its (first) use is pretty useless. Without undoing the addition, the single letter frequencies should be partly hidden, but looking at position 256 bytes apart helps here. I'd suppose the attacker needs much more ciphertext for the analysis. Using something like y[i] = subst(subst(x[i]) + i); should be much better, even in case of using the same substitution twice. Of course, there's still no security there. Using something like y[i] = subst(subst(x[i]) + x[i-1] + y[i-1]); could make it secure against frequency analysis or an attacker like me. But still no real security here. Note, that all I wrote may be wrong as I'm not an expert.
From: unruh on 7 Jan 2010 22:34 On 2010-01-08, biject <biject.bwts(a)gmail.com> wrote: > On Jan 7, 4:47?pm, unruh <un...(a)wormhole.physics.ubc.ca> wrote: >> On 2010-01-07, Dave -Turner <ad...(a)127.0.0.1> wrote: >> >> > Say I've encrypted a string with a monoalphabetic cipher (so I haven't used >> > a polyalphabetic cipher to begin with nor do I want to at any stage) >> >> > What are some simple things I can do to throw off frequency analysis? >> >> Given your requirements, nothing. A monoalphabetic cypher means that >> each letter in the source maps to a unique letter in the final. If there >> are more E in the source there will be more C(E) in the final. >> Now, you could do something like >> O_i=C(O_(i-1) ^ M_i) >> where M is the message, M_i is the ith letter, C is the substitution >> cypher, and ^ is some invertible combination of the two letters (eg >> addition mod (Number of letters in the alphabet), XOR,....) >> >> >> >> > > I have a simple program at my site that will XOR 2 files > together if there lengths are different. > > take your encrypted message that is N bytes long > Then get a random file M bytes long where M > N > xor then together That is NOT a monoalphabetic cypher. It is definitel a polyalphabetic cypher. Each different letter of the second file changes the mapping between letters of the cypher. And that second file becomes a key. If it is a random file and is used only once, it is a one time pad. If it is reused, then it will make the frequency analysys more difficult, but not impossible ( just xor the two together and you have gotten rid of the effects of that file, and can now use frequency analysis of the result. )
From: J.D. on 7 Jan 2010 22:53 On Jan 7, 5:35 pm, "Dave -Turner" <ad...(a)127.0.0.1> wrote: > Say I've encrypted a string with a monoalphabetic cipher (so I haven't used > a polyalphabetic cipher to begin with nor do I want to at any stage) > > What are some simple things I can do to throw off frequency analysis? http://en.wikipedia.org/wiki/Straddling_checkerboard
From: Mok-Kong Shen on 8 Jan 2010 03:45 Am 08.01.2010 04:53, schrieb J.D.: > On Jan 7, 5:35 pm, "Dave -Turner"<ad...(a)127.0.0.1> wrote: >> Say I've encrypted a string with a monoalphabetic cipher (so I haven't used >> a polyalphabetic cipher to begin with nor do I want to at any stage) >> >> What are some simple things I can do to throw off frequency analysis? > http://en.wikipedia.org/wiki/Straddling_checkerboard But this expands the volume of the plaintext. (There is no free lunch.) If, say, the alphabet is of size 32 and is coded with 5 bits, then some thing could be done on the bit level, but this is presumably not 'simple' in the sense of the original poster. M. K. Shen
First
|
Prev
|
Next
|
Last
Pages: 1 2 3 Prev: Finding PGP key with known cleartext Next: Quasi-True Random |