If your cipher were secure, this image wouldn't have obvious repeating patterns

栏目: IT技术 · 发布时间: 5年前

内容简介:Return-Path: <bascule@gmail.com>X-Original-To: cfrg@ietfa.amsl.com

Re: [Cfrg] Crystalline Cipher

Tony Arcieri <bascule@gmail.com> Thu, 21 May 2015 00:35 UTC

Return-Path: <bascule@gmail.com>

X-Original-To: cfrg@ietfa.amsl.com

Delivered-To: cfrg@ietfa.amsl.com

Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 08E281ACDBE for <cfrg@ietfa.amsl.com>; Wed, 20 May 2015 17:35:08 -0700 (PDT)

X-Virus-Scanned: amavisd-new at amsl.com

X-Spam-Flag: NO

X-Spam-Score: 0.701

X-Spam-Level:

X-Spam-Status: No, score=0.701 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham

Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sBiX-sWbvNj9 for <cfrg@ietfa.amsl.com>; Wed, 20 May 2015 17:35:06 -0700 (PDT)

Received: from mail-oi0-x230.google.com (mail-oi0-x230.google.com [IPv6:2607:f8b0:4003:c06::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 100661ACD9F for <cfrg@irtf.org>; Wed, 20 May 2015 17:35:06 -0700 (PDT)

Received: by oihd6 with SMTP id d6so5956625oih.2 for <cfrg@irtf.org>; Wed, 20 May 2015 17:35:05 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=O6yxKOU07OOWiPzdCOGaC7uycYkW2KXHqU9CkGFXwIo=; b=Gsg0jCxv25RaqFGCtYp3DVWcHHtVCOQe8H1K8IV8SCdI4U2hPc2WsuS1irRqFi7V4J WZ6EgTj5IKmCvY4qEsbAjD4WuQEcR7uz8sgckg7pO5grAHeL8NHIAEhAhMkRtFGTY7CH foy8VSLoMlx317gH0Z7FcpbezlTDwK184cROzjFi6vemB+7Azm8FbvJfqPR+5PgucybQ O8yyFeIPoY4olNtjGp12Qdw5IL+FVOU6gqAmsQZjE5U560QQ2PvSGDnSFDFG75HpHmz1 dPFGN7WItGobHrEYXjREByxHJmMIJGOHLEUIxggLBYwmDsOmiLjwixxMd4Pjt+KGYQsj CAPA==

X-Received: by 10.182.84.230 with SMTP id c6mr55188obz.84.1432168505569; Wed, 20 May 2015 17:35:05 -0700 (PDT)

MIME-Version: 1.0

Received: by 10.76.25.198 with HTTP; Wed, 20 May 2015 17:34:45 -0700 (PDT)

In-Reply-To: <55433468cb391822b334aa3363962202@mail.eclipso.de>

References: <78c28854a0cbb9ab7930141285059c6c@mail.eclipso.de> <2F4CC1DD-32CE-4D0A-B8F6-7BCEAD39F931@shiftleft.org> <55433468cb391822b334aa3363962202@mail.eclipso.de>

From: Tony Arcieri <bascule@gmail.com>

Date: Wed, 20 May 2015 17:34:45 -0700

Message-ID: <CAHOTMVJa64otGeoRYrQVRTwt53_0Dpa_s8Hgg5PVMLo8eWeXLg@mail.gmail.com>

To: Mark McCarron <mark.mccarron@eclipso.eu>

Content-Type: multipart/alternative; boundary=089e0111bdf408775905168cb7a8

Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/e-jEGddvSbManBMppC8XAc5i8GY>

Cc: "cfrg@irtf.org" <cfrg@irtf.org>

Subject: Re: [Cfrg] Crystalline Cipher

X-BeenThere: cfrg@irtf.org

X-Mailman-Version: 2.1.15

Precedence: list

List-Id: Crypto Forum Research Group <cfrg.irtf.org>

List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>

List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>

List-Post: <mailto:cfrg@irtf.org>

List-Help: <mailto:cfrg-request@irtf.org?subject=help>

List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>

X-List-Received-Date: Thu, 21 May 2015 00:35:08 -0000

On Wed, May 20, 2015 at 3:59 PM, Mark McCarron <a href="mailto:<mark.mccarron@eclipso.eu>"><mark.mccarron@eclipso.eu></a>
wrote:

> I'm somewhat disappointed in your reply, as I presumed that someone with a
> stated interest in ciphers would be eager to investigate anything new to
> pop up that didn't have obvious holes in it.


Hi Mark,

I did investigate your scheme, and I'm afraid to say it's obviously broken.
It appears to be an implementation of a Knuth Shuffle with a few added
bells and whistles.

This image, which I believe you produced, shows repeated patterns in the
ciphertext:

<a href="https://i.imgur.com/MWmMc0J.png" rel="nofollow">https://i.imgur.com/MWmMc0J.png</a>

Likewise, there are severe failures on Chi Squared tests:

<a href="http://www.freecx.co.uk/cryptanalysis/Crystalline/" rel="nofollow">http://www.freecx.co.uk/cryptanalysis/Crystalline/</a>

Specifically:

<a href="http://www.freecx.co.uk/cryptanalysis/Crystalline/bias-result_(1)_10MB.txt" rel="nofollow">http://www.freecx.co.uk/cryptanalysis/Crystalline/bias-result_(1)_10MB.txt</a>

Overall Chi Squared value is 7474.808 (threshold 18.4753)
Overall likely non-uniform (>99%)

<a href="http://www.freecx.co.uk/cryptanalysis/Crystalline/bias-result_(2)_10MB.txt" rel="nofollow">http://www.freecx.co.uk/cryptanalysis/Crystalline/bias-result_(2)_10MB.txt</a>

Overall Chi Squared value is 13485.34 (threshold 30.5779)
Overall likely non-uniform (>99%)

<a href="http://www.freecx.co.uk/cryptanalysis/Crystalline/bias-result_(4)_10MB.txt" rel="nofollow">http://www.freecx.co.uk/cryptanalysis/Crystalline/bias-result_(4)_10MB.txt</a>

Overall Chi Squared value is 20607.94 (threshold 52.1914)
Overall likely non-uniform (>99%)

<a href="http://www.freecx.co.uk/cryptanalysis/Crystalline/bias-result_(8)_10MB.txt" rel="nofollow">http://www.freecx.co.uk/cryptanalysis/Crystalline/bias-result_(8)_10MB.txt</a>

Overall Chi Squared value is 45699.52 (threshold 91.81917)
Overall likely non-uniform (>99%)

I think the biggest problem though is all of this has already been pointed
out to you repeatedly in other forums and you completely refuse to
acknowledge that your cipher fails to meet the absolute most minimum
criteria for a secure cipher.

If your cipher were secure, this image would not contain obvious repeating
patterns:

<a href="https://i.imgur.com/MWmMc0J.png" rel="nofollow">https://i.imgur.com/MWmMc0J.png</a>

If your cipher were secure, it would pass all randomness tests.

There are many more requirements for a secure cipher, but your cipher fails
to meet the baseline requirements.

-- 
Tony Arcieri

以上就是本文的全部内容,希望本文的内容对大家的学习或者工作能带来一定的帮助,也希望大家多多支持 码农网

查看所有标签

猜你喜欢:

本站部分资源来源于网络,本站转载出于传递更多信息之目的,版权归原作者或者来源机构所有,如转载稿涉及版权问题,请联系我们

Learn Python 3 the Hard Way

Learn Python 3 the Hard Way

Zed A. Shaw / Addison / 2017-7-7 / USD 30.74

You Will Learn Python 3! Zed Shaw has perfected the world’s best system for learning Python 3. Follow it and you will succeed—just like the millions of beginners Zed has taught to date! You bring t......一起来看看 《Learn Python 3 the Hard Way》 这本书的介绍吧!

JSON 在线解析
JSON 在线解析

在线 JSON 格式化工具

RGB转16进制工具
RGB转16进制工具

RGB HEX 互转工具

RGB HSV 转换
RGB HSV 转换

RGB HSV 互转工具