If your cipher were secure, this image wouldn't have obvious repeating patterns

栏目: IT技术 · 发布时间: 4年前

内容简介:Return-Path: <bascule@gmail.com>X-Original-To: cfrg@ietfa.amsl.com

Re: [Cfrg] Crystalline Cipher

Tony Arcieri <bascule@gmail.com> Thu, 21 May 2015 00:35 UTC

Return-Path: <bascule@gmail.com>

X-Original-To: cfrg@ietfa.amsl.com

Delivered-To: cfrg@ietfa.amsl.com

Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 08E281ACDBE for <cfrg@ietfa.amsl.com>; Wed, 20 May 2015 17:35:08 -0700 (PDT)

X-Virus-Scanned: amavisd-new at amsl.com

X-Spam-Flag: NO

X-Spam-Score: 0.701

X-Spam-Level:

X-Spam-Status: No, score=0.701 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham

Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sBiX-sWbvNj9 for <cfrg@ietfa.amsl.com>; Wed, 20 May 2015 17:35:06 -0700 (PDT)

Received: from mail-oi0-x230.google.com (mail-oi0-x230.google.com [IPv6:2607:f8b0:4003:c06::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 100661ACD9F for <cfrg@irtf.org>; Wed, 20 May 2015 17:35:06 -0700 (PDT)

Received: by oihd6 with SMTP id d6so5956625oih.2 for <cfrg@irtf.org>; Wed, 20 May 2015 17:35:05 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=O6yxKOU07OOWiPzdCOGaC7uycYkW2KXHqU9CkGFXwIo=; b=Gsg0jCxv25RaqFGCtYp3DVWcHHtVCOQe8H1K8IV8SCdI4U2hPc2WsuS1irRqFi7V4J WZ6EgTj5IKmCvY4qEsbAjD4WuQEcR7uz8sgckg7pO5grAHeL8NHIAEhAhMkRtFGTY7CH foy8VSLoMlx317gH0Z7FcpbezlTDwK184cROzjFi6vemB+7Azm8FbvJfqPR+5PgucybQ O8yyFeIPoY4olNtjGp12Qdw5IL+FVOU6gqAmsQZjE5U560QQ2PvSGDnSFDFG75HpHmz1 dPFGN7WItGobHrEYXjREByxHJmMIJGOHLEUIxggLBYwmDsOmiLjwixxMd4Pjt+KGYQsj CAPA==

X-Received: by 10.182.84.230 with SMTP id c6mr55188obz.84.1432168505569; Wed, 20 May 2015 17:35:05 -0700 (PDT)

MIME-Version: 1.0

Received: by 10.76.25.198 with HTTP; Wed, 20 May 2015 17:34:45 -0700 (PDT)

In-Reply-To: <55433468cb391822b334aa3363962202@mail.eclipso.de>

References: <78c28854a0cbb9ab7930141285059c6c@mail.eclipso.de> <2F4CC1DD-32CE-4D0A-B8F6-7BCEAD39F931@shiftleft.org> <55433468cb391822b334aa3363962202@mail.eclipso.de>

From: Tony Arcieri <bascule@gmail.com>

Date: Wed, 20 May 2015 17:34:45 -0700

Message-ID: <CAHOTMVJa64otGeoRYrQVRTwt53_0Dpa_s8Hgg5PVMLo8eWeXLg@mail.gmail.com>

To: Mark McCarron <mark.mccarron@eclipso.eu>

Content-Type: multipart/alternative; boundary=089e0111bdf408775905168cb7a8

Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/e-jEGddvSbManBMppC8XAc5i8GY>

Cc: "cfrg@irtf.org" <cfrg@irtf.org>

Subject: Re: [Cfrg] Crystalline Cipher

X-BeenThere: cfrg@irtf.org

X-Mailman-Version: 2.1.15

Precedence: list

List-Id: Crypto Forum Research Group <cfrg.irtf.org>

List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>

List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>

List-Post: <mailto:cfrg@irtf.org>

List-Help: <mailto:cfrg-request@irtf.org?subject=help>

List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>

X-List-Received-Date: Thu, 21 May 2015 00:35:08 -0000

On Wed, May 20, 2015 at 3:59 PM, Mark McCarron <a href="mailto:<mark.mccarron@eclipso.eu>"><mark.mccarron@eclipso.eu></a>
wrote:

> I'm somewhat disappointed in your reply, as I presumed that someone with a
> stated interest in ciphers would be eager to investigate anything new to
> pop up that didn't have obvious holes in it.


Hi Mark,

I did investigate your scheme, and I'm afraid to say it's obviously broken.
It appears to be an implementation of a Knuth Shuffle with a few added
bells and whistles.

This image, which I believe you produced, shows repeated patterns in the
ciphertext:

<a href="https://i.imgur.com/MWmMc0J.png" rel="nofollow">https://i.imgur.com/MWmMc0J.png</a>

Likewise, there are severe failures on Chi Squared tests:

<a href="http://www.freecx.co.uk/cryptanalysis/Crystalline/" rel="nofollow">http://www.freecx.co.uk/cryptanalysis/Crystalline/</a>

Specifically:

<a href="http://www.freecx.co.uk/cryptanalysis/Crystalline/bias-result_(1)_10MB.txt" rel="nofollow">http://www.freecx.co.uk/cryptanalysis/Crystalline/bias-result_(1)_10MB.txt</a>

Overall Chi Squared value is 7474.808 (threshold 18.4753)
Overall likely non-uniform (>99%)

<a href="http://www.freecx.co.uk/cryptanalysis/Crystalline/bias-result_(2)_10MB.txt" rel="nofollow">http://www.freecx.co.uk/cryptanalysis/Crystalline/bias-result_(2)_10MB.txt</a>

Overall Chi Squared value is 13485.34 (threshold 30.5779)
Overall likely non-uniform (>99%)

<a href="http://www.freecx.co.uk/cryptanalysis/Crystalline/bias-result_(4)_10MB.txt" rel="nofollow">http://www.freecx.co.uk/cryptanalysis/Crystalline/bias-result_(4)_10MB.txt</a>

Overall Chi Squared value is 20607.94 (threshold 52.1914)
Overall likely non-uniform (>99%)

<a href="http://www.freecx.co.uk/cryptanalysis/Crystalline/bias-result_(8)_10MB.txt" rel="nofollow">http://www.freecx.co.uk/cryptanalysis/Crystalline/bias-result_(8)_10MB.txt</a>

Overall Chi Squared value is 45699.52 (threshold 91.81917)
Overall likely non-uniform (>99%)

I think the biggest problem though is all of this has already been pointed
out to you repeatedly in other forums and you completely refuse to
acknowledge that your cipher fails to meet the absolute most minimum
criteria for a secure cipher.

If your cipher were secure, this image would not contain obvious repeating
patterns:

<a href="https://i.imgur.com/MWmMc0J.png" rel="nofollow">https://i.imgur.com/MWmMc0J.png</a>

If your cipher were secure, it would pass all randomness tests.

There are many more requirements for a secure cipher, but your cipher fails
to meet the baseline requirements.

-- 
Tony Arcieri

以上就是本文的全部内容,希望本文的内容对大家的学习或者工作能带来一定的帮助,也希望大家多多支持 码农网

查看所有标签

猜你喜欢:

本站部分资源来源于网络,本站转载出于传递更多信息之目的,版权归原作者或者来源机构所有,如转载稿涉及版权问题,请联系我们

法治构图

法治构图

季卫东 / 法律出版社 / 2012-7 / 43.00元

《法治构图》作者季卫东从1980年代末开始就一直在思考和阐述上述问题的答案,并把研究的心得陆续形诸文字发表,以期有益于点点滴滴法制改革的实践。《法治构图》就是对相关的代表性论稿的梳理和总结,可以理解为从正当过程到实质价值、从法治到民主的新程序主义建构法学观点的集大成。一起来看看 《法治构图》 这本书的介绍吧!

JS 压缩/解压工具
JS 压缩/解压工具

在线压缩/解压 JS 代码

SHA 加密
SHA 加密

SHA 加密工具

Markdown 在线编辑器
Markdown 在线编辑器

Markdown 在线编辑器