IWETHEY v. 0.3.0 | TODO
1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

New geriactic brain needs some input regards encryption
so the current state of affairs is that we use a 2048 based key to successfully in most cases to encrypt stuff. The question I have is because I have not looked at code in forever. So the string
bob
is a 2048 key representation of b
followed by a 2048 key representative of o
and the first key re-used?
Does that not follow basic decoding rules of find the vowels, common words, common associations to decrypt?
or does it work differently? Have a half assed idea for a new encryption algorithm.
Any opinions expressed by me are mine alone, posted from my home computer, on my own time as a free American and do not reflect the opinions of any person or company that I have had professional relations with in the past 59 years. meep
Expand Edited by boxley Nov. 28, 2014, 10:51:03 PM EST
New First step in writing your own encryption algorithm ...
Don't write your own encryption algorithm.

Encryption is a full-time specialty. The days when a gifted amateur could beat the pros are long gone.
--

Drew
New And this... :-)
New In other words:
Step 1. Forget It.

(It's rare I get to use that response. :-)

Wade.
New It is different
The 2048 bit keys are assymetric (i.e. of the public/private pair variety) used to protect the certificates and the session key negotiations. The session key is a lot shorter and symmetric, usually between 128 and 256 bits when dealing with SSL/TLS.

At the lowest level, the actual encryption is handled by e.g. 3DES or AES. What you do with the results then depends on what you need to accomplish, and how. The most commonly used recipe is cypher block chaining. An "initial vector" is generated to kick things off. The first chunk of plaintext is encrypted using the next section of the key and the encrypted initial vector. From there, each section of plaintext is encrypted using a section of the key and the encrypted value of the previous chunck of plaintext.

Going to your example, with this method, the "b"s would not produce the same output and e.g. the frequency of occurrence analysis fails.
New Ah, a usefull reply
cypher block chaining is currently broken in the security models and we get dinged if found using that. The algo I have in mind is the equivalent of a one time pad. To drooks point, the time of gifted amateurs is certainly over, it is the time of clueless undergrads cutting and pasting into the open source soup.
Any opinions expressed by me are mine alone, posted from my home computer, on my own time as a free American and do not reflect the opinions of any person or company that I have had professional relations with in the past 59 years. meep
New Hey, mine was useful!
It made me laugh.
--

Drew
New Me too. :-)
New Love. It. Best hopeful-Aha! in a long time :-)
(Yes, I Get the point of OTP), along with the gotcha!s whenever mere homo-saps are an essential piece of the rest of the (practical aka pragmatic) process.
Cryptography is a native talent: we employ it every time someone asks, "What's on your mind?", n'est ce pâs?

War Games (that comic fantasy..) still has its seminal point:
~~"Funny game!" Digitizing of all stuff ever collected: "The only way to win is not to play at all."
Yep, the Omniverse is *analog, right down to chemical bonds + a little probability.. for comic relief.
My LPs, via solar minimal power, after EMP will play fine (unless..over-done! thus, Nuclear Winter signifies further..)

A red sky at night
Sailor's delight
Means it went off all right

--A Leaden Treasury of English Verse; illustrations by Edw. Gorey
[Antidote? pwnership of all delivery-systems with nukes: permanent SAFE/over-ride; if disabled: only half.. of the explosive lenses will ever fire. Perfect trajectory of a Dud.]
This way the Mil/Ind/Complex gets its perpetual stipend--and billions get to live, anyway. What's to lose?

But all the funny-money, now utterly non-existant except in evanescent..? actually ineffable 1111s and 0000s as can flip in a femto-Second to 0000 0000 ... says Lots about another screwed-up concept: Wealth! And the State Secrets as mangle this daily The Green Table dueling of national-egos are as hors de combat as are the concepts of 'security' OR 'privacy'
(cf. The Light of Other Days, with or without the worm-holes.) Ain't that the best fucking-cosmic-Joke since.. Ecce Homo! ??

* 'Course one can have taxonomy-warz re, boring-down: to Definition(s) of the Classes..? analog, digital, (as the homo-sap jelloware likes to organize all the stuff that comes into it, along with the noise.) But a specially shaped/ground-whatever piece of glass seems to me to be about as analog as any 'it' ever gets. Whether or not you next 'process' the results: the Analog part of the steps is as essential as [say, the analog stage withinin a sub-unit of the the Numerical Processing Unit of a PDP-8.]


See?
Homo-sap [Itself!] is a construct which Lives-by metaphor, in a fish-bowl which itself (whether called maya or other try-at-description) ...
remains our impenetrable barrier ever to glimpse that mythical Reality, maybe the most-abused word-symbol yet conceived?)

That's.. why I Love. It. (above) ;^> The planet Can survive, once millions see these base-Clay-Feet within all the gadgetry extant. Help them to grok this to fullness, eh? $$Meeja Won't help! we see.
We're all philosophers now/just.. so many have that aspect extirpated-entirely ... via hours spent in Corp-owned isolation-cubicles. And similar self-mutilation processes which most-all are inured to.
New enough like it to require a licence :-(
Any opinions expressed by me are mine alone, posted from my home computer, on my own time as a free American and do not reflect the opinions of any person or company that I have had professional relations with in the past 59 years. meep
New What's wrong with cipher block chaining?
New As used in SSLv3/TLS1.0
In that specific case, it is vulnerable to the BEAST attack. The attacker still needs to be able to insert self as man-in-the-middle, so it is not entirely trivial to pull off.

The general vulnerability lies in the use of an initialization vector for the first block only. As subsequent blocks reuse the output of the previous step, those quantities are known. TLS1.1 and beyond use separate initialization vectors for each block. Technically, the mode is still called cipher block chaining, but there is not a lot of chaining going on anymore.
New Ah. Understood.
New A more generic tool...
There's something called the "NRL Protocol Analyzer" that seems to have a lot of math behind it. A 12 page mini-tutorial PDF describing it, what it does, how it works, is here. (The PPT version is here.)

It's from the mid-'90s. There are undoubtedly more powerful tools now, but sometimes it helps to take a step back.

(This stuff is outside my area. I just thought I'd mention it in case you haven't seen it.)

HTH a little. Good luck!

Cheers,
Scott.
New good link, thanks
not looking for secure communications, no such animal. Thinking about unbreakable local encryption. Checking a few more things then start writing.
Any opinions expressed by me are mine alone, posted from my home computer, on my own time as a free American and do not reflect the opinions of any person or company that I have had professional relations with in the past 59 years. meep
New There is only one unbreakable cypher
And that's an OTP.

Everything else will fall to analysis or brute force.
New my idea is to create an EOTP
Any opinions expressed by me are mine alone, posted from my home computer, on my own time as a free American and do not reflect the opinions of any person or company that I have had professional relations with in the past 59 years. meep
New Two things.
1. Use OTP once! Otherwise, it's NOT a one time pad.

2. OTP relies on having a truly random number as long the data you want to protect.

That brings me to the following quote:
“The generation of random numbers is too important to be left to chance.”—Robert R. Coveyou

There have been "pseudo-random number generators" that were very insecure.
Alex

"There is a cult of ignorance in the United States, and there has always been. The strain of anti-intellectualism has been a constant thread winding its way through our political and cultural life, nurtured by the false notion that democracy means that "my ignorance is just as good as your knowledge."

-- Isaac Asimov
New Or in related puzzlements,
The generation of sane, viable societies is too important to be left to ordinary humans.

But I don't know where that Leaves us, in any next.. :-/
New It is mainly a key transport problem
Any electronic transport method is vulnerable in one way or another. The security of the OTP is reduced to the level of the method used to transport the key. That is why there still is no viable electronic OTP. Even the method I posted earlier still requires a secure physical meeting between each pair of messengers.
     geriactic brain needs some input regards encryption - (boxley) - (20)
         First step in writing your own encryption algorithm ... - (drook) - (2)
             And this... :-) -NT - (scoenye)
             In other words: - (static)
         It is different - (scoenye) - (9)
             Ah, a usefull reply - (boxley) - (8)
                 Hey, mine was useful! - (drook) - (1)
                     Me too. :-) -NT - (Another Scott)
                 Something like this? - (scoenye) - (2)
                     Love. It. Best hopeful-Aha! in a long time :-) - (Ashton)
                     enough like it to require a licence :-( -NT - (boxley)
                 What's wrong with cipher block chaining? -NT - (static) - (2)
                     As used in SSLv3/TLS1.0 - (scoenye) - (1)
                         Ah. Understood. -NT - (static)
         A more generic tool... - (Another Scott) - (6)
             good link, thanks - (boxley) - (5)
                 There is only one unbreakable cypher - (pwhysall) - (4)
                     my idea is to create an EOTP -NT - (boxley) - (3)
                         Two things. - (a6l6e6x) - (2)
                             Or in related puzzlements, - (Ashton)
                             It is mainly a key transport problem - (scoenye)

Given enough thrust, even pigs will fly.
79 ms