Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!seismo!caip!meccts!mecc!sewilco
From: sewilco@mecc.UUCP (Scot E. Wilcoxon)
Newsgroups: net.crypt
Subject: Re: Naieve Inquiry: Streaming Cyphers (
Message-ID: <540@mecc.UUCP>
Date: Sat, 2-Aug-86 00:02:19 EDT
Article-I.D.: mecc.540
Posted: Sat Aug  2 00:02:19 1986
Date-Received: Sat, 2-Aug-86 22:14:59 EDT
References: <1065@ogcvax.UUCP> <25900002@okstate.UUCP> <189@inuxa.UUCP>
Reply-To: sewilco@mecc.UUCP (Scot E. Wilcoxon)
Organization: MN Ed Comp Corp, St Paul, MN
Lines: 56

In article <189@inuxa.UUCP> michel@inuxa.UUCP (Alan Michel) writes:
>
>
>How about taking parts of the key, and generate two initial seed values for
>long psedo-random sequence generators in a pre-determined way.  
>Then use bits from one sequence to indicate
>when to place a random bit into the data stream and
>the other random sequence (or even later bits in the same sequence)
>to indicate whether that random bit should be a 0
>or a 1.
...[example omitted]
>WARNING - I know next to nothing about real world cryptography.  
>This seems like an obvious and quick way to pad data, but I do not know
>how easy it is to crack, or how much it may really increase/decrease
>security.  Just a thought.  

I'm an amateur myself, having only designed and cracked a few dozen simple
digital codes.  His proposal sounds good for a distraction within or around
a better code, but I can see two weaknesses: The first bits are less random
than the rest are, and the more random (encrypted) the 'data stream' is,
the better it will work.

The first weakness is visible with ASCII English text as the input.  Take the
first bytes and try omitting the first bits to see if a printable character
shows up.  Then look at the next few bits to see what needs to be done to get
the most likely English character.  Keep that up and look for patterns in the
identified encryption for clues to the keys (easier if the pseudorandom
algorithm is known).  The example in the original article used only 1 of 8 bits
random, so good guesses will quickly be confirmed by real words showing up.
Many more random bits are needed to obscure the data.

When English text is encoded, the left-side weakness is obvious.  But if the
input data stream is pseudorandom (ie, encyphered data) then this blending
of pseudorandom data is a bit more distracting.  The question is whether or not
analysis can identify the two different patterns, just as there are easy
ways to identify the good guesses with English data.  Perhaps analysis would
show two different kinds of pseudorandomness which then could be separated.
Or as someone recently pointed out perhaps sync characters or other artifacts
of the data stream (I've easily broken several unknown algorithms on systems
which used a certain line terminator or space padded data).

Or there's always the possibility that a weakness in the key-to-sequence
algorithm can be exploited to find either the key or part of the sequence.

(Should we amateurs ramble in here?)
While I have the podium, since my last "coding by location of typeset characters"
article I've wanted to observe that this newsgroup is unusual as users of 
discussed methods tend to not identify themselves for obvious reasons.  It's
intriguing to know that ideas which generate no response may be idiotic or
everyone who would comment won't because they've been using the method for
years :-)
-- 

Scot E. Wilcoxon    Minn Ed Comp Corp  {quest,dicome,meccts}!mecc!sewilco
45 03 N  93 08 W (612)481-3507 {{caip!meccts},ihnp4,philabs}!mecc!sewilco
NASA:"Earth uninhabitable in 500 years." Welcome to tropical Minnesota.