Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!utgpu!water!watmath!clyde!rutgers!husc6!cmcl2!brl-adm!brl-smoke!gwyn From: gwyn@brl-smoke.UUCP Newsgroups: sci.crypt Subject: Re: Completely Secure Encryption Message-ID: <5892@brl-smoke.ARPA> Date: Tue, 26-May-87 23:02:46 EDT Article-I.D.: brl-smok.5892 Posted: Tue May 26 23:02:46 1987 Date-Received: Thu, 28-May-87 04:15:41 EDT References: <581@gec-mi-at.co.uk> <1171@mit-amt.MEDIA.MIT.EDU> Reply-To: gwyn@brl.arpa (Doug Gwyn (VLD/VMB) ) Organization: Ballistic Research Lab (BRL), APG, MD. Lines: 44 In article <581@gec-mi-at.co.uk> adam@gec-mi-at.co.uk (Adam Quantrill) writes: -for a less secure method, I propose to generate the random string by exclusive- -oring any combination of n text and binary files held on computer: -e.g. exor /bin/sh /bin/crypt /etc/termcap | exor my_text -Does anyone have any comments as to the security of this method? It would -obviously be more secure using a common but unique random file owned by the two -parties, in combination with the standard system files. Making allowances for the incorrect command in the example, if you plan to encrypt many messages with this scheme, you had better provide for a variable key to select the specific XORs and starting offsets. Otherwise one can simply "stack" several messages and the underlying plaintext frequency characteristics will shine through (and once the general system is cracked, cryptanalysis of further messages is reduced to simple decipherment). Brute-force searches are not necessary. Even the variable key introduces the problem of how to keep it associated with the encrypted files (or transmitted to the recipient, if encrypting for file transmission). Anyone knowing the general system who can also latch onto the specific keys is also in the position of a simple decipherer. Note that the XOR stream you use is no better than simply taking yay many (truly) random bits and putting them in a protected file, so the added complexity of combining non-random files is rather pointless. (Send your recipient a copy of the file on a couriered magtape.) I highly recommend working your way through the first two volumes of Military Cryptanalytics (Callimahos & Friedman), including working all the problem sets AND ESPECIALLY heeding their advice for proposers of new cryptosystems, before trying to design a new cryptosystem. These books are now available from Aegean Press (4 volumes since the appendices are bound separately); they've done a commendable job of reprinting, and although these books are not inexpensive they're indispensible for the serious cryptanalytics student. (Get the "library" binding if you can afford it; I have the paperbacks and although they're not bad I fear they may lose pages under heavy use, since the pages are glued individually to the binder rather than being sewn in signatures.) Aegean Press also reprints several other classics of cryptography; someone not long ago posted an abridged list, address, etc. but I could repeat it..