Didn't read the code well, the keystream is not reused after each iteration,
(Angelo showed me my mistake).
This is what happens when you don't read well and are too quickly to answer
:-). Please disregard my previous comments.
Regards,
Omar
> -----Original Message-----
> From: Omar A. Herrera [mailto:omar.herrera (at) oissg (dot) org [email concealed]]
> Sent: Wednesday, February 15, 2006 8:44 PM
> To: angelo (at) rosiello (dot) org [email concealed]; focus-linux (at) securityfocus (dot) com [email concealed]
> Subject: RE: Kryptor Whitepaper released
>
> Hi Angelo,
>
> I just took a quick look at it but it seems to me like a polyalphabetic
> substitution cipher with an effective block length of 16 bytes (i.e. every
> 16 bytes you have a monoalphabetic substitution cipher).
>
> I mean, this doesn't hide the underlying language frequencies within each
> block of 16 bytes (the length of your MD5 hashed keys). Of course I'm not
> a
> cryptanalyst but it really seems to be crackeable with pen and paper
> (granted, probably not as easy as a Vigenère cipher because of the
> manipulations of the keys, but not much more difficult though).
>
> Probably the only situations where this cipher is secure is when the
> length
> of the text to be enciphered is <= 16 bytes (the length of your keys),
> provided that you do not reuse the keys of course :-).
>
> Pending the opinion of an experienced cryptographer, I would say that even
> without the source code the Friedman and Kasisiki tests would quickly show
> up the type of the encipherment (polyalphabetic) and the length of the key
> (16 bytes).
>
> As far as I know, this is the reason why modern strong symmetric ciphers
> use
> both diffusion and confusion (as suggested by Claude E. Shannon). This
> piece
> of code only implements substitution, and reminds me of a comment made by
> Bruce Schneier regarding the simple XOR algorithm (Chapter 1, Foundations)
> in his book "Applied Cryptography" ;-):
>
> ...
> crypted[x] = plainBlock[x] ^ MD5pwd[streamMd5pwd] ;
> ...
>
> Best regards,
>
> Omar A. Herrera
>
> > -----Original Message-----
> > From: angelo (at) rosiello (dot) org [email concealed] [mailto:angelo (at) rosiello (dot) org [email concealed]]
> > Sent: Wednesday, February 15, 2006 2:48 PM
> > To: focus-linux (at) securityfocus (dot) com [email concealed]
> > Subject: Kryptor Whitepaper released
> >
> > As I announced in previous threads, we released the full white paper of
> > the algorithm implemented in Kryptor
> > (http://www.rosiello.org/archivio/kryptor-0.1.2.tar.gz).
> >
> > The paper can be found at:
> > http://www.rosiello.org
> > or
> > http://www.rosiello.org/modules/smartsection/item.php?itemid=8
> >
> > cheers,
> > Angelo
> >
> > Rosiello Security,
> > http://www.rosiello.org
Didn't read the code well, the keystream is not reused after each iteration,
(Angelo showed me my mistake).
This is what happens when you don't read well and are too quickly to answer
:-). Please disregard my previous comments.
Regards,
Omar
> -----Original Message-----
> From: Omar A. Herrera [mailto:omar.herrera (at) oissg (dot) org [email concealed]]
> Sent: Wednesday, February 15, 2006 8:44 PM
> To: angelo (at) rosiello (dot) org [email concealed]; focus-linux (at) securityfocus (dot) com [email concealed]
> Subject: RE: Kryptor Whitepaper released
>
> Hi Angelo,
>
> I just took a quick look at it but it seems to me like a polyalphabetic
> substitution cipher with an effective block length of 16 bytes (i.e. every
> 16 bytes you have a monoalphabetic substitution cipher).
>
> I mean, this doesn't hide the underlying language frequencies within each
> block of 16 bytes (the length of your MD5 hashed keys). Of course I'm not
> a
> cryptanalyst but it really seems to be crackeable with pen and paper
> (granted, probably not as easy as a Vigenère cipher because of the
> manipulations of the keys, but not much more difficult though).
>
> Probably the only situations where this cipher is secure is when the
> length
> of the text to be enciphered is <= 16 bytes (the length of your keys),
> provided that you do not reuse the keys of course :-).
>
> Pending the opinion of an experienced cryptographer, I would say that even
> without the source code the Friedman and Kasisiki tests would quickly show
> up the type of the encipherment (polyalphabetic) and the length of the key
> (16 bytes).
>
> As far as I know, this is the reason why modern strong symmetric ciphers
> use
> both diffusion and confusion (as suggested by Claude E. Shannon). This
> piece
> of code only implements substitution, and reminds me of a comment made by
> Bruce Schneier regarding the simple XOR algorithm (Chapter 1, Foundations)
> in his book "Applied Cryptography" ;-):
>
> ...
> crypted[x] = plainBlock[x] ^ MD5pwd[streamMd5pwd] ;
> ...
>
> Best regards,
>
> Omar A. Herrera
>
> > -----Original Message-----
> > From: angelo (at) rosiello (dot) org [email concealed] [mailto:angelo (at) rosiello (dot) org [email concealed]]
> > Sent: Wednesday, February 15, 2006 2:48 PM
> > To: focus-linux (at) securityfocus (dot) com [email concealed]
> > Subject: Kryptor Whitepaper released
> >
> > As I announced in previous threads, we released the full white paper of
> > the algorithm implemented in Kryptor
> > (http://www.rosiello.org/archivio/kryptor-0.1.2.tar.gz).
> >
> > The paper can be found at:
> > http://www.rosiello.org
> > or
> > http://www.rosiello.org/modules/smartsection/item.php?itemid=8
> >
> > cheers,
> > Angelo
> >
> > Rosiello Security,
> > http://www.rosiello.org
[ reply ]