Page 2 of 3
Re: Encryption Challenge!
Posted: Mon Aug 25, 2008 10:05 am
by onion2k
Right. It's enciphering the string rather than encrypting it, though using the MD5 checksum of the key does make it interesting. One immediate problem I've discovered is that strings are always enciphered into the same character if they appear in the same place in a string -
Code: Select all
string1 x0VXSg3
string2 x0VXSg4
string3 x0VXSg5
string4 x0VXSg6
string5 x0VXSg7
strinh1 x0VXSh3
strinh2 x0VXSh4
strinh3 x0VXSh5
strinh4 x0VXSh6
strinh5 x0VXSh7
xxxxxx1 582E4x3
xxxxxx2 582E4x4
xxxxxx3 582E4x5
xxxxxx4 582E4x6
xxxxxx5 582E4x7
The sixth character in the plaintext (the number) is always the same in the enciphered text when different strings are encoded with the same keyphrase ('aaaaa' in this case). That means that if you were to use the same password to 'secure' lots of different things it'd be trivial to work out what they are. If you look at the first two blocks you would immediately know that the first 5 characters are the same, and that the sixth character is the same throughout the first block and the second block. You would also be able to tell that the final character increments by 1 in each case.
With enough ciphertext to use as a crib it would be very easy to break this code.
Unfortunately I have a few things I need to do now, but I might have another look at this later tonight.
Re: Encryption Challenge!
Posted: Mon Aug 25, 2008 11:48 am
by Parody
I see what you mean, that is a major problem, but you have to consider that is only with one particular key. One way of ensuring this does not happen would be to calculate the total of the string values and add this to the $cryptchar value which would therefore change the whole output if just one character changed.
The only problem with doing that is the decryption is near impossible to calculate (the characters being decrypted would be encrypted by themselves and the other characters).
If anyone can think of a way to use the string's total value and still decrypt it using the key please help out

Re: Encryption Challenge!
Posted: Mon Aug 25, 2008 12:32 pm
by Mordred
You're not paying attention at all. Your algorithm sucks. It's not your fault really, almost every algorithm out there sucks. The ones that don't have passed hundreds of manhours of cryptanalysis. Yours hasn't. No matter how many times we break it and you fix it, it will still suck, even after the point where you fix it and we can't break it. This is the essence of the article I gave you, which you obviously haven't read carefully. Use an existing crypto library, like mcrypt.
Your scheme is vulnerable to the most basic attacks. Given 32 consecutive bytes of plaintext and ciphertext, one can retrieve the md5 of the key, and use it to completely decrypt any other message encrypted with the same key.
Re: Encryption Challenge!
Posted: Mon Aug 25, 2008 12:49 pm
by Oren
As onion2k showed very easily, your "algorithm" is very weak and has nothing to do with cryptography at all if you ask me. I honestly suggest you to focus on something else rather than developing a new "secure" encrypting algorithm unless you have a basic knowledge in cryptography or AT LEAST a basic knowledge in computer science - which I doubt you have, otherwise you wouldn't have came with this "algorithm" from the first place.
At least, if you really wish to learn a thing or 2, instead of keep defending your "algorithm", stop and read the previous posts and this time try to understand what the guys were trying to tell you.
Edit: Well Mordred beat me this time... but he pretty much said it out loud and clear: it sucks, use some library.
There is really no point to go on with this thread further. As I said, the best thing you can do now is read again what the guys said and use some library when you need to encode something.
Re: Encryption Challenge!
Posted: Mon Aug 25, 2008 1:22 pm
by Parody
I not only want to do this as a challenge, but also as a unique cipher which I can use how I want. It may not be the most secure algorithm in the world, but don't tell me to stop.
I would appreciate your help, but don't keep posting just to tell me that this isn't the best way to go about things in your opinion. I'm learning and I'm sure others will learn from this, even if the end result is that it might not be worth my time. You're right, I'm not a cryptoanalyst, this is my first attempt at an algorithm so don't just poke holes and tell me it sucks. If you want to get involved and
help me and maybe yourself then please do.
I'm not quite sure what you meant by this Mordred
Mordred wrote:Given 32 consecutive bytes of plaintext and ciphertext, one can retrieve the md5 of the key, and use it to completely decrypt any other message encrypted with the same key.
How could you retrieve the md5 from the difference between the plaintext and ciphertext? You would still have to brute force it wouldn't you?
So if by an independant security flaw someone managed to retrieve the exact plaintext which was encrypted and the encrypted string (possible, I know) then someone could calculate the key, but that would be the same as trying to decipher the encrypted string without having the plaintext wouldn't it?
In case I completely misunderstood and you just meant the md5: are you just pointing out that the md5 checksum is the insecure part (at the moment).
Finally, just so I know the other options. Which cipher/encryption would everyone recommend? Is there one which is supported in most common programming languages? I needed my own because I need to be able to offer the function in most programming languages so the service I am building can be used by as many people as possible.
Re: Encryption Challenge!
Posted: Mon Aug 25, 2008 1:42 pm
by Oren
Look... I'm certainly not trying to insult you or anyone else, but it seems you didn't listen to the previous advices you got here so this was the only way we could get your attention. Again, read again what onion2k tried to tell you from the very first beginning about why w/e you'd do is worthless unless you reveal your code.
Now, I don't want to sound like we are better, but if you are smart enough I'd understand that we know a bit more than you and we all probably went a similar process like yours with your algorithm here... if you can be strong enough you'd stop and try to understand what we said here. I'm not saying you should completely stop with your little game, it's actually a good thing to do I believe, but you shouldn't put too much time into it. Instead, play around with it for a day or two but no more and of course, don't use it for anything beside this game/experiment.
I could suggest you to read articles in this area, but if you don't have a basic knowledge in Comp. Sci. there is really no point, and the irony here is that you wouldn't understand that you don't understand certain parts of the article.
Anyhow, this is a really good experiment to do with yourself, but it is not an "Encryption Challenge" you should post here and ask people to join in and try to break it.
Re: Encryption Challenge!
Posted: Mon Aug 25, 2008 1:43 pm
by onion2k
Parody wrote:I would appreciate your help, but don't keep posting just to tell me that this isn't the best way to go about things in your opinion. I'm learning and I'm sure others will learn from this, even if the end result is that it might not be worth my time. You're right, I'm not a cryptoanalyst, this is my first attempt at an algorithm so don't just poke holes and tell me it sucks. If you want to get involved and help me and maybe yourself then please do.
You're absolutely right that you, and others, will learn from this exercise. The lesson that you'll hopefully learn is that implementing crypto is really, really hard and no matter how much you try you'll never come up with something that's more secure than what's already available unless you're some sort of genius. I certainly couldn't. To be honest, I don't think
anyone on this forum could.
It's never nice to hear that what you've put effort into isn't as good as what's already available, but in this case it's the only thing that anyone can tell you.
Kidding yourself that your system is as secure as what's available in mcrypt, or even just that it's "secure enough" for what you need, will mean you're risking whatever you try to protect with it. That's the most important issue here.
Re: Encryption Challenge!
Posted: Mon Aug 25, 2008 1:47 pm
by onion2k
Parody wrote:Finally, just so I know the other options. Which cipher/encryption would everyone recommend? Is there one which is supported in most common programming languages? I needed my own because I need to be able to offer the function in most programming languages so the service I am building can be used by as many people as possible.
I use AES. Mainly because it's built into MySQL (with the AES_ENCRYPT and AES_DECRYPT MySQL functions). It's also available in most languages. Certainly all the ones I use.
Re: Encryption Challenge!
Posted: Mon Aug 25, 2008 2:09 pm
by Parody
I understand that I'm no expert in cryptography, this was just a little exercise.
I am not going to continue with this, but If the source code was closed then any level of cipher would be sufficient right?
I appreciate everyone's input, all of it helped!
Onion2k or anyone else who uses AES:
Could you please point me in the right direction of a php function which encrypts and decrypts AES and some more sources for other languages. I need to make sure this is the best way to go before I start implementing it throughout my project.
Thanks
Re: Encryption Challenge!
Posted: Mon Aug 25, 2008 2:25 pm
by Mordred
No, it's not the md5. Read carefully what I said. It's a simple statement - give this and this to the attacker, and he will get that. No bruteforce is needed, unless you count the whooping 68 tries I will need to test for the correct key.
I will add another vulnerability:
Given a ciphertext of sufficient length, frequency analysis can be used to uncover 31 characters of the key (actually the MD5 of the key, but it's all the same to us) the remaining one character can then be trivially bruteforced, but there won't be an actual need for that, because a bug in the implementation will let us decode all but the first byte of the plaintext. The same bug is what causes 31 (indstead of 32) characters of the ciphertext to be used.
This algorithm is in fact a simplified polyalphabetic cipher - simplified, because each of the 31 alphabets are not arbitrary substitutions, but the simplest possible substitutions - Caesar ciphers with all problems that arise from the fact.
If the source code was closed then any level of cipher would be sufficient right?
Nope. There are quite a few techniques to analyze ciphertext produced with an unknown cipher. To break yours one would need two techniques - index of coincidence (which will reveal that this is a 31 key character) and frequency analysis (to reveal the individual key bytes). These two are actually the simplest ones in the repertoire of an analyst.
Re: Encryption Challenge!
Posted: Mon Aug 25, 2008 2:40 pm
by onion2k
Parody wrote:Onion2k or anyone else who uses AES:
Could you please point me in the right direction of a php function which encrypts and decrypts AES and some more sources for other languages. I need to make sure this is the best way to go before I start implementing it throughout my project.
http://uk2.php.net/manual/en/function.m ... ncrypt.php
If you don't have mcrypt installed then
http://www.phpaes.com/ ... or any of the other implementations to found around the web.
Re: Encryption Challenge!
Posted: Mon Aug 25, 2008 2:44 pm
by Parody
I understand why a caeser and polyalphabetic are so insecure, but the difference is that the key along with the content itself defines the output. If the content could somehow be used in hand with the key to encrypt itself and then could be reversed using the key the process would be far more secure than both the caeser and polyalphabetic ciphers. (Yet still insecure)
The key does not itself define the alphabet in this case, the key in combination with the characters both individually and as a total define each character, no alphabet is used throughout. If the content is used as a total value then there would be absolutely no pattern from applying a particular key.
This is now a theoretical interest, I'm interested in how this cipher could be improved if it were to be.
Re: Encryption Challenge!
Posted: Mon Aug 25, 2008 3:25 pm
by Parody
Thanks for pointing me to PHPAES onion2k. Pretty fast function.
I tried FOPO, but the page didn't run. I liked the idea though, are there any alternatives? (which are also free)
I'm building an API for my website and I would like the code which I am distributing for the third parties to use to communicate with my server to be encoded yet working. Is this possible in all popular programming languages?
Re: Encryption Challenge!
Posted: Mon Aug 25, 2008 3:36 pm
by Mordred
Let's examine the code, here's the heart of the decryption:
Code: Select all
$cryptchar=$characternumber+$stringcharacter-$stringlength-$keycharval-$step-$wholekeyvalue;
Or in a more human-readable form:
Pi = Ci + i - len(C) - Kj - step - W
(P = plaintext, Pi = i-th plaintext character; C = ciphertext, K= key; W = wholekeyvalue)
First, we can eliminate len(C), i and step from the equation, because they are values we know (step depends on i and len(K) ). Which gives us:
Pi = Ci - Kj - W or
Ci = Pi + Kj + W
We should also note that K(j) is actually K(i % 31 + 1). Here's why:
Code: Select all
if($keychar>$keylength){$keychar=1; $step=$step+1;}
Notice that $keychar wraps to 1, not 0. So, let's arrange our C in 31 columns like this (omitting C(0) )
Code: Select all
C01 C02 ... C31
C32 C33 ... C62
C63 C64 ... C93
or, with the last equation we have:
Code: Select all
P01+K1+W P02+K2+W ... P31+K31+W
P32+K1+W P33+K2+W ... P62+K31+W
P63+K1+W ....
Notice something?
Yep, column 0 is P(1+i%31) + (K1+W)!
It consists of every 31th letter of the message, offset with a constant (aka Caesar cipher). One frequency analysis later, and we know the most probable values of P(1+i%31). We can't check directly if these values are real plaintext, because they are spaced 31 bytes away from each other (i.e. we can't use a dictionary). What we can do is to take the frequencies, apply them to the other 30 columns, and then check the linear plaintext. If it looks it contains English (or whatever) words - store it for human review. If it doesn't, backtrack to the frequency table, and try another distribution.
Edit: Notice that in this attack we eliminated the key K altogether. Later, knowing P and C we can recover K, and directly decrypt any later messages encrypted with the same key.
Re: Encryption Challenge!
Posted: Mon Aug 25, 2008 4:14 pm
by Parody
I'll try and fully understand that later.
I am impressed that you went to that level to show me the error of my ways. I understand that this isn't secure, but if you know why it isn't do you know how it could be?
I'm going to use AES, but this is still of interest to me.