rotor alternative?
Aaron Watters
aaron at reportlab.com
Wed Nov 19 19:53:48 EST 2003
Paul Rubin <http://phr.cx@NOSPAM.invalid> wrote in message news:<7xr804w4pe.fsf at ruckus.brouhaha.com>...
> aaron at reportlab.com (Aaron Watters) writes:>
> I don't want to spend time analyzing the algorithms when there are
> already perfectly good ciphers available and it's better to just stick
> with them.
Yes, I agree. Thanks for taking the time.
> 1) There is no attempt to provide any randomness in the output...
> 2) What's more, the cipher is a one-character-at-a-time stream cipher
> so if you encrypt two different plaintexts that begin with a common
> prefix, it looks to me like the ciphertexts will also have a common
> prefix, another security failure.
> 3) No authentication is provided....
> 4) It's almost certain that the cipher is vulnerable to
> related-key attacks...
Since the input is fed into the encryption mechanism adding random
garbage bytes to the input every so often in a predictable manner will
address 1,2,4. Adding any sort of checksum will address 3. This is
the kind criticism I enjoy! thanks again.
> Being loosely inspired by RC4 is unreassuring on several grounds...
I agree completely with the rest. -- Aaron Watters
===
The cup holder on my computer is broken.
More information about the Python-list
mailing list