Re: [Cfrg] Crystalline Cipher

Michael Hamburg <mike@shiftleft.org> Wed, 20 May 2015 21:29 UTC

Return-Path: <mike@shiftleft.org>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 059E21A9234 for <cfrg@ietfa.amsl.com>; Wed, 20 May 2015 14:29:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 4.255
X-Spam-Level: ****
X-Spam-Status: No, score=4.255 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, HELO_MISMATCH_ORG=0.611, HOST_MISMATCH_NET=0.311, RDNS_DYNAMIC=0.982, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RaVJOUTJld2m for <cfrg@ietfa.amsl.com>; Wed, 20 May 2015 14:29:18 -0700 (PDT)
Received: from aspartame.shiftleft.org (199-116-74-168-v301.PUBLIC.monkeybrains.net [199.116.74.168]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 270D11A9092 for <cfrg@irtf.org>; Wed, 20 May 2015 14:29:18 -0700 (PDT)
Received: from [10.184.148.249] (unknown [209.36.6.242]) by aspartame.shiftleft.org (Postfix) with ESMTPSA id 07FF03A9C3; Wed, 20 May 2015 14:28:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=shiftleft.org; s=sldo; t=1432157307; bh=M1wP6ER/0y5EBGExTU8t5qJM+Yk10g/bhtrj4mfENfA=; h=Subject:From:In-Reply-To:Date:Cc:References:To:From; b=M+gFgkHRxQ2xGfusC+jyLofOfDfFsFuuQZ2IirZZ2WL//bXpxWluD5+k3YtRDFDA4 3uJsCKSyHQ4P4PDSSq6NeGbAEcBEtkgBBSWsPJOz2kKd7nuNCOb3bM8rcQdlacaEJv xPv/8tB8ob9e3FkPH28q2uBpEXIIqSXk/EVYW0fs=
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2100\))
From: Michael Hamburg <mike@shiftleft.org>
In-Reply-To: <78c28854a0cbb9ab7930141285059c6c@mail.eclipso.de>
Date: Wed, 20 May 2015 14:29:15 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <2F4CC1DD-32CE-4D0A-B8F6-7BCEAD39F931@shiftleft.org>
References: <78c28854a0cbb9ab7930141285059c6c@mail.eclipso.de>
To: Mark McCarron <mark.mccarron@eclipso.eu>
X-Mailer: Apple Mail (2.2100)
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/4c-nx0N9YGh6Qb3SBmM-B6ICaA8>
Cc: cfrg@irtf.org
Subject: Re: [Cfrg] Crystalline Cipher
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 May 2015 21:29:20 -0000

Hi Mark,

I read the thing you posted earlier, and I didn’t go to the archive.

That said, CFRG really isn’t the right forum for new symmetric ciphers, or even new modes for existing symmetric ciphers.  We want crypto that’s proven more than “nobody hacked me for a week”, and that proving needs to happen elsewhere.

You might have better reception elsewhere, but I somewhat doubt it.  Your use of phrases like “information-theoretically secure”, “key strength of 131072 bits” and “unique … approach to encryption”, not to mention your key-dependent indexing, suggest that you don’t know what’s considered valuable in a cipher.  Nobody will want to study your design if you can’t properly explain what’s good about it.

If you want to discuss this more, please respond to me off-list, because I don’t think the rest of the crowd will be interested.

— Mike

> On May 20, 2015, at 12:28 PM, Mark McCarron <mark.mccarron@eclipso.eu> wrote:
> 
> Hi everyone,
> 
> Sorry for submitting this again, but I just noticed that the HTML version I posted earlier was scrubbed by the mailman software and no one could read it unless they went to the archive.
> 
> I have recently released a symmetric cipher called Crystalline and I am seeking individuals/groups to analyse algorithm.  On paper, the cipher appears to be information-theoretically secure but this requires independent validation.  Crystalline has been published at CodePlex under the MIT license at the following URL: 
> 
> http://crystalline.codeplex.com/ 
> 
> The reference implementation is in C# and I am presently adding minor changes.  The software has been up for about a week and, so far, has survived against various crackers and I thought it was time to present it to a much deeper series of tests by more knowledgeable people.  I have put together an RStudio project that has functions to analyse the cipher (also released under MIT license) that I hope everyone will find useful.  I am trying to keep this project agnostic to the cipher being analysed and I would be happy to include any R code that anyone develops. 
> 
> The RStudio project can be downloaded here: 
> http://s000.tinyupload.com/index.php?file_id=3D37851913919266496129 
> 
> Crystalline adopts a unique (as far as I know) approach to encryption.  Rather than apply complex formulas to plaintext, Crystalline moves the location of bits and bytes based upon values from a TRNG (such as atmospheric noise).  The recommended minimum key/salt length is 16KB, providing an effective key strength of 131072 bits.  The key/salt size is arbitrary and can be extended to Gigabytes or a continuous random stream if necessary. 
> 
> In each round, Crystalline first swaps every bit in the file based upon values drawn from the key and salt. Before a bit is swapped, it is XOR'ed with the bit value 1. Then Crystalline erases that history by swapping every byte in the file, based upon values, drawn from the key and salt. 
> 
> Steps in a round: 
> 
> Part A: 
> 
> 1. Load the plaintext, key and salt files into memory (circular buffer for each). 
> 2. Calculate the location of the bits to switch based on the formula 'key*salt' (where both the key and salt are represented as integer values of a byte in the range 0-255) 
> 3. Select the current bit index in the plaintext and XOR it with the value 1 
> 4. Swap the bit with the bit identified in step 2 whilst alternating the direction of that swap
> 5. Increment the index in the plaintext, key and salt (looping around the buffer necessary) 
> 6. Repeat steps 2-5 inclusive until EOF (plaintext) 
> 
> Part B: 
> 
> 1. Set indexes of the plaintext, key and salt to 0 
> 2. Calculate the location of the bytes to switch based on the formula 'key*salt' (where both the key and salt are represented as integer values of a byte in the range 0-255) 
> 3. Swap the byte with the byte identified in step 2 whilst alternating the direction of that swap
> 4. Increment the index in the plaintex, key and salt (looping around the buffer necessary) 
> 5. Repeats steps 2-4 inclusive until EOF (plaintext) 
> 
> http://crystalline.codeplex.com/documentation 
> 
> It is recommended that the plaintext be compressed first, but Crystalline does not specify which compression algorithm should be used. 
> 
> Over the last week myself and numerous other people have been both attacking the cipher and analysing its output.  The main place for this discussion has been here: 
> 
> http://forums.devshed.com/security-cryptography-17/crystalline-cipher-testers-required-969138.html 
> 
> We have been particularly focused on examining FFT outputs of the ciphertext and the RStudio code allows us to produce some nice images of the FFTs as grey scaled height maps to spot patterns.  The following link is an example of such an image drawn from the encryption of a 13.5MB file using Crystalline (quite a large image): 
> 
> http://i.imgur.com/kQxmf5z.jpg 
> 
> There is also a pseudo-colorised version of this image here showing the distribution of values in a linear gradient (Red = 0, Orange = 128, Green = 255)
> 
> https://static.dyp.im/C0PYsjmj6t/755c391c9347eaf1a563abf4bf0f045a.png 
> 
> I hope everyone will download a copy and give it a test.  If anyone has questions, comments, suggestions or notices any errors then feel free to post to the group and I will respond as best I can. 
> 
> Regards,
> 
> Mark McCarron
> 
> 
> _______________________________________________
> Cfrg mailing list
> Cfrg@irtf.org
> http://www.irtf.org/mailman/listinfo/cfrg