[Cfrg] Crystalline Cipher

["Mark McCarron" <mark.mccarron@eclipso.eu>]

Hi everyone,
 
I have recently released a symmetric cipher called Crystalline and I am seeking individuals/groups to analyse algorithm.  On paper, the cipher appears to be information-theoretically secure but this requires independent validation.  Crystalline has been published at CodePlex under the MIT license at the following URL:
 
http://crystalline.codeplex.com/
 
The reference implementation is in C# and I am presently adding minor changes.  The software has been up for about a week and, so far, has survived against various crackers and I thought it was time to present it to a much deeper series of tests by more knowledgeable people.  I have put together an RStudio project that has functions to analyse the cipher (also released under MIT license) that I hope everyone will find useful.  I am trying to keep this project agnostic to the cipher being analysed and I would be happy to include any R code that anyone develops.
 
The RStudio project can be downloaded here:
http://s000.tinyupload.com/index.php?file_id=3D37851913919266496129
 
Crystalline adopts a unique (as far as I know) approach to encryption.  Rather than apply complex formulas to plaintext, Crystalline moves the location of bits and bytes based upon values from a TRNG (such as atmospheric noise).  The recommended minimum key/salt length is 16KB, providing an effective key strength of 131072 bits.  The key/salt size is arbitrary and can be extended to Gigabytes or a continuous random stream if necessary.
 
In each round, Crystalline first swaps every bit in the file based upon values drawn from the key and salt. Before a bit is swapped, it is XOR'ed with the bit value 1. Then Crystalline erases that history by swapping every byte in the file, based upon values, drawn from the key and salt.

Steps in a round:

Part A:

1. Load the plaintext, key and salt files into memory (circular buffer for each).
2. Calculate the location of the bits to switch based on the formula 'key*salt' (where both the key and salt are represented as integer values of a byte in the range 0-255)
3. Select the current bit index in the plaintext and XOR it with the value 1
4. Swap the bit with the bit identified in step 2 whilst alternating the direction of that swap
5. Increment the index in the plaintext, key and salt (looping around the buffer necessary)
6. Repeat steps 2-5 inclusive until EOF (plaintext)
 
Part B:

1. Set indexes of the plaintext, key and salt to 0
2. Calculate the location of the bytes to switch based on the formula 'key*salt' (where both the key and salt are represented as integer values of a byte in the range 0-255)
3. Swap the byte with the byte identified in step 2 whilst alternating the direction of that swap
4. Increment the index in the plaintex, key and salt (looping around the buffer necessary)
5. Repeats steps 2-4 inclusive until EOF (plaintext)
 
http://crystalline.codeplex.com/documentation
 
It is recommended that the plaintext be compressed first, but Crystalline does not specify which compression algorithm should be used.
 
Over the last week myself and numerous other people have been both attacking the cipher and analysing its output.  The main place for this discussion has been here:
 
http://forums.devshed.com/security-cryptography-17/crystalline-cipher-testers-required-969138.html
 
We have been particularly focused on examining FFT outputs of the ciphertext and the RStudio code allows us to produce some nice images of the FFTs as grey scaled height maps to spot patterns.  The following link is an example of such an image drawn from the encryption of a 13.5MB file using Crystalline (quite a large image):
 
http://i.imgur.com/kQxmf5z.jpg
 
There is also a pseudo-colorised version of this image here showing the distribution of values in a linear gradient (Red = 0, Orange = 128, Green = 255)
 
https://static.dyp.im/C0PYsjmj6t/755c391c9347eaf1a563abf4bf0f045a.png
 
I hope everyone will download a copy and give it a test.  If anyone has questions, comments, suggestions or notices any errors then feel free to post to the group and I will respond as best I can.
 
Regards,
 
Mark McCarron


---
Free, fast and secure email: https://www.eclipso.eu" rel="nofollow">https://www.eclipso.eu