IETF Logo Mail Archive

Re: [Cfrg] Crystalline Cipher

Tony Arcieri <bascule@gmail.com> Fri, 22 May 2015 22:33 UTC

Return-Path: <bascule@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9373C1A896A for <cfrg@ietfa.amsl.com>; Fri, 22 May 2015 15:33:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.999
X-Spam-Level:
X-Spam-Status: No, score=-3.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, GB_I_LETTER=-2, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iFUVqb4uaqKW for <cfrg@ietfa.amsl.com>; Fri, 22 May 2015 15:32:59 -0700 (PDT)
Received: from mail-oi0-x22a.google.com (mail-oi0-x22a.google.com [IPv6:2607:f8b0:4003:c06::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3ED8F1A891B for <cfrg@irtf.org>; Fri, 22 May 2015 15:32:57 -0700 (PDT)
Received: by oige141 with SMTP id e141so24047824oig.1 for <cfrg@irtf.org>; Fri, 22 May 2015 15:32:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=18sCMiKB2Ch1GqDmNTKnMoH9xSkwYYkd/734D3HCnNs=; b=AxakTwyfAwNU4TzsfUh2cf+2CBQtoN2qk9JOeNpVvvziCPD/Uo/liIkPPKOwLF3O2M nW13JhWEE/jIuuNTdwLOLr49tOAZCbkXjrl1JB7v3h5L6RhEwH8xwT/RmrIyABo7rIc5 wRPcKHHQAIqi3dBKKvv8ynmHAcoWCglGosYeySCZU/YYqsaWcplfC4/oNUlyFMsutxbU RkTNXUufENwFHbS04zkT5MKaXc+E/ExQmm342T9JnbSCJiz68jNZt3incNojDJWu5jVm HKxACpmYgd3yOcSLI+0sPnhFHQPnkKGg5k8ETRcdcHqYQPz8knFv8QM+odILXhP4saoL BOHQ==
X-Received: by 10.202.52.138 with SMTP id b132mr7890371oia.125.1432333976749; Fri, 22 May 2015 15:32:56 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.76.25.198 with HTTP; Fri, 22 May 2015 15:32:36 -0700 (PDT)
In-Reply-To: <dcf257ea9d53bca2d492e8af8af3cf97@mail.eclipso.de>
References: <385e922556bc3cabb98f7bb3f7faa47b@mail.eclipso.de> <555D7E95.9080500@shiftleft.org> <8e7ec9ae7082fac7061fe60faaa00106@mail.eclipso.de> <555DF1B7.4010500@shiftleft.org> <b5451ad486d461a38a6d19655322cfd3@mail.eclipso.de> <264518D0-89EE-427C-B011-B1582B9C98E2@shiftleft.org> <aa8324752ab4c6ec26650852318766f4@mail.eclipso.de> <555E4524.2060600@gmail.com> <fcb97b7182d9c0e306fd72a5f7e97959@mail.eclipso.de> <8e9abc468e6f49d4b576515c401c6d20@ustx2ex-dag1mb2.msg.corp.akamai.com> <dcf257ea9d53bca2d492e8af8af3cf97@mail.eclipso.de>
From: Tony Arcieri <bascule@gmail.com>
Date: Fri, 22 May 2015 15:32:36 -0700
Message-ID: <CAHOTMVKVX=K68fuS1tq0kAWV3AAxERM+PCT-ar_hJkKorquR5A@mail.gmail.com>
To: Mark McCarron <mark.mccarron@eclipso.eu>
Content-Type: multipart/alternative; boundary="001a113d3e02e24ea00516b33db2"
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/oRJ-T6MIy9Q_17Q8SdtOKtO-L6s>
Cc: "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] Crystalline Cipher
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 May 2015 22:33:01 -0000

On Fri, May 22, 2015 at 1:02 PM, Mark McCarron <mark.mccarron@eclipso.eu>
wrote:

> To understand the principles behind Crystalline, I would recommend
> brushing up on Lorenz and Enigma.


Hi Mark,

I'm quite familiar with Lorenz and Enigma, both of which are considered
extremely broken today.

Enigma contained a bias because it never mapped a letter to itself. Any
such bias is sufficient to break a cipher.

Your cipher is full of similar biases:

http://www.freecx.co.uk/cryptanalysis/Crystalline/Crystaline_3D.jpg

If it were a good cipher, it'd appear flatter:

http://www.freecx.co.uk/cryptanalysis/Crystalline/RC4_3D.jpg

Note that RC4 is not a good cipher. You may not know it, but Kenny was part
of a team that found such biases in RC4.

Your cipher has biases. Therefore it's broken. Period. I know you disagree,
but you're wrong. Period. Your cipher is broken. End of story.

By modern standards, your cipher should be indistinguishable from random
data even in the presence of a chosen ciphertext attack, something I'm
fairly certain you're not even familiar with:

https://en.wikipedia.org/wiki/Ciphertext_indistinguishability

Your cipher is obviously distinguishable from random data, simply by
looking at an image of the ciphertext:

https://i.imgur.com/MWmMc0J.png

If you have a genuine interest in cryptography, I hope you take these
things to heart, study them, and improve your knowledge of cryptography.

v2.23.0 | Report a Bug | By Email