you do not need to shuffle the whole array! Simply shuffle the byte just
used with 1 or 2 others. Written in VB6 I manage to encrypt ~7MB/sec on
a 1.8gig Pentium IV. True, other algos are faster, and then there are
some that are slower.
Anyways, you've answered part of my question sensibly. Thank you.
Peter

you do not need to shuffle the whole array! Simply shuffle the byte just
used with 1 or 2 others. Written in VB6 I manage to encrypt ~7MB/sec on
a 1.8gig Pentium IV. True, other algos are faster, and then there are
some that are slower.

you do not need to shuffle the whole array! Simply shuffle the byte just
used with 1 or 2 others. Written in VB6 I manage to encrypt ~7MB/sec on
a 1.8gig Pentium IV. True, other algos are faster, and then there are
some that are slower.

Okay. Now let's try for round 2. Suppose that instead of mapping your
plaintext bytes through these shuffled arrays you simply add a different
pseudo-random value (mod 256) to each plaintext byte. How is that better or
worse than your original proposal? Hint: functionally, it's exactly the
same thing!

So, what you've constructed is a stream cipher whose security lies in the
unpredictability of the PRNG. The shuffling twist may make it harder to
analyze the PRNG (because it adds state to whatever state is in the PRNG),
but that's all it does. If you've got a good PRNG (like AES in CTR mode)
and you're careful not to abuse it, you may have the basis for a secure
cipher system.

Okay. Now let's try for round 2. Suppose that instead of mapping your
plaintext bytes through these shuffled arrays you simply add a different
pseudo-random value (mod 256) to each plaintext byte. How is that better or
worse than your original proposal? Hint: functionally, it's exactly the
same thing!

So, what you've constructed is a stream cipher whose security lies in the
unpredictability of the PRNG. The shuffling twist may make it harder to
analyze the PRNG (because it adds state to whatever state is in the PRNG),
but that's all it does. If you've got a good PRNG (like AES in CTR mode)
and you're careful not to abuse it, you may have the basis for a secure
cipher system.

Peter wrote:

you do not need to shuffle the whole array! Simply shuffle the byte...

Uh, how is it again that you choose the byte with which you're going
to shuffle the byte just used? (I presume that "shuffle" means
"exchange" in this context.)

--Mike Amling

"Peter" <peter_rabbit@shaw.ca> wrote in message
news:0NHIb.883354$pl3.606937@pd7tw3no...

you do not need to shuffle the whole array! Simply shuffle the byte just
used with 1 or 2 others.

So, what you've constructed is a stream cipher whose security lies in the
unpredictability of the PRNG. The shuffling twist may make it harder to
analyze the PRNG (because it adds state to whatever state is in the PRNG),
but that's all it does. If you've got a good PRNG (like AES in CTR mode)
and you're careful not to abuse it, you may have the basis for a secure
cipher system.

"Peter" <peter_rabbit@shaw.ca> wrote in message
news:0NHIb.883354$pl3.606937@pd7tw3no...

you do not need to shuffle the whole array! Simply shuffle the byte just
used with 1 or 2 others.

So, what you've constructed is a stream cipher whose security lies in the
unpredictability of the PRNG. The shuffling twist may make it harder to
analyze the PRNG (because it adds state to whatever state is in the PRNG),
but that's all it does. If you've got a good PRNG (like AES in CTR mode)
and you're careful not to abuse it, you may have the basis for a secure
cipher system.

it is, sort of a PRNG, based on the password.

In this case it is the key
which, ofcourse, can be reconstructed with the right password. The
weakness is not the PRNG (or key), because it is not revealed or repeated.

Perhaps this cipher system is not better than adding, subtracting etc.
it simply is a different approach. The only difference to adding (Mod
256) that I see is, that in the 'adding scheme' the resulting Byte is a
direct consequence of and has a direct relation to the original Byte
through the applied function ((pt + x) mod 256). In the 'mapping scheme'
the original Byte and the resulting Byte only have a 'by chance'
relationship that is not a consequence of a direct mathematical
function. (?).

You may be right that this is not more secure, but is it
less so?
Peter

it is, sort of a PRNG, based on the password.

In this case it is the key
which, ofcourse, can be reconstructed with the right password. The
weakness is not the PRNG (or key), because it is not revealed or repeated.

Perhaps this cipher system is not better than adding, subtracting etc.
it simply is a different approach. The only difference to adding (Mod
256) that I see is, that in the 'adding scheme' the resulting Byte is a
direct consequence of and has a direct relation to the original Byte
through the applied function ((pt + x) mod 256). In the 'mapping scheme'
the original Byte and the resulting Byte only have a 'by chance'
relationship that is not a consequence of a direct mathematical
function. (?).

You may be right that this is not more secure, but is it
less so?
Peter

in this case the a_key is an s-box with values from 0 to 255. Here it is
not used as a PRNG, but under situations that req. PRNs betw. 0 and 255
it could be used as such.

You've confused yourself with your idea of rb being an array of
references. rb is an s-box.

I disagree, the a_key is an s-box, but rb only serves as a reference to
where the plaint text byte is in the a_key. Perhaps we are splitting
hairs over semantics. You seem to be far more knowlegeable than I in
tthis matter so... you win.

As you don't really understand your own scheme, it's a very safe bet
that it's horribly insecure. However, you don't seem to have said how
the array a_key is derived from the password, or what the PRNG is.
Without these rather essential details, it's rather impossible to say.

I understand my scheme just fine, I am just not too familiar with the
semantics of the trade,

that is why I ask questions, try to learn from
the comments of others and then answer other peoples questions to the
best of my abilities. If this newsgroup is for pros only please post a
sign!

As for your assumption that 'it is a very safe bet that it is horribly
insecure', I beg your indulgance to explain on what you base your
judgement.
Peter

in this case the a_key is an s-box with values from 0 to 255. Here it is
not used as a PRNG, but under situations that req. PRNs betw. 0 and 255
it could be used as such.

You've confused yourself with your idea of rb being an array of
references. rb is an s-box.

I disagree, the a_key is an s-box, but rb only serves as a reference to
where the plaint text byte is in the a_key. Perhaps we are splitting
hairs over semantics. You seem to be far more knowlegeable than I in
tthis matter so... you win.

As you don't really understand your own scheme, it's a very safe bet
that it's horribly insecure. However, you don't seem to have said how
the array a_key is derived from the password, or what the PRNG is.
Without these rather essential details, it's rather impossible to say.

I understand my scheme just fine, I am just not too familiar with the
semantics of the trade,

that is why I ask questions, try to learn from
the comments of others and then answer other peoples questions to the
best of my abilities. If this newsgroup is for pros only please post a
sign!

As for your assumption that 'it is a very safe bet that it is horribly
insecure', I beg your indulgance to explain on what you base your
judgement.
Peter

it is, sort of a PRNG, based on the password.


It's an s-box. The s-box, rb, is constructed on the basis of the
password. The only part of the construction method you seem to have
given is the transformation from a_key to rb. After each substitution,
the s-box, rb, is altered on the basis of the output of a PRNG which you
haven't given.

Perhaps this cipher system is not better than adding, subtracting etc.
it simply is a different approach. The only difference to adding (Mod
256) that I see is, that in the 'adding scheme' the resulting Byte is
a direct consequence of and has a direct relation to the original Byte
through the applied function ((pt + x) mod 256). In the 'mapping
scheme' the original Byte and the resulting Byte only have a 'by
chance' relationship that is not a consequence of a direct
mathematical function. (?).


You've confused yourself with your idea of rb being an array of
references. rb is an s-box.
I disagree, the a_key is an s-box, but rb only serves as a reference to

You may be right that this is not more secure, but is it less so?
Peter


As you don't really understand your own scheme, it's a very safe bet
that it's horribly insecure. However, you don't seem to have said how
the array a_key is derived from the password, or what the PRNG is.
Without these rather essential details, it's rather impossible to say.


Simon

it is, sort of a PRNG, based on the password.


It's an s-box. The s-box, rb, is constructed on the basis of the
password. The only part of the construction method you seem to have
given is the transformation from a_key to rb. After each substitution,
the s-box, rb, is altered on the basis of the output of a PRNG which you
haven't given.

Perhaps this cipher system is not better than adding, subtracting etc.
it simply is a different approach. The only difference to adding (Mod
256) that I see is, that in the 'adding scheme' the resulting Byte is
a direct consequence of and has a direct relation to the original Byte
through the applied function ((pt + x) mod 256). In the 'mapping
scheme' the original Byte and the resulting Byte only have a 'by
chance' relationship that is not a consequence of a direct
mathematical function. (?).


You've confused yourself with your idea of rb being an array of
references. rb is an s-box.
I disagree, the a_key is an s-box, but rb only serves as a reference to

You may be right that this is not more secure, but is it less so?
Peter


As you don't really understand your own scheme, it's a very safe bet
that it's horribly insecure. However, you don't seem to have said how
the array a_key is derived from the password, or what the PRNG is.
Without these rather essential details, it's rather impossible to say.


Simon

quite a simple exchange (swap) of the byte involved with 2 others.

a= a_key(x) 'the involved Byte
a_key(x)=a_key(y)
a_key(y)=a_key(z)
a_key(z)=a

it is actually a bit more involved, since you must shuffle 2 arrays, the
a_key and the ref. array. I don't want to bore everybody with the
details and wear out my already thin welcome here, but to anyone
interested, I'll gladly mail the whole thing. (be forewarned, though, it
is in VB6 and not in God's language C)

Peter
Michael Amling wrote:
Peter wrote:

you do not need to shuffle the whole array! Simply shuffle the byte...


Uh, how is it again that you choose the byte with which you're going
to shuffle the byte just used? (I presume that "shuffle" means
"exchange" in this context.)

--Mike Amling