|
|
|
| more useful options | |
| PerlMonks |
comment on |
| ( #3333=superdoc: print w/replies, xml ) | Need Help?? |
|
I'm one of those who always look for new improved things.
So I was rather interested by your post. Anyway I'd like to point out some weakness/problem which could be interesting to enhance/solve : 1) The key space (the seed is the key) is really too small in my humble opinion (32 bits !!!!). why not use your passphrase to create several seed which could be used to introduce more entropy. (produce N seeds and use N pseudo random generator?) 2) I think that you supposition that each pseudo random generator is different is risky. very few good generators exists and in fact it seems that a bad one is the most used (linear congruential generator) In fact it's probable that different system will produce the same values with the same seed. And even if I don't know if the Perl rand function will give the same values on different system given the same seed, It's higly possible that if someone implement this algo in another language the rand function will be a linear congruential generator. 3) BTW if the rand function is a Linear congruential generator the period may be ridiculously short (16838 for ANSI one) so long text encrypting would lead to easy cryptanalisis. Moreover whatever the period of your generator you shouldn't use it to encrypt an unlimited plain text (or a very long message). 4) you're algo seems weak against choosen (or even known) text attack But as I said before , I like your try and hope you'll go on trying to enhance this. As long as you remember that whatever your skill without a long review by (real) cryptanalists, it IS weak security. UPDATE : A good reading could be the article "Randomness - The Perl Journal, Winter 1996" "Trying to be a SMART lamer" (thanx to Merlyn ;-) In reply to Re: Wombat's Bit Scrambler
by arhuman
|
|