Beefy Boxes and Bandwidth Generously Provided by pair Networks
go ahead... be a heretic

Re: Wombat's Bit Scrambler

by arhuman (Vicar)
on Mar 10, 2001 at 02:46 UTC ( #63388=note: print w/replies, xml ) Need Help??

in reply to Wombat's Bit Scrambler

I'm one of those who always look for new improved things.

So I was rather interested by your post.

Anyway I'd like to point out some weakness/problem which could be interesting to enhance/solve :

1) The key space (the seed is the key) is really too small in my humble opinion (32 bits !!!!).
why not use your passphrase to create several seed which could be used to introduce more entropy.
(produce N seeds and use N pseudo random generator?)

2) I think that you supposition that each pseudo random generator is different is risky.
very few good generators exists and in fact it seems that a bad one is the most used (linear congruential generator)
In fact it's probable that different system will produce the same values with the same seed.
And even if I don't know if the Perl rand function will give the same values on different system given the same seed,
It's higly possible that if someone implement this algo in another language the rand function will be a linear congruential generator.

3) BTW if the rand function is a Linear congruential generator the period may be ridiculously short (16838 for ANSI one) so long text encrypting would lead to easy cryptanalisis.
Moreover whatever the period of your generator you shouldn't use it to encrypt an unlimited plain text (or a very long message).

4) you're algo seems weak against choosen (or even known) text attack

But as I said before , I like your try and hope you'll go on trying to enhance this.

As long as you remember that whatever your skill without a long review by (real) cryptanalists, it IS weak security.

UPDATE : A good reading could be the article "Randomness - The Perl Journal, Winter 1996"

"Trying to be a SMART lamer" (thanx to Merlyn ;-)

Replies are listed 'Best First'.
Re: Re: Wombat's Bit Scrambler
by TStanley (Canon) on Mar 10, 2001 at 02:58 UTC
    There is a module on CPAN called Crypt::Random, which is supposed
    to provide numbers that are random enough for cryptological applications.
    This module might be worth looking at.

    In the end, there can be only one!
      If Crypt::Random is really random (and it seems to be) then you won't be able to decrypt the ciphered message giving the same seed.

      "Trying to be a SMART lamer" (thanx to Merlyn ;-)
A reply falls below the community's threshold of quality. You may see it by logging in.

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://63388]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others pondering the Monastery: (5)
As of 2023-10-03 14:03 GMT
Find Nodes?
    Voting Booth?

    No recent polls found