Moderator: mosher

New implementation of Chaocipher

keltia
Just registered
keltia
Just registered
Joined: August 5th, 2010, 8:01 am

August 5th, 2010, 2:55 pm #1

As I told moshe on Usenet, here is my implementation in Ruby if the Chaocipher system. You will also find implementation of several other oldish systems in the library (a work in progress).
old-crypto home page

Juts read the setup topic by james, congratulations for the investigation!

Quote
Like
Share

kryptosfan
NSA worthy
kryptosfan
NSA worthy
Joined: September 4th, 2011, 6:09 am

September 18th, 2011, 8:46 pm #2

His other site seems about as current as this post.
OBKR
UOXOGHULBSOLIFBBWFLRVQQPRNGKSSO
TWTQSJQSSEKZZWATJKLUDIAWINFBNYP
VTTMZFPKWGDKZXTJCDIGKUHUAUEKCAR
Quote
Like
Share

mok-kong shen
NSA worthy
Joined: December 12th, 2009, 6:21 pm

September 26th, 2011, 9:44 am #3

Merely a casual thinking ("Schnapsidee" in German): Maybe one could ponder over the main idea underlying the scheme and eventually find some, even very tiny, improvements either in the algorithm or in the implementation?
Quote
Like
Share

james
Elite member
james
Elite member
Joined: May 14th, 2010, 3:48 pm

September 26th, 2011, 12:39 pm #4

mok-kong shen wrote:Maybe one could ponder over the main idea underlying the scheme and eventually find some, even very tiny, improvements either in the algorithm or in the implementation?
Yes I agree this is a good approach. And the big problem to resolve in Chaocipher, IMHO, is that a mistake in enciphering a letter makes unreadable all that follows. Of course one can argue that implementing the algorithm with a computer would eliminate mistakes in encipherment, and I would agree with that. But there are still highly possible other sources of error, for example in transmission or reseption. I guess a major reason that Chaocipher was never accepted by Friedman and others in the US Establishment was this particular feature.
Quote
Like
Share

kryptosfan
NSA worthy
kryptosfan
NSA worthy
Joined: September 4th, 2011, 6:09 am

September 26th, 2011, 4:36 pm #5

So how do people resolve this with the avalanche effect?
OBKR
UOXOGHULBSOLIFBBWFLRVQQPRNGKSSO
TWTQSJQSSEKZZWATJKLUDIAWINFBNYP
VTTMZFPKWGDKZXTJCDIGKUHUAUEKCAR
Quote
Like
Share

mok-kong shen
NSA worthy
Joined: December 12th, 2009, 6:21 pm

September 26th, 2011, 7:38 pm #6

kryptosfan wrote:So how do people resolve this with the avalanche effect?
Could you expand/elaborate your question a little bit with reference to sentences of the previous writer? Thanks.
Quote
Like
Share

kryptosfan
NSA worthy
kryptosfan
NSA worthy
Joined: September 4th, 2011, 6:09 am

September 26th, 2011, 9:00 pm #7

james wrote:And the big problem to resolve in Chaocipher, IMHO, is that a mistake in enciphering a letter makes unreadable all that follows.
"In cryptography, the avalanche effect refers to a desirable property of cryptographic algorithms, typically block ciphers and cryptographic hash functions. The avalanche effect is evident if, when an input is changed slightly (for example, flipping a single bit) the output changes significantly (e.g., half the output bits flip). In the case of quality block ciphers, such a small change in either the key or the plaintext should cause a drastic change in the ciphertext."

"If a block cipher or cryptographic hash function does not exhibit the avalanche effect to a significant degree, then it has poor randomization, and thus a cryptanalyst can make predictions about the input, being given only the output. This may be sufficient to partially or completely break the algorithm. Thus, the avalanche effect is a desirable condition from the point of view of the designer of the cryptographic algorithm or device."

"Constructing a cipher or hash to exhibit a substantial avalanche effect is one of the primary design objectives."

It seems like in one case it's desirable and in the other it's a reason never to use the cipher. I figured Chaocipher must qualify for a pretty good avalanche effect if a one letter mistake means you can't read the rest. Do people never make mistakes with stream or block ciphers? No, of course not, of course they make mistakes. I'm pretty sure someone has already mentioned on this forum something about there being a method to overcome a hitch in a stream cipher. I figured the same logic could be applied to figuring out a solution to the impracticability of Chaocipher.
OBKR
UOXOGHULBSOLIFBBWFLRVQQPRNGKSSO
TWTQSJQSSEKZZWATJKLUDIAWINFBNYP
VTTMZFPKWGDKZXTJCDIGKUHUAUEKCAR
Quote
Like
Share

sharpe
Super member
sharpe
Super member
Joined: November 30th, 2010, 3:47 pm

September 26th, 2011, 9:10 pm #8

Not sure you are reading that correctly. Changing one bit of the plaintext or the key should result in a ciphertext that is 50% new and readable when deciphered.

think of a vig. If you change one letter of the plaintext and keep the same key, you'be only changed 1 character of the ciphertext.

Assuming you have a plaintext that is 100 characters long, you want it so when you change that one plaintext character from say 'these' to 'those' to change 50 of the resulting ciphertext characters.

Quote
Like
Share

mok-kong shen
NSA worthy
Joined: December 12th, 2009, 6:21 pm

September 26th, 2011, 10:15 pm #9

sharpe wrote:Assuming you have a plaintext that is 100 characters long, you want it so when you change that one plaintext character from say 'these' to 'those' to change 50 of the resulting ciphertext characters.
Do I understand correctly that you mean that that's not feasible for any (including potential) encryption schemes operating on units of characters?
Quote
Like
Share

jdege
NSA worthy
jdege
NSA worthy
Joined: December 7th, 2006, 8:43 pm

September 26th, 2011, 10:39 pm #10

In a block cipher, changing one bit of either the plaintext or the key should change half the bits in the output - for that block.

Future blocks are another matter.

If you're using ECB mode, every block is entirely independent, and future blocks will not be affected.

Of course, nobody uses ECB, because it leaks far too much information. So they use modes in which blocks feed into each other.

In CBC mode, each block of plaintext is XORed with the previous block's ciphertext. Which means that if there's an error in one block, the next block is mangled, too. But because future blocks depend upon the plaintext, the key, and the previous block's ciphertext, blocks after that come through fine.

So an error mangles two blocks, but the system resynchronizes itself after that, and succeeding blocks can be read without a problem.
When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl.
Quote
Like
Share