Cryptography Differential characteristics discovered in Human4B

---

• Differential characteristics discovered in Human4B
• How to avoid maleability in a simple stream cipher
• Requirements of encryption algorithms used in CSPRNG
• DiskCryptor Question :)

Differential characteristics discovered in Human4B Posted: 06 Apr 2018 02:36 PM PDT I'm very sorry if it annoys everybody that I keep posting about my own cipher (which can be found here ), but I guess this would be more educational than my other posts. I'm not going to go into what Differential cryptoanalysis is, if you want to know more have a look here, it took a while to get for me but I did get it. Anyway, I noticed that the 32 key scheduling 'rounds' that my cipher had (which made it easy for humans to compute and created pseudo-randomness needed before the key mixing) is in fact a 12-bit substitution box. So my cipher can be thought of as a simple construction of this form: INITIAL -> 12-bit SBOX -> Xor with 12-bit key0 -> 12-bit SBOX -> Xor with 12-bit key1, e.t.c. for 8/10 rounds -> OUTPUT Key stream number (12-bit). In the actual cipher I throw away all but the last 4 bits of the output, which may thwart this particular attack. In any case I decided to iterate over all 12-bit characteristics A->B (and my laptop is still going over them), but I found differential charecteristic 1 -> 62 that holds true for 903 of 4096 values, doing some basic number crunching I've devised the following: For 8 rounds of my cipher this would allow a key recovery attack requiring 2^80 time complexity and 2^16 chosen plaintexts - this attack is not nice because we just reduced a key of 96 bits to 80 bits. For 10 rounds the time complexity is 2^100 and requires 2^20 chosen plaintexts. What kind of construction problems (except that it turns out to be reducible to a very simple SP-box network) do you think lead to this pretty amazing attack? submitted by /u/naclo3samuel [link] [comments]

How to avoid maleability in a simple stream cipher Posted: 06 Apr 2018 12:01 PM PDT I have created a simple ARX stream cipher designed to be simple enough for humans to execute in their head while retaining security sufficient to make any attack impractical on a small number of ciphertext/plaintexts. The whole concept can be seen here - with round design and all. One of the biggest issues with my scheme is that while currently there is no known cryptoanalytic attack on the primitive itself (I'm trying to break it with DC since the 32 rounds can be thought of as a 12-bit S-box, but I haven't started on that properly yet), there is a serious vulnerability in practice: The ciphertext output can be changed in a predictable fashion to influence particular pieces of the plaintext. What stream ciphers typically do (it appears) is combine previous ciphertext bytes in order to create an avalance effect when decrypting so that minor modifications of the ciphertext cause major modifications in the plaintext, however, while many methods work I want the method chosen to be easy to do for humans (the key schedule is already challenging because of the number of operations, but was designed to be doable by most humans). Is there some kind of cheap authentication tag that would work without destroying security and would be easy to use? Or is there an easy way to build avalanche between ciphertext output 'blocks' (4-bit segments) while keeping the cipher relatively easy for humans to do? submitted by /u/naclo3samuel [link] [comments]

Requirements of encryption algorithms used in CSPRNG Posted: 06 Apr 2018 12:35 PM PDT As far as I know, a common way to obtain a CSPRNG is to use a block or stream cipher and use it to encrypting a counter. If E(key,pt) is the encryption algorithm, we start from a random key K and the random number is R_i=E(K, ctr_i). What properties should E satisfy? I think it should be not malleable, otherwise an attacker could compute R_i+1=E(K, ctr_i+1) from R_i=E(K,ctr_i). Am I right? If this is true, how can stream ciphers be used as CSPRNG? submitted by /u/youngeng [link] [comments]

DiskCryptor Question :) Posted: 06 Apr 2018 03:23 PM PDT I am currently encrypting 1 TB of Data using DiskCryptor. And its going to take a long time to do so. So my question is; Can i pause the encryption and shut down my computer, and it'll just go from where i paused it when i start my computer again? Or will it break it all. Thanks in advance. submitted by /u/Seba0702 [link] [comments]

You are subscribed to email updates from Cryptography news and discussions. To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States