Reverse Engineering RET Homepage RET Members Reverse Engineering Projects Reverse Engineering Papers Reversing Challenges Reverser Tools RET Re-Search Engine Reverse Engineering Forum Reverse Engineering Links

Go Back   Reverse Engineering Team Board > Reverse Engineering Board > Steganography + Cryptography
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Display Modes
  #1  
Old 06-07-2005, 09:30 PM
rwid rwid is offline
Member
 
Join Date: Jun 2005
Location: Sydney, Australia
Posts: 41
Default

Hi reteam,

I've read XOR encryption is very susceptible to crypto analysis attacks where the key length is less than the length of the plaintext. Also XORing multiple keys of lengths divisible by each other does not increase security, eg: XORing the plaintext with a key of length 4 bytes and then XORing the plaintext with a key of 8 bytes is no more secure than simply XORing the plaintext with only an 8 byte key.

But what if I used keys with lengths of prime numbers, and I apply them in the same manner as above, ie one after the other to the plain text?

For example given four keys of lengths 7, 19, 23 and 29 bytes respectively, if I XOR each of these keys one at a time across the plaintext, does this give me an effective key length of 17*19*23*29 = 215441 bytes because these key lengths are all prime?

Would the key still be susceptible to crypto analysis attacks if I had used a plaintext length matching that effective key length (in this example 215441 bytes) ?
Reply With Quote
  #2  
Old 01-08-2006, 08:59 PM
rwid rwid is offline
Member
 
Join Date: Jun 2005
Location: Sydney, Australia
Posts: 41
Default

any ideas? anyone?
Reply With Quote
  #3  
Old 01-14-2006, 05:43 PM
0x517A5D 0x517A5D is offline
Member
 
Join Date: Jul 2005
Posts: 13
Default

The simple answer is yes, absolutely vulnerable. XOR encryption with any repeats is kid-sister protection at most. The repetition of each subkey will be seen in the crypted document, even if the plaintext doesn't happen to have big blocks of zeros (like most EXEs do). If the cryptanalyst can get (or guess) a copy (even a partial copy) of the plaintext which you have crypted, it is almost trivial to recover all of the subkeys you used to build your rolling key. If not, standard statistical analysis will still show the patterns, and then it's just a super-hard cryptoquote puzzle.

Consider shuffling & altering the characters in your keys in a nonlinear way every so often. Use different shuffle functions on each subkey. That will buy you quite a bit more strength,
as long as the attacker doesn't have knowledge of your algorithms. Still not anything near NSA level, though.

Khan's classic The Code Breakers is probably the best reference on attacks on older, simpler crypto like XOR schemes. Published in 1967 but still relevant.

517A5D out.
Reply With Quote
  #4  
Old 01-15-2006, 04:37 AM
rwid rwid is offline
Member
 
Join Date: Jun 2005
Location: Sydney, Australia
Posts: 41
Default


thanks 0x517A5D!!

Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump





Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.