From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755476AbbLDPch (ORCPT ); Fri, 4 Dec 2015 10:32:37 -0500 Received: from mail-ig0-f169.google.com ([209.85.213.169]:33433 "EHLO mail-ig0-f169.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753949AbbLDP2k (ORCPT ); Fri, 4 Dec 2015 10:28:40 -0500 Subject: Re: A new, fast and "unbreakable" encryption algorithm To: Ismail Kizir , Clemens Ladisch References: <564CA86C.1000402@skogtun.org> <564D90CF.4080100@ladisch.de> <20151203223518.GF14427@amd> <566141F5.2080504@ladisch.de> Cc: Pavel Machek , linux-kernel@vger.kernel.org From: Austin S Hemmelgarn Message-ID: <5661B102.5080608@gmail.com> Date: Fri, 4 Dec 2015 10:28:02 -0500 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.4.0 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-512; boundary="------------ms010908070002030509020109" X-Antivirus: avast! (VPS 151204-2, 2015-12-04), Outbound message X-Antivirus-Status: Clean Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org This is a cryptographically signed message in MIME format. --------------ms010908070002030509020109 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable On 2015-12-04 04:42, Ismail Kizir wrote: > Clemens, > > You really don't know what you are talking about. Don't you? :) > And this is my last mail about the subject. I don't want to keep the li= st busy. > The original, unencrypted "plaintext" file was all zeroes. > When I uploaded to blogspot, it appeared all "red" and it still is. > And it has not any "red" cyphertext :) > http://ismail-kizir.blogspot.com.tr/2015/11/visual-proofs-of-hohha-dyna= mic-xor.html It looks a lot more like you don't know what your talking about. Human=20 perceptions of 'randomness' do not align with actual mathematical=20 definitions of it. From a mathematical standpoint, 'random' means that=20 given any arbitrary number of previous values, it is impossible to=20 predict what the next value will be. An excellent example of something that 'looks random' to a human but=20 really isn't is machine code. To anyone who's never dealt with it, it=20 looks just like a jumble of bytes. To someone who has dealt with it,=20 it's pretty easy to predict certain patterns, and if you know what to=20 lock for, you can even tell to a certain extent what type of processor=20 it's for (for example, machine code for the MSP430 tends to have lots of = 0x4303 words in it, because that's the translation of a NO-OP). Try=20 importing an executable file into Gimp or Krita as a raw image, you'll=20 see definite patterning in a couple of places, but most of it will look=20 like static. Similarly, do the same but with an audio import into=20 something like Audacity, you'll get a mix of silence and static with a=20 handful of odd fixed frequency tones mixed in. Both of these seem=20 perfectly random to most people, but they really aren't, they just seem=20 that way because the structure of the data doesn't fit in the context in = which it's being viewed. I've run essentially the same tests that Clemens did, and got the same=20 results, and as such agree with him and Pavel. Given the output, it's=20 trivially possible to infer the input in a given set of cases, and given = that, it's not unreasonable to assume that it's possible to directly=20 infer the input in any arbitrary case. Saying that it's a good=20 encryption algorithm because the output looks different than the input=20 is not a valid argument, you have to do a proper analysis of the output, = which means more than just encrypting a bitmap and seeing if you can=20 recognize a pattern in the result. The algorithm is of little practical=20 use beyond the type of thing that ROT13 or a Caesar cipher would be used = for (IOW, I might consider using it to obfuscate something to annoy=20 someone who's just being nosy, but I would not by any means trust it for = anything that I wanted protected from unauthorized access). > > On Fri, Dec 4, 2015 at 9:34 AM, Clemens Ladisch wr= ote: >> Ismail Kizir wrote: >>> What means "did not look random"? >> >> A plaintext consisting of repeated bytes (zero, or other values) >> eventually makes your algorithm go into a loop, which results in >> repeated bytes. >> >>> On the pictures, there is also an example of "full 0"(it appears red,= >>> but it is full 0 bmp) example. >>> And it "looks" perfectly random. >> >> No, red is _not_ perfectly random. When I see a red picture, I have >> evidence that the plaintext was zeroes. >> >> >> Regards, >> Clemens --------------ms010908070002030509020109 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgMFADCABgkqhkiG9w0BBwEAAKCC Brgwgga0MIIEnKADAgECAgMRLfgwDQYJKoZIhvcNAQENBQAweTEQMA4GA1UEChMHUm9vdCBD QTEeMBwGA1UECxMVaHR0cDovL3d3dy5jYWNlcnQub3JnMSIwIAYDVQQDExlDQSBDZXJ0IFNp Z25pbmcgQXV0aG9yaXR5MSEwHwYJKoZIhvcNAQkBFhJzdXBwb3J0QGNhY2VydC5vcmcwHhcN MTUwOTIxMTEzNTEzWhcNMTYwMzE5MTEzNTEzWjBjMRgwFgYDVQQDEw9DQWNlcnQgV29UIFVz ZXIxIzAhBgkqhkiG9w0BCQEWFGFoZmVycm9pbjdAZ21haWwuY29tMSIwIAYJKoZIhvcNAQkB FhNhaGVtbWVsZ0BvaGlvZ3QuY29tMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA nQ/81tq0QBQi5w316VsVNfjg6kVVIMx760TuwA1MUaNQgQ3NyUl+UyFtjhpkNwwChjgAqfGd LIMTHAdObcwGfzO5uI2o1a8MHVQna8FRsU3QGouysIOGQlX8jFYXMKPEdnlt0GoQcd+BtESr pivbGWUEkPs1CwM6WOrs+09bAJP3qzKIr0VxervFrzrC5Dg9Rf18r9WXHElBuWHg4GYHNJ2V Ab8iKc10h44FnqxZK8RDN8ts/xX93i9bIBmHnFfyNRfiOUtNVeynJbf6kVtdHP+CRBkXCNRZ qyQT7gbTGD24P92PS2UTmDfplSBcWcTn65o3xWfesbf02jF6PL3BCrVnDRI4RgYxG3zFBJuG qvMoEODLhHKSXPAyQhwZINigZNdw5G1NqjXqUw+lIqdQvoPijK9J3eijiakh9u2bjWOMaleI SMRR6XsdM2O5qun1dqOrCgRkM0XSNtBQ2JjY7CycIx+qifJWsRaYWZz0aQU4ZrtAI7gVhO9h pyNaAGjvm7PdjEBiXq57e4QcgpwzvNlv8pG1c/hnt0msfDWNJtl3b6elhQ2Pz4w/QnWifZ8E BrFEmjeeJa2dqjE3giPVWrsH+lOvQQONsYJOuVb8b0zao4vrWeGmW2q2e3pdv0Axzm/60cJQ haZUv8+JdX9ZzqxOm5w5eUQSclt84u+D+hsCAwEAAaOCAVkwggFVMAwGA1UdEwEB/wQCMAAw VgYJYIZIAYb4QgENBEkWR1RvIGdldCB5b3VyIG93biBjZXJ0aWZpY2F0ZSBmb3IgRlJFRSBo ZWFkIG92ZXIgdG8gaHR0cDovL3d3dy5DQWNlcnQub3JnMA4GA1UdDwEB/wQEAwIDqDBABgNV HSUEOTA3BggrBgEFBQcDBAYIKwYBBQUHAwIGCisGAQQBgjcKAwQGCisGAQQBgjcKAwMGCWCG SAGG+EIEATAyBggrBgEFBQcBAQQmMCQwIgYIKwYBBQUHMAGGFmh0dHA6Ly9vY3NwLmNhY2Vy dC5vcmcwMQYDVR0fBCowKDAmoCSgIoYgaHR0cDovL2NybC5jYWNlcnQub3JnL3Jldm9rZS5j cmwwNAYDVR0RBC0wK4EUYWhmZXJyb2luN0BnbWFpbC5jb22BE2FoZW1tZWxnQG9oaW9ndC5j b20wDQYJKoZIhvcNAQENBQADggIBADMnxtSLiIunh/TQcjnRdf63yf2D8jMtYUm4yDoCF++J jCXbPQBGrpCEHztlNSGIkF3PH7ohKZvlqF4XePWxpY9dkr/pNyCF1PRkwxUURqvuHXbu8Lwn 8D3U2HeOEU3KmrfEo65DcbanJCMTTW7+mU9lZICPP7ZA9/zB+L0Gm1UNFZ6AU50N/86vjQfY WgkCd6dZD4rQ5y8L+d/lRbJW7ZGEQw1bSFVTRpkxxDTOwXH4/GpQfnfqTAtQuJ1CsKT12e+H NSD/RUWGTr289dA3P4nunBlz7qfvKamxPymHeBEUcuICKkL9/OZrnuYnGROFwcdvfjGE5iLB kjp/ttrY4aaVW5EsLASNgiRmA6mbgEAMlw3RwVx0sVelbiIAJg9Twzk4Ct6U9uBKiJ8S0sS2 8RCSyTmCRhJs0vvva5W9QUFGmp5kyFQEoSfBRJlbZfGX2ehI2Hi3U2/PMUm2ONuQG1E+a0AP u7I0NJc/Xil7rqR0gdbfkbWp0a+8dAvaM6J00aIcNo+HkcQkUgtfrw+C2Oyl3q8IjivGXZqT 5UdGUb2KujLjqjG91Dun3/RJ/qgQlotH7WkVBs7YJVTCxfkdN36rToPcnMYOI30FWa0Q06gn F6gUv9/mo6riv3A5bem/BdbgaJoPnWQD9D8wSyci9G4LKC+HQAMdLmGoeZfpJzKHMYIE0TCC BM0CAQEwgYAweTEQMA4GA1UEChMHUm9vdCBDQTEeMBwGA1UECxMVaHR0cDovL3d3dy5jYWNl cnQub3JnMSIwIAYDVQQDExlDQSBDZXJ0IFNpZ25pbmcgQXV0aG9yaXR5MSEwHwYJKoZIhvcN AQkBFhJzdXBwb3J0QGNhY2VydC5vcmcCAxEt+DANBglghkgBZQMEAgMFAKCCAiEwGAYJKoZI hvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMTUxMjA0MTUyODAyWjBPBgkq hkiG9w0BCQQxQgRAg/2M4SQ91ISjhD/3CZ33/1c5/nZ2nvK65OLol1RGcdhJ68N+0JNTyhjk 9ZuV/rxpmvpLZAblOPHXlBLu2mjyKDBsBgkqhkiG9w0BCQ8xXzBdMAsGCWCGSAFlAwQBKjAL BglghkgBZQMEAQIwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3DQMCAgFA MAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMIGRBgkrBgEEAYI3EAQxgYMwgYAweTEQMA4GA1UE ChMHUm9vdCBDQTEeMBwGA1UECxMVaHR0cDovL3d3dy5jYWNlcnQub3JnMSIwIAYDVQQDExlD QSBDZXJ0IFNpZ25pbmcgQXV0aG9yaXR5MSEwHwYJKoZIhvcNAQkBFhJzdXBwb3J0QGNhY2Vy dC5vcmcCAxEt+DCBkwYLKoZIhvcNAQkQAgsxgYOggYAweTEQMA4GA1UEChMHUm9vdCBDQTEe MBwGA1UECxMVaHR0cDovL3d3dy5jYWNlcnQub3JnMSIwIAYDVQQDExlDQSBDZXJ0IFNpZ25p bmcgQXV0aG9yaXR5MSEwHwYJKoZIhvcNAQkBFhJzdXBwb3J0QGNhY2VydC5vcmcCAxEt+DAN BgkqhkiG9w0BAQEFAASCAgBZBx304GGJBacIB4EOCJ/CgYaG0i7pV3q/QBXSD4iP4prwE1YC 2fh0W3oGmYLhtTySwMoSBzqe5dX//3Of12CRxy3CBfVg1O+wXtRMTV0I7PI2ayBvhAccTJhT dR6bNnQpP5va3LVWRQWkDfJz0tFKyiJrm65k6Qt005qNU8X4AKdkPZbcYMFtV3ZLHYXAvulr MwhoIZob2GM7S/IxuEbQ9J02v96SuAIRxbGoNMhNHLLQU2B4Fk8rZtbnzP1FwQxaJu6rHRd+ YS1ihwswEd5BbEJOZ2mt69WFT8TUObfycedHW1YNV6pQSjxzfcVFn1ZCAPZ7ec5FRNqOMvZq IfC2ccxNsiYDMBKqJmfjPrUCkCyu9/Y8IrkpL5PtE6Mt9wUfgxqx21rO5864tJcTqQWd2KRr WoJYKrPb2Ix8kkvlisrt6USG1NeQBgBzvBsgI2R7bJ6Y3dhLIPR9QEYABynbK0PmY8yPcesu au9V9vdq92zmedybY07jHzoINCUALCVsFN4Z1TX08Ik6LJKsJsZ/3EOx2xcYH6rRPYL+HUwY 8GL//yYNaspxkQ3xXiI2BbCRE/5re8OvUWooSsX/oi3bN57kk+dcELVTbJrA6j96we/SDG5I 4+NZD1pW20eGs/kEv0F2MX17kHVhITaGF9A+/ThtdRCsUyAvACT6Sg0sPgAAAAAAAA== --------------ms010908070002030509020109--