Secure ?

Welcome to Crypto. We hope you enjoy your visit.

You're currently viewing our forum as a guest. This means you are limited to certain areas of the board and there are some features you can't use. If you join our community, you'll be able to access member-only sections, and use many member-only features such as customizing your profile, sending personal messages, and voting in polls. Registration is simple, fast, and completely free.

Join our community!

If you're already a member please log in to your account to access all of our features:

Secure ?
Topic Started: Jun 28 2006, 05:28 PM (328 Views)
loki	Jun 28 2006, 05:28 PM Post #1
Advanced Member Posts: 87 Group: Members Member #48 Joined: April 28, 2006	I have been doing research into differnet mixing algorthyms, I have found two different algorythms and have done moderate testing on them. Tweaked and managled them. The one presented here was apparently a modified version of the psuedo hadamard transformation from twofish. I thought it was cool and took a look at it. Apart from poor coding, it looks interesting. I tweaked it for speed and it still follows the same basic idea as the original. It appears to be good to me, but what do I know? was wondering if anyone could find an exploit in the code that will make it insecure to use? the original code is as follows Code: `unsigned char pht(unsigned char a, unsigned int b) { long t; t = a + b; t = (2 * a) + (2 * b); t = t ^ 0xa9; t = t ^ a; return t; }` I have modified it to this. Code: `static unsigned long pht(unsigned long a, unsigned long b) { register unsigned long t; t = a ^ b ; t <<= 1 ; t ^= 0x74bul; return (t ^ a); }` I always here about systems failing becuase of a simple algorthym, this looks good to me. How can I improve opon it, or is it just a silly mixer ? The only thought I can think of to improve this is, replacing 0x74b with the xor of a nd b. Any inputs or ideas or suggestions?
	c(x) = 3x3 + x2 + x + 2; Find the inverse


insecure	Jul 27 2006, 04:44 AM Post #2
Elite member Posts: 381 Group: Trusted Member Member #10 Joined: September 9, 2005	Here's that code again, annotated: Code: `unsigned char pht(unsigned char a, unsigned int b) { long t; t = a + b; /* This line is redundant because of the following line / t = (2 a) + (2 * b); /* simpler: t = 2 * (a + b); / t = t ^ 0xa9; / assumes you don't care about high bits of big chars */ t = t ^ a; return t; }` 0xA9 is 11111001 in binary. It's hard to see how this is a useful mask. Naturally, the doubling will ensure that the low bit of t is clear. XORing this with 1 (which is done by ^ 0xA9) will set it. And XORing it with a again will either clear it (if the low bit of a is set) or set it (if the low bit of a is clear). Thus, the low bit of the result is simply the inverse of the low bit of one of the inputs. Whether that's exploitable, I don't know. It depends how the function is being used, I guess.



1 user reading this topic (1 Guest and 0 Anonymous)


« Previous Topic · Off-topic · Next Topic »