Welcome Guest [Log In] [Register]
Welcome to Crypto. We hope you enjoy your visit.


You're currently viewing our forum as a guest. This means you are limited to certain areas of the board and there are some features you can't use. If you join our community, you'll be able to access member-only sections, and use many member-only features such as customizing your profile, sending personal messages, and voting in polls. Registration is simple, fast, and completely free.


Join our community!


If you're already a member please log in to your account to access all of our features:

Username:   Password:
Add Reply
New implementation of Chaocipher
Topic Started: Aug 5 2010, 02:55 PM (1,681 Views)
keltia
Member Avatar
Just registered
[ * ]
As I told moshe on Usenet, here is my implementation in Ruby if the Chaocipher system. You will also find implementation of several other oldish systems in the library (a work in progress).
old-crypto home page

Juts read the setup topic by james, congratulations for the investigation!

Offline Profile Quote Post Goto Top
 
kryptosfan
Member Avatar
Kickass member
[ *  *  *  *  *  * ]
His other site seems about as current as this post.
OBKR
UOXOGHULBSOLIFBBWFLRVQQPRNGKSSO
TWTQSJQSSEKZZWATJKLUDIAWINFBNYP
VTTMZFPKWGDKZXTJCDIGKUHUAUEKCAR
Offline Profile Quote Post Goto Top
 
mok-kong shen
NSA worthy
[ *  *  *  *  *  * ]
Merely a casual thinking ("Schnapsidee" in German): Maybe one could ponder over the main idea underlying the scheme and eventually find some, even very tiny, improvements either in the algorithm or in the implementation?
Offline Profile Quote Post Goto Top
 
james
Elite member
[ *  *  *  *  * ]
mok-kong shen
 
Maybe one could ponder over the main idea underlying the scheme and eventually find some, even very tiny, improvements either in the algorithm or in the implementation?


Yes I agree this is a good approach. And the big problem to resolve in Chaocipher, IMHO, is that a mistake in enciphering a letter makes unreadable all that follows. Of course one can argue that implementing the algorithm with a computer would eliminate mistakes in encipherment, and I would agree with that. But there are still highly possible other sources of error, for example in transmission or reseption. I guess a major reason that Chaocipher was never accepted by Friedman and others in the US Establishment was this particular feature.
Offline Profile Quote Post Goto Top
 
kryptosfan
Member Avatar
Kickass member
[ *  *  *  *  *  * ]
So how do people resolve this with the avalanche effect?
OBKR
UOXOGHULBSOLIFBBWFLRVQQPRNGKSSO
TWTQSJQSSEKZZWATJKLUDIAWINFBNYP
VTTMZFPKWGDKZXTJCDIGKUHUAUEKCAR
Offline Profile Quote Post Goto Top
 
mok-kong shen
NSA worthy
[ *  *  *  *  *  * ]
kryptosfan
Sep 26 2011, 04:36 PM
So how do people resolve this with the avalanche effect?
Could you expand/elaborate your question a little bit with reference to sentences of the previous writer? Thanks.
Offline Profile Quote Post Goto Top
 
kryptosfan
Member Avatar
Kickass member
[ *  *  *  *  *  * ]
james
Sep 26 2011, 12:39 PM
And the big problem to resolve in Chaocipher, IMHO, is that a mistake in enciphering a letter makes unreadable all that follows.
"In cryptography, the avalanche effect refers to a desirable property of cryptographic algorithms, typically block ciphers and cryptographic hash functions. The avalanche effect is evident if, when an input is changed slightly (for example, flipping a single bit) the output changes significantly (e.g., half the output bits flip). In the case of quality block ciphers, such a small change in either the key or the plaintext should cause a drastic change in the ciphertext."

"If a block cipher or cryptographic hash function does not exhibit the avalanche effect to a significant degree, then it has poor randomization, and thus a cryptanalyst can make predictions about the input, being given only the output. This may be sufficient to partially or completely break the algorithm. Thus, the avalanche effect is a desirable condition from the point of view of the designer of the cryptographic algorithm or device."

"Constructing a cipher or hash to exhibit a substantial avalanche effect is one of the primary design objectives."

It seems like in one case it's desirable and in the other it's a reason never to use the cipher. I figured Chaocipher must qualify for a pretty good avalanche effect if a one letter mistake means you can't read the rest. Do people never make mistakes with stream or block ciphers? No, of course not, of course they make mistakes. I'm pretty sure someone has already mentioned on this forum something about there being a method to overcome a hitch in a stream cipher. I figured the same logic could be applied to figuring out a solution to the impracticability of Chaocipher.
OBKR
UOXOGHULBSOLIFBBWFLRVQQPRNGKSSO
TWTQSJQSSEKZZWATJKLUDIAWINFBNYP
VTTMZFPKWGDKZXTJCDIGKUHUAUEKCAR
Offline Profile Quote Post Goto Top
 
sharpe
Super member
[ *  *  *  * ]
Not sure you are reading that correctly. Changing one bit of the plaintext or the key should result in a ciphertext that is 50% new and readable when deciphered.

think of a vig. If you change one letter of the plaintext and keep the same key, you'be only changed 1 character of the ciphertext.

Assuming you have a plaintext that is 100 characters long, you want it so when you change that one plaintext character from say 'these' to 'those' to change 50 of the resulting ciphertext characters.

Offline Profile Quote Post Goto Top
 
mok-kong shen
NSA worthy
[ *  *  *  *  *  * ]
sharpe
Sep 26 2011, 09:10 PM
Assuming you have a plaintext that is 100 characters long, you want it so when you change that one plaintext character from say 'these' to 'those' to change 50 of the resulting ciphertext characters.

Do I understand correctly that you mean that that's not feasible for any (including potential) encryption schemes operating on units of characters?
Offline Profile Quote Post Goto Top
 
jdege
Member Avatar
NSA worthy
[ *  *  *  *  *  * ]
In a block cipher, changing one bit of either the plaintext or the key should change half the bits in the output - for that block.

Future blocks are another matter.

If you're using ECB mode, every block is entirely independent, and future blocks will not be affected.

Of course, nobody uses ECB, because it leaks far too much information. So they use modes in which blocks feed into each other.

In CBC mode, each block of plaintext is XORed with the previous block's ciphertext. Which means that if there's an error in one block, the next block is mangled, too. But because future blocks depend upon the plaintext, the key, and the previous block's ciphertext, blocks after that come through fine.

So an error mangles two blocks, but the system resynchronizes itself after that, and succeeding blocks can be read without a problem.
When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl.
Offline Profile Quote Post Goto Top
 
sharpe
Super member
[ *  *  *  * ]
I should have stated that I have a very limited understanding of modern encryption so I was trying to put forth my basic understanding of it. Sorry about that.
Offline Profile Quote Post Goto Top
 
mok-kong shen
NSA worthy
[ *  *  *  *  *  * ]
Among the classical ciphers I surmise that at least the polyalphabetic substitution in its more general ways of employment (I mentioned in an earlier thread the possibility of generating a new key character at each step of processing) may have quite good "error propagation" corresponding to the avalanche known in block ciphers.
Offline Profile Quote Post Goto Top
 
jdege
Member Avatar
NSA worthy
[ *  *  *  *  *  * ]
The usual forms of auto-keyed Vigs only have the appearance of "avalanche".

It's one of those things that appears to increase complexity, without actually doing much.
When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl.
Offline Profile Quote Post Goto Top
 
mok-kong shen
NSA worthy
[ *  *  *  *  *  * ]
jdege
Sep 27 2011, 03:15 PM
The usual forms of auto-keyed Vigs only have the appearance of "avalanche".
It's one of those things that appears to increase complexity, without actually doing much.
My proposal was to use columns of substitution alphabets that are all (pseudo-) random. That scheme may not be simple to crack in my humble view, since the new key characters are not autokeys (they are the ciphertext characters that get once more processed, i.e. encrypted, in the same columns of processing.)
Offline Profile Quote Post Goto Top
 
mok-kong shen
NSA worthy
[ *  *  *  *  *  * ]
keltia
Aug 5 2010, 02:55 PM
As I told moshe on Usenet, here is my implementation in Ruby if the Chaocipher system. You will also find implementation of several other oldish systems in the library (a work in progress).
old-crypto home page

Juts read the setup topic by james, congratulations for the investigation!

Access to the link brought error.
Offline Profile Quote Post Goto Top
 
1 user reading this topic (1 Guest and 0 Anonymous)
« Previous Topic · Chaocipher · Next Topic »
Add Reply