How to know the "strength" of a cipher

The fear of every surveillance society: citizens protecting their own privacy with strong cryptography

How to know the "strength" of a cipher

Post by MDYarma on Sun May 15, 2011 2:55 pm
([msg=57421]see How to know the "strength" of a cipher[/msg])

First off, I'm not new, I just forgot my password and looks like [strike]the account I used back then I don't use anymore[/strike] the password reminder thing is not working... but, anyway, I wasn't all that active at all. I was Y4rm4, if anyone interested.

Now, to the subject. I've made a program that encrypts/decrypts pairs of files, and I'd like to know how good my program is. Efficient not much, it takes quite some time (not hours! but... boring if you're waiting XD) to encrypt +3MB files, and I gave it a limit at 5MB just in case. I mean, good as in... can it be easily broken?

So, how can I know if my cipher is reliable, strong, "secure"?

PS:I'll give you anything you need, the program is mine so... you may ask whatever you need.

EDIT1: So basically I'm:
·Asking if there's any "table" or something that says the strength of a cipher, just like Richter tells the strength of an earthquake.
·Challenging people here to find a way to break through it, in order to test its strength with real people and all.

I'll upload here anything you need: Files
Last edited by MDYarma on Tue May 17, 2011 6:53 am, edited 2 times in total.
MDYarma
New User
New User
 
Posts: 28
Joined: Sun May 15, 2011 2:48 pm
Blog: View Blog (0)


Re: How to know the "strength" of a cipher

Post by r-ID on Mon May 16, 2011 8:13 pm
([msg=57471]see Re: How to know the "strength" of a cipher[/msg])

One of the simplest way to test a strength of the cipher is to check how random the output is. Good cipher always produces random output, no matter what input was used. Let's take an ceasar's cipher for example, input aaaaaaaa, output bbbbbbbb, the output isn't random at all, that's the worse cipher ever :) There should be no pattern in the output. Statistical distribution of symbols should be near random.

If you change one symbol of the input, outputs should be beyond recognition.
Same thing with password, if you change only one symbol of the password for the same input, outputs should be beyond recognition.

Is it a block cipher? If it is, give input bigger then block size, there should be no patterns in the output.

There should be no hidden variables in the output.

Generate input made of first (last) symbol in your charset, to check how good your transformations are.

Write a simple program to check statistical distribution, try large amounts of data.

Good cipher should have strong mathematical basis. Do not "patch" your algorithm, build basis.

Plaintext and ciphertext aren't useful, algorithm is needed for deeper analysis
r-ID
Poster
Poster
 
Posts: 172
Joined: Mon Dec 29, 2008 6:04 pm
Blog: View Blog (0)


Re: How to know the "strength" of a cipher

Post by MDYarma on Tue May 17, 2011 4:13 am
([msg=57483]see Re: How to know the "strength" of a cipher[/msg])

r-ID wrote:Generate input made of first (last) symbol in your charset, to check how good your transformations are.


You mean, make a file with only "a"s or "z"s?

r-ID wrote:Write a simple program to check statistical distribution, try large amounts of data.


Okay, that I can try.

r-ID wrote:Plaintext and ciphertext aren't useful, algorithm is needed for deeper analysis


Oh, I thought telling the algorithm would be too much like cheating or too easy or something.I could post the (relevant part of) the code here, if it's that what you mean. Or descrive the algorithm.

-- Wed May 18, 2011 11:25 pm --

Okies, part of the code:

Code: Select all
if lvl>0 then begin
   for i:=1 to lvl do begin

      for j:=0 to ty-1 do begin
         for k:=0 to tx-1 do begin
            NOUVERS[j, k]:=False;
            buffer[j,k]:=False;
         end;
      end;

      for j:=0 to ty-1 do begin  //m
         for k:=0 to tx-1 do begin  //n
            suma:=0;
            for ky:=1 downto -1 do begin
               py:=j+ky;
               if py<0 then py:=py+ty;
               if py>(ty-1) then py:=py-ty;
               for kx:=-1 to 1 do begin
                  px:=k+kx;
                  if px<0 then px:=px+tx;
                  if px>(tx-1) then px:=px-tx;
                  if UNIVERS[py, px] then begin
                     suma:=suma+1;
                     if (((kx=0) AND (ky=0)) AND (NOT(center))) then begin
                        suma:=suma-1;
                     end;
                     if ((NOT(kx*ky=0)) AND (NOT(diagonal))) then begin
                        suma:=suma-1;
                     end;
                  end;
               end;
            end;
            for l:=0 to 9 do begin
               if ((normes[l]) AND (suma=l)) then buffer[j,k]:=True;
            end;
             NOUVERS[j,k]:=(buffer[j,k] XOR PRIMIVERS[j,k]);
         end;
         if (j mod p1)=0 then begin
            StepBar;
         end;
      end;
      PRIMIVERS:=UNIVERS;
      UNIVERS:=NOUVERS;
   end;
end


I'm sorry the var names are not in English ^^'' and I don't really feel like translating, anyway, the -VERS ones are the files (or, I'd rather say, matrix with the files' information), suma means addition, and normes is rules. As some might know, that's also the code for a cellular automaton. Actually I was programming cellular automata and then, I had the idea for the encrypt-decrypt, and I wanted to try out just to see.
MDYarma
New User
New User
 
Posts: 28
Joined: Sun May 15, 2011 2:48 pm
Blog: View Blog (0)



Return to Crypto

Who is online

Users browsing this forum: No registered users and 0 guests

cron