Cryptography : is it me ???

[jacek]

Good luck to the ones who won't be able to resist and attempt to crack it!

How much time do we have this time?

report mistakes in the content or the expression

p. 1
... through agriculture...
pregnant need ?
...how big were their herds...
... when it has to do with mathematics...
...however long mathematicians will keep on arguing... - this is a bit wierd, but I'm not sure why

p. 2
...processes can be found in earlier... - in what? something is missing here

The rest looks OK.

[jacek]

it is not a paper on computer science in particular but on math in general and even if I was free to choose any math-related topic there are some limits...

Since you write about mathematics and cyptography, you could mention the first mathematicians that were dealing with cryptography for real - Marian Rejewski and his team, who broke the Enigma code just before WW2 (before them cryptography was more about linguistics and statistics of natural languages then math).

[wysota]

Don't forget Alan Turing

[fullmetalcoder]

How much time do we have this time?

That easily??? Well I got to know : what's the trick???

p. 1
... through agriculture...
...how big were their herds...
... when it has to do with mathematics...

p. 2
...processes can be found in earlier... - in what? something is missing here

Thanks a lot! I indeed missed them...

pregnant need ?

What's wrong with this one? Doesn't it exist???

...however long mathematicians will keep on arguing... - this is a bit wierd, but I'm not sure why

What does sound weird to you?

Since you write about mathematics and cyptography, you could mention the first mathematicians that were dealing with cryptography for real - Marian Rejewski and his team, who broke the Enigma code just before WW2 (before them cryptography was more about linguistics and statistics of natural languages then math).

I could but see, the main topic is algorithmic with a focus on computer science. Cryptography in my paper is just an appendix I choose to illustrate my paper with "real" but simple enough examples...

Don't forget Alan Turing

Well, I've heard about him and read a few things already but I don't think I will cover the Turing machine in my paper. It's complex enough for multiple papers to be exclusively dedicated to it and mine shouldn't be longer than 12-15pages and I got 10 already... Besides it relies on notions that I haven't studied yet so teachers won't expect it (honestly I'm pretty sure they wouldn't fully understand it ).

[wysota]

Known plaintext attack (with a known key length) again

What is a "pregnant need"?

About "however long" - I'd suggest "nevertheless", "however" or something simmilar.

I didn't mean Turing machine. Turing was part of the british cryptology team during WW2. His team built the first Enigma decypher for the military Enigma (Polish team broke the civil one a few years earlier, as Jacek pointed out).

My suggestion is - if you want to write something on cryptography, then don't use XOR. XOR is fine as an auxillary step in encryption, but it not so good as a standalone cipher. I'd even call it "encoding" instead of "encrypting" if you catch the difference

[TheRonin]

a straight up XOR encryption can at most be used for stream ciphers but as we've seen during the course of this discussion, they're pretty difficult to make secure. XOR as a step in a larger encryption process is quite common; I believe some commonly used block cyphers use XOR in their S-boxes.

In my opinion you can't really write a paper about encryption without talking about RSA (public/private-key crypto) and some form of block cypher (DES or Rijndael(AES) for example). The public/private-key cryptos are especially interesting from a mathematical point of view. You've got a lot of advanced finite-field stuff relating to abstract algebra for instance.

Also, stream cyphers are not entirely without merrit. They're VERY quick and easy to implement in hardware. RC4 has historically been used quite a bit: WEP and the encryption on your GPRS-phone are two concrete examples where stream ciphers have been used.

[fullmetalcoder]

Known plaintext attack (with a known key length) again

How so?

What is a "pregnant need"?

Well I thought it meant a very urging need but maybe it doesn't exist...

I didn't mean Turing machine. Turing was part of the british cryptology team during WW2. His team built the first Enigma decypher for the military Enigma (Polish team broke the civil one a few years earlier, as Jacek pointed out).

Alright.

My suggestion is - if you want to write something on cryptography, then don't use XOR. XOR is fine as an auxillary step in encryption, but it not so good as a standalone cipher. I'd even call it "encoding" instead of "encrypting" if you catch the difference

In my opinion you can't really write a paper about encryption without talking about RSA (public/private-key crypto) and some form of block cypher (DES or Rijndael(AES) for example). The public/private-key cryptos are especially interesting from a mathematical point of view. You've got a lot of advanced finite-field stuff relating to abstract algebra for instance.

I perfectly catch the difference now that you'v broken everything. However, my paper is on algorithms and cryptography was just an example. RSA is interesting indeed but not as an appendix. If I was writing a paper on cryptography only I would certainly give it many space because its concept was revolutionnary when it appeared. If I can't find any efficient encryption algorithm that's simple enough to implement and explain I'll fallback on another field...

[jacek]

How so?

Every .zip file starts with a header and its fields have predictable values (not mentioning the 4-byte magic number at the beginning). Also all Open Document files contain "mimetypeapplication/vnd.oasis.opendocument.text" string. The key was predictable too (after I got several bytes).

The key lenght was easy to guess, because your algorithm leaves some parts unencrypted. When I saw "PK" at 21st byte, I just knew that the key must have 20 bytes.

[wysota]

How so?

Well, I personally haven't seen the file, but I've been talking to Jacek after he broke your code and he said it was an OpenOffice compatible document (sorry, don't remember the mime type now). This is really a ZIP file with a regular (known) ZIP header. Additionally the mime type is standing out (take two such documents and look at them using your favourite hex editor (if you don't have one, use (k)hexedit), you'll notice simmilarities). As the constant part is longer than your xor key, this can lead to breaking the "cipher" using a known plaintext attack.

Well I thought it meant a very urging need but maybe it doesn't exist...

I've never heard of such a phrase

I perfectly catch the difference now that you'v broken everything.

Jacek did, I just know the theory For your information, I'm part of the team handling the cryptography course at my University, I just have to know some things

However, my paper is on algorithms and cryptography was just an example. RSA is interesting indeed but not as an appendix.

RSA is a very simple algorithm. And a very nice one, too. But if you want to describe a cryptography algorithm, I'd suggest DES - it's more complicated and has some "steps", whereas RSA really only has a single step.

If I can't find any efficient encryption algorithm that's simple enough to implement and explain I'll fallback on another field...

Use RC4 as already mentioned or explain some hashing function, like MD5 or SHA1. These are simple and very widespread (and they use XOR ).

I even implemented RC4 as a QIODevice subclass during my cryptography course.

[fullmetalcoder]

Well, I personally haven't seen the file, but I've been talking to Jacek after he broke your code and he said it was an OpenOffice compatible document (sorry, don't remember the mime type now). This is really a ZIP file with a regular (known) ZIP header. Additionally the mime type is standing out (take two such documents and look at them using your favourite hex editor (if you don't have one, use (k)hexedit), you'll notice simmilarities). As the constant part is longer than your xor key, this can lead to breaking the "cipher" using a known plaintext attack.

I understand now...

RSA is a very simple algorithm. And a very nice one, too. But if you want to describe a cryptography algorithm, I'd suggest DES - it's more complicated and has some "steps", whereas RSA really only has a single step

Use RC4 as already mentioned or explain some hashing function, like MD5 or SHA1. These are simple and very widespread (and they use XOR ).

Thanks for the info. It may spare me hours of investigation.