ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

Special User Sections > Older DC Contests and Challenges

"Unconventional Encryption Challenge"

<< < (3/5) > >>

mouser:
I don't mean to throw cold water on anyone but as creative as all of these homebrew encryption schemes are, and they come up every once in a while, there is very wide agreement among people who are very serious about cryptography and spend their whole life studying it, that these kinds of approaches are not the way to go.

I think the root of the problem is that you are designing encryption algorithms that would be hard for another person to sit down and figure out with a pen and paper -- but modern cryptanalysis is done using mathematical tools that look for deeper mathematical patterns.

Modern cryptography is much more focused on employing a few very well known mathematical non-invertible operations that have withstood decades of attempts to defeat.  People don't use the algorithms simply because they "seem" tricky to figure out.

I strongly recommend you pick up a book on cryptography, like Bruce Schneier's Applied Cryptography.

Again, I don't want to dampen your enthusiasm -- cryptography is wonderfully fun -- but just don't think you can make a truely secure encryption algorithm just by combining a bunch of obfuscation and random functions.

Come to think of it, is it not so that the software that implements the scheme as proposed by TaoPhoenix has to know which kind of scheme is has to work with code-wise?

Thus clearing up the whole obfuscation part for one who knows where to look/reverse-engineer? It sounds silly to me to have the software 'bruteforce' its way through the possible encryption techniques, as it would make using this software unbearable slow and very CPU/GPU resource hungry.

TaoPhoenix:
Come to think of it, is it not so that the software that implements the scheme as proposed by TaoPhoenix has to know which kind of scheme is has to work with code-wise?

Thus clearing up the whole obfuscation part for one who knows where to look/reverse-engineer? It sounds silly to me to have the software 'bruteforce' its way through the possible encryption techniques, as it would make using this software unbearable slow and very CPU/GPU resource hungry.
-Shades (March 18, 2012, 08:39 AM)
--- End quote ---

Thanks everyone for chiming in.

One part of this is Audience - it was always about my own data outbound to correspondents, with vague surveying the intrusion culture such as Gmail's new SuperAggregation, etc. Designing systems for other clients wasn't part of it all.

Above all it was about education - I knew I was on to something, and I wasn't all that far off. I'm happy to use implementation details by the Pros. I just knew my basic starting point was less "small-key alg" based, and more straddling the lines of One Time Pads and One Time Book Ciphers. Having seen the Statistical Frequency attacks and noticing the much higher (though not perfect!) entropy in program files forced open into Notepad, the notion occurred to me that such files would *approximate* One Time Pads, and mostly avoid the statistical attacks of ordinary Book Ciphers.

That Chinese paper closed the loop, essentially saying that my concept was close, but to perform those operations at the binary level on binary text data, rather than symbol-to-letter. So then theoretically all I'd need was a program that simply performed the binary book cipher encoding. So yes, even if the method is known, according to the paper, it should still be very difficult to extract the data with one-time-books.

So then to clarify, since by definition any cipher requires the recipient to have something secret, I was just leaning toward it being "secretly chosen books" rather than "secretly chosen short keys".

However, that is all the interest I have in it right now.

itsonlyme:
I was going to say something about being interested....then, after I saw you mentioned anonymous, I was really intrigued that the message in which you placed some binary code? you added  ^7 and ^4, which is curiously the same two numbers (i believe) that show up in lulz.sec's xmas message from last year. (re: the first frame or two, the movin' numbas).....maybe i'm just crazy, but you could be a "semi-troll"

also, I think your attempts are merely crap. and I'm not IT, but after a few hours learning a bit about algorithmic applications to binary; and  how that can compute towards a quadratic equation of sorts (you know, 32, 32, 32, 32), I really don't think you're pushing anything here.

and in regards to the sender, and receiver? did you get anywhere with private , public exponents ?

my spelling and terms might be wrong, AND maybe I should have looked through the whole thread. but,......that first post dude/ette, you sound like a certain someone from anti-sec.  I hope you aren't since we're just here to have a good time right? :Thmbsup:

itsonlyme:
also, u crazed, dude? cuz, you cut and pasted most of your shit. Basically, imho, you could have said this: Hey! come and click this site! we have "trojans" but not really! and if you know anything about that silly little machine used in WWII, Hacking the Gibson, and how to look up Tempest, or even pixels, or even ways to close little tiny loops, and blah blah blah blah.  basically, you need to reinvest yourself in a more wise decision, try this:    take a few variables, make it 5, and apply primes to those five, let's call them a, b, c, d, e, and then, let's make a+b+c/82-3.21 and put the letter N (as an exponent), and then route it back to the original equation of a-b =b-a, then just pretend now, that 0 equals a circle, and that 1 equals a dot, then pixel that shit, then put it on a ray, right to left, right? and don't forget to add mole day, that computers are out of control (or doubled as they say every 18 months or so), and tell me, what you have here that any one of use couldn't do or find? and for 100 dollars, i think you should pay me. because this post I have here, makes no sense.///But, if you like imaginary numbers, html, and maybe you should stick to 128bit, because as everyone knows you cannot add another 32, because that's still off from 154 ......or something.... :huh: