Comments on: My encryption code is now live on GitHub https://learncgames.com/my-encryption-code-is-now-live-on-github/?utm_source=rss&utm_medium=rss&utm_campaign=my-encryption-code-is-now-live-on-github A blog about C, programming games and my ebook(s). Tue, 09 Jun 2020 19:48:06 +0000 hourly 1 https://wordpress.org/?v=6.9.4 By: Christopher McLaughlin https://learncgames.com/my-encryption-code-is-now-live-on-github/#comment-104 Tue, 09 Jun 2020 19:48:06 +0000 https://learncgames.com/?p=675#comment-104 This is an interesting algorithm but definitely not secure (but still interesting!). I’m only an amateur myself but there are probably many ways that one could approach cracking this without brute force. An attacker would only need to guess at likely plaintext (whether it’s actual text or even binary data) contained in the streams. You would rearrange the bits to form the hypothesized plaintext and then use that permutation on the other streams encrypted with the same key to see if additional plaintext patterns emerge. Cracking the key actually becomes exponentially easier as you make progress because you can infer further plaintext from what’s already been revealed, almost like solving a jigsaw puzzle that doesn’t have a reference picture.

Guessing at initial plaintext might be difficult for a novice but an accomplished cryptographer will have an entire corpus of patterns for various file formats to test, not unlike a definition database used by antivirus software. Also, it wasn’t entirely clear how you were handling the padding at the end but if it’s just a string of 0’s, that’s going to be an attack surface which drastically reduces the key space.

Feel free to send me an email if you ever want to chat about cryptography!

]]>