Page 48 - Cyber Warnings
P. 48
they must know the other 2 codes, so that's 9!*100!. Which is just about large enough to be safe
for communications that need to be encrypted.
Summary of process(with 1 digit added in):plaintext->ascii->1 digit >3 digit->2 digit ->1 digit.
Modern computational skills could break it by trying all 10! * 100! *10! Combinations and
comparing it to frequency analysis, but that is 1.228937e+171, and current computers that I am
aware of aren’t that efficient. So in the unlikely event that they guess one in 9!*10!*100! They
have the ability to frequency analyze it, this article has been the explanation of it, my ideal
method to make frequency analysis impossible, provided you don’t know the codes at all
whatsoever. The ascii language has been changed enough to protect it roughly, but don’t rely
on it.
Here’s why:
Impracticalities:
The system isn’t safe in the following example: A bank wants to communicate with different
customers, and uses this idea. The bank sends sensitive information to computer 1 and
computer 2’s owners, the codes are both encrypted by using this. The regular key exchange
makes it near enough impossible to have a joint key for everyone without sending it to them,
given that the output of it comes out in numeric form, as a number, not a series of 2 digits, 1
digit and 3 digit numbers, it could be used in a PRG to generate 3 digit numbers (See here), if a
seed was used that was the result of the key generation.
But if that step is not taken and the bank continues “talking” to computer 1 and computer 2 with
the same code. If the owner of computer 1 or 2 is malicious and knows how to decipher
computer 1 or 2s messages. Not only that but if the network is free membership any computer
can read any other computers feed. I maybe will release an explanation of PRGs soon, along
with why ad-hoc security systems shouldn’t be used and classic examples of previous failings of
them.
About The Author
Daniel Pointon is the founder of the cryptJS.tk. He started getting into cryptography taking
courses on coursera, decided to design a cryptography javascript API, it’s designed to be
simplistic to read understand and develop, and is easy to plugin at cryptJS.tk/API/cryptjs.js. He
writes cryptography articles on historical and current day cryptography.
Daniel Pointon can be reached online at ([email protected]).
48 Cyber Warnings E-Magazine – April 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
