<div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Sep 23, 2015 at 7:11 AM, Davy Durham <span dir="ltr"><<a href="mailto:ddurham@davyandbeth.com" target="_blank">ddurham@davyandbeth.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><br><div bgcolor="#FFFFFF" text="#000000">
Given an encrypt (and decrypt, for that matter) function based the
one-time pad idea:<br>
E(d, k) = d xor k<br>
<br>
Alice wishes to send Bob a piece of information d. Alice and Bob
have not exchanged any information previously.<br>
Alice makes up a random key, ka, and Bob makes up a random key, kb.<br>
The following sequence diagram allows Alice to send d to Bob while
the d remains protected from eavesdropping in between.<br>
<br>
<blockquote><tt> Alice
Bob</tt><tt><br>
</tt><tt>d = data</tt><tt><br>
</tt><tt>ka = random bits</tt><tt><br>
</tt><tt>d' = E(d, ka)</tt><tt><br>
</tt><tt> d'</tt><tt><br>
</tt><tt> ----------------------------------------></tt><tt><br>
</tt><tt> kb = random
bits</tt><tt><br>
</tt><tt> d'' = E(d',
kb)</tt><tt><br>
</tt><tt> d''</tt><tt><br>
</tt><tt> <----------------------------------------</tt><tt><br>
</tt><tt>d''' = E(d'', ka)</tt><tt><br>
</tt><tt> d'''</tt><tt><br>
</tt><tt> ----------------------------------------></tt><tt><br>
</tt><tt> d = E(d''',
kb)</tt><tt><br></tt></blockquote></div></blockquote><div>d' = d XOR ka<br>d'' = d XOR ka XOR kb<br></div><div>d''' = d XOR ka XOR kb XOR ka = d XOR kb<br><br></div><div>All off these are public. See the problem yet? Hint: Key reuse.<br><br></div><div>kb = d' XOR d''<br></div><div>d = d''' XOR kb<br></div><div><br></div><div>Or in other words, d' XOR d'' XOR d''' = d. This is because each XOR key is repeated in even numbers, where each version have exactly one difference in which ones are applied. A XOR B XOR B = A. <br><br></div><div>XOR encryption is only considered secure if the same unpredictable key material NEVER is used for more than exactly one plaintext<br><br></div><div>Even if you managed to make it work with uneven numbers of applications, the reuse still reveals statistics about the plaintext.<br><br></div></div></div></div>