[Cryptography] Security of a permute-only system?
Henry Baker
hbaker1 at pipeline.com
Thu Nov 26 11:04:20 EST 2015
At 07:37 PM 11/25/2015, Ray Dillinger wrote:
>On 11/25/2015 03:34 PM, Henry Baker wrote:
>> Given a message source that's already "whitened", but otherwise unencrypted, how much security can be achieved strictly through an unknown, but random permutation?
>
>All of it, I think. If you mean "whitened" like a stream cipher, and
>then put a permutation per-block on top of it, you get at least as much
>security as the stream cipher and then deny the opponent the opportunity
>to take advantage of the bit-masking properties of stream ciphers.
>
>If you mean "whitened" like XOR a LFSG, I think it would still be pretty
>impossible to take any advantage of the linear properties of the LFSG
>if the bits were randomly scrambled across a large block.
>
>To be sure of real resistance to attack, however, at least one of
>those things - the whitening stream or the permutation selection -
>really does need to be cryptographically secure.
FWIW, it is trivial to check whether a random permutation is
a derangement, as 37% of random permutations are. So if it
is helpful, we can use a random derangement instead of a
random permutation by throwing out ~2/3 of the permutations.
https://en.wikipedia.org/wiki/Derangement
More information about the cryptography
mailing list