[rc5] Some Deep questions

Steve Trottier STROTTIER at novell.com
Mon Aug 18 10:40:06 EDT 1997


Brain Foddy wrote:
> Suppose I type up a letter and encrypt it.  Now
> somebody wants to break it.  Since they don't know what is in 
> the letter, they probably can't do string matches for certain
> words.  Maybe they could look for words like "the" "is" etc.
> But what if my letter doesn't contain those strings?  Suppose
> before encrypting it, I do a simple ASCII+1 to every character.
> That would make the letter total garbage for almost every type of
> word you look for.  Even spaces and CRLF would be different.
> With the right decryption code, it would be trivial to 
> decode this garbage but you would have to have the right
> letters to start with.

If you were writing a simple parser to determine if what you had was text,
checking for known words (such as "is" and "the") is not the simplest way.
It would be easier to just check the first several characters to see if they
fell within the standard ASCII range.  If something greater than 90% of the
characters (bytes) had an integer value between 32 and 126 then you could be
fairly certain that you had text and you would flag it for a human to look
at. If you had used the wrong key, on the other hand, then the chance that
you would have that high of a percentage of bytes that fell within the
standard ASCII range would be very low. Actually, only about 37% of those
bytes would randomly fall within the standard ASCII range if you had the
wrong key.

Well, I'm not entirely sure about the math, but that's how I would approach
it if I were looking for text, but didn't know what the text was.

Note that even if you did an ASCII+1 shift on each byte, then this approach
would still work (assuming that the human checking it could figure out that
all of the characters were shifted by some value).

Steve Trottier
strottier at novell.com


----------------------------------------------------------------
Have some CPU cycles to spare?  Visit http://rc5.distributed.net 
and join the effort to prove the necessity of strong encryption!
----------------------------------------------------------------
                                                                            
                                                                            
                                                                            
                                                                            
                                                                            
                                                                            
                                                                            
                                                                            
                                                                            
                                                                            
                                                                            
                                                                            
                                                                            
                                                                            
                                                                            
                                                                            
                                                                            
                                                                            
                                                                            
                                                                            
                                           
----
To unsubscribe, send email to majordomo at llamas.net with 'unsubscribe rc5' in the body.



More information about the rc5 mailing list