Path: illuminati.io.com!uunet!gatech!howland.reston.ans.net!cs.utexas.edu!not- + for-mail From: ritter@io.com (Terry Ritter) Newsgroups: sci.crypt Subject: Re: Doing Better than XOR in RC4-like Algorithms Date: 14 Nov 1994 18:22:05 -0600 Organization: UTexas Mail-to-News Gateway Lines: 67 Sender: nobody@cs.utexas.edu Message-ID: <199411150022.SAA27143@pentagon.io.com> NNTP-Posting-Host: news.cs.utexas.edu Infarid@netcom.com (Farid F. El-Wailly) writes: >I'd like to suggest a modification of RC4-like algorithms that would >make them a little more resistant to the key re-use problem. [...] >Comments? I think this is getting almost to the point of offending an intellectual property which is somewhat more resilient than trade secrecy. While the putative RC4 algorithm basically just develops a form of RNG which is used in a conventional stream cipher, Mr. El-Wailly appears to have re-invented the concept of Dynamic Substitution, which is protected by U.S. Patent 4,979,832: 1. A mechanism for combining a first data source and a second data source into result data, including: (a) substitution means for translating values from said first data source into said result data or substitute values, and (b) change means, at least responsive to some aspect of said second data source, for permuting or re-arranging a plurality of the translations or substitute values within said substitution means, potentially after every substitution operation. I suggest that buffer_ptr[counter] will read as the first data source, which is indeed substituted in state[buffer_ptr[counter], that x will do fine as the second data source, and that swap_byte state[x] and state[y] is the change means which permutes substitute values, and thus completes the definition of Dynamic Substitution. That said, I don't see Dynamic Substitution as a solution to the problem of key re-use. A better way to support key re-use is to have a random message key in every message, and use the random key to set up the cipher to decipher the data. This means that the keyspace for the data will be evenly used, and that only short and random "messages" will be ciphered under a fixed User Key. Perhaps Dynamic Substitution is just an idea whose time has finally come. My Penknife and Cloak2 ciphers both use this technology to provide better RNG isolation, adaptive symbol-frequency flattening, and combiners with state, which support new combining architectures. --- Terry Ritter ritter@io.com