Encryption with REBOL

 [1/6] from: aparman:mail at: 30-Aug-2000 23:36

With the recent talk about encryption I thought I'd send along this little script. For details read the header. PLEASE READ THE HEADER OF THIS SCRIPT BEFORE USE! It will send and receive encrypted email, and encrypt or decrypt any file. I consider it beta, and would appreciate any feedback. Any one who uses it may modify it, but please email me with a copy of your enhancements. I retain all my rights of original authorship on this script, but make no claims as to it's use.  [2/6] from: ryanc:iesco-dms at: 31-Aug-2000 10:37

Looks like an encryption program I wrote a few years ago, but with some much needed enhancements. It will keep most people out, but it is still quite crackable. Basically all you need to do is try every password--automatically of course. Even easier is if someone sends a two files of the same type ,as bmp's for instance, it practically gives you the password. Of course in either case, knowing what types of files your dealing with is very valuable. I am sure the FBI could break it, and the CIA could cut right through it without much trouble. I definitely wouldn't call it a "Carnivore Buster." It is probably the exact type of thing they are looking for. On the other hand, Its really good though for keeping ISP's and hackers from reading your email. Why bother spending 5 weeks to decode someone's email? Most people wouldn't consider it, unless they were getting paid to do so. --Ryan [aparman--mail--com] wrote:
> With the recent talk about encryption I thought I'd send along this little script. For details read the header. > PLEASE READ THE HEADER OF THIS SCRIPT BEFORE USE!
> cipher-beta.r Type: REBOL Script (application/x-unknown-content-type-r_auto_file) > Encoding: base64
Ryan Cole Programmer Analyst 707-468-5400

 [3/6] from: civicminded4::yahoo at: 31-Aug-2000 12:35

--0-596516649-967750511=:26976 Content-Type: text/plain; charset=us-ascii Ryan, thank you for your response. I have a few comments/questions however... (let me preface all of this with the fact that I am not an encryption expert, or even a novice, I am going by my understanding of the info from the sites listed in the script and links therein. I am genuinely interested to hear comments about the strength od the ARC4 algorithm) --- [ryanc--iesco-dms--com] wrote: ...
> It will keep most > people out, but it is still quite crackable. > Basically all you need to do is try every > password--automatically of > course...
True, but that is true of _any_ encryption. If you choose a significantly long and random passphrase, then the time required to try every passphrase is _very_ large. You are speaking here of a brute-force attack. Given enough time and computing power any encryption is "crackable" by brute-force (excepting maybe the one-time pad?). Remember, this is based on ARC4 (RC4 of RSA), and while RC4 with 40 bit passphrases is brute-force "crackable", you can have a _much_ larger passphrase, as with this script you can choose the passphrase yourself [upto 246 ascii characters long. Even just using letters numbers and spaces you have 63 possible characters. 246 places with 63 possibilities each... 63^246 ... you do the math :) ] ...
> Even easier is if someone sends a two files > of the same type ,as bmp's for instance, it > practically gives > you the password.
How? Perhaps you mean if two files are sent with the same passphrase? This would be bad, but CipherSaber takes care of this by appending a random 10 character initialization vector to your passphrase, _greatly_ reducing the chances of two messages being sent with the same passphrase. See the CipherSaber site for details.
> I am sure the FBI could break it, and the CIA could > cut right through it without much trouble. I > definitely > wouldn't call it a "Carnivore Buster." It is > probably the exact type of thing they are looking > for.
Again, only brute-force "crackable" if you use a too-short, non-random passphrase. I doubt that with the volume of mail going through a Carnivore system, spending years (or even hours or minutes) to crack each and every one of millions of e-mails is worth the FBI or CIA's time or even within their budgets. Just pick a length of passphrase appropriate to the sensitivity of the data.
> On the other hand, Its really good though for > keeping ISP's and hackers from reading your email.
and your spouse, your boss, your business competitor... ;)
> Why bother spending > 5 weeks to decode someone's email? Most people > wouldn't consider it, unless they were getting paid > to do so.
 [4/6] from: ryanc::iesco-dms::com at: 31-Aug-2000 19:43

> > It will keep most > > people out, but it is still quite crackable.
> letters numbers and spaces you have 63 possible characters. 246 places > with 63 possibilities each... 63^246 ... you do the math :) ]
Try common words first, 3000^50. Yet still, not a job for the light of heart. Though a common five word pass phrase is 3000^5, possibly doable by individuals... Of course a one common word pass phrase is not much work at all.
> > Even easier is if someone sends a two files > > of the same type ,as bmp's for instance, it > > practically gives > > you the password. > > How?
Actually I missed an important part of the algorithm where they swap data. While still possible, it makes it a ton more nasty. Coincidently, before noticing this, I came up with a encryption scheme last night that is similar. Ever read "The Hundredth Monkey"?
> > Perhaps you mean if two files are sent with the same passphrase? This > would be bad, but CipherSaber takes care of this by appending a random > 10 character initialization vector to your passphrase, _greatly_ > reducing the chances of two messages being sent with the same > passphrase. See the CipherSaber site for details. >
Off the hip, I could'nt figure out what they where doing here. Obviously it manages to decode it, thus making it irrelavent. Dont you agree?
> > > I am sure the FBI could break it, and the CIA could > > cut right through it without much trouble. I > > definitely > > wouldn't call it a "Carnivore Buster." It is > > probably the exact type of thing they are looking > > for. >
Sending encrypted files is suspicious. Want to get investigated by the CIA? Send one of these to the Chinese Consolate.
> Again, only brute-force "crackable" if you use a too-short, non-random > passphrase.
> their budgets. Just pick a length of passphrase appropriate to the > sensitivity of the data.
I am sure they dont decode them all, especially the FBI. Although if you score enough points with either one, they might start decoding yours. In this duscussion we have probably gained 20 points each!
> > On the other hand, Its really good though for > > keeping ISP's and hackers from reading your email.
> new to me and I would appreciate any feedback either on the algorithm > or the workings of the script itself.
I dont have cracking scheme off hand. I saw no mention of a RC4 crack (other than brute force) with a google search either. I would'nt rule out the possiblility of a crack or partial crack in existance though. I suppose in some circumstances knowing file type could give you enough to crack a password, but I could'nt say for sure without closer inspection. We can assume for the time being that a 6 or more word passphrase is beyond the reach of your average single mortal hacker. I still would not recommend to put it to the test of any major governments. Probably more than sufficient protection from the IRS though. Police too--I have heard of an instance where they could'nt even crack a zip file password. Have you thought of making this into an object or command line interface. In a /View based office environment, I could defineatly see a use for this type of thing. As a sort of text filter. It could work beside other text filters that format REBOL, check spelling, check HTML, etc. Your header could go in the about box of whatever application that uses it. --Ryan Ryan Cole Programmer Analyst 707-468-5400

 [5/6] from: civicminded4:yaho:o at: 9-Sep-2000 6:33

--0-1957747793-968506429=:28100 Content-Type: text/plain; charset=us-ascii Regarding the strength of the cipher-beta.r script recently posted: (this will be my last post to the rebol group on this topic, since it is now about encryption and not rebol, future correspondance will be sent directly to you Ryan, if that is ok? I just felt I had to defend the script one more time) Basically, Ryan is concerned that this encryption is crackable because you can just try every passphrase. I don't see that as a particular problem (see below) and especially I do not see this as a special problem of this particular algorithm. Ryan, don't your comments apply to _any_ encryption scheme if you don't use a good passphrase? [ryanc--iesco-dms--com] wrote:
> > It will keep most > > people out, but it is still quite crackable. > > Basically all you need to do is try every > > password--automatically of > > course... >
True, but that is true of _any_ encryption.
>Try common words first, 3000^50. Yet still, not a job for the light of >heart. Though a common five word pass phrase is 3000^5, possibly doable >by individuals... Of course a one common word pass phrase is not much >work at all.
See my calculations below. -Alan
> Perhaps you mean if two files are sent with the same passphrase? This > would be bad, but CipherSaber takes care of this by appending a random
>>Off the hip, I could'nt figure out what they where doing here. >>Obviously it manages to decode it, thus making it irrelavent. Dont you agree?
You are missing the point of the initvector. It keeps two messages from being encrypted with the same output stream from the state array. If two messages are encoded with the same stream, then you can xor them and get rid of the stream (xor is reversible). Then if you know one message or part of one message, you can xor and get the other message or part of it.
> > I am sure the FBI could break it, and the CIA could > > cut right through it without much trouble. I definitely
>>heard of an instance where they could'nt even crack a zip file >>password.
Ryan, check out the attached table (and check my math, I did this rather quickly!) -Alan I still say this script is the Carnivore Buster! ;) -Alan
>Have you thought of making this into an object or command line >interface. In a /View based office environment, I could defineatly see >a use for this type of thing. As a sort of text filter. It could work >beside other text filters that format REBOL, check spelling, check >HTML, etc. Your header could go in the about box of whatever application that >uses it.
In the works. Table follows: number of characters Size of passphrase number of bits in passphrase to choose from (246 maximum) bits=number * log2 size (many common encryption schemes in use now use 40, 56, or 128 bit encryption) using lower case letters 26 5 23.50 26 10 47.00 26 15 70.51 26 50 235.02 26 100 470.04 26 246 1156.31 lower and upper case and space 53 5 28.64 53 10 57.28 53 15 85.92 53 50 286.40 53 100 572.79 53 246 1409.07 l & u and space and numbers 63 5 29.89 63 10 59.77 63 15 89.66 63 50 298.86 63 100 597.73 63 246 1470.41 all 'keyboard' characters 95 5 32.85 95 10 65.70 95 15 98.55 95 50 328.49 ** 95 100 656.99 95 246 1616.18 ** all ascii characters 256 5 40.00 256 10 80.00 256 15 120.00 256 50 400.00 256 100 800.00 256 246 1968.00 MAXIMUM 3000 common words 3000 5 57.75 ** 3000 10 115.51 3000 15 173.26 3000 50 577.54 * * Diceware 7776 5 64.62 7776 10 129.25 7776 15 193.87 7776 50 646.24 * * * passphrase may contain 246 characters maximum. Number of words depends on size of the words. If words average 4 to 5 letters long, then can have about 50 words. You can increase the entropy of the 3000 common words and the Diceware words by using capitals and punctuation (all the non-alphanumeric keyboard characters). ** An example of what this means. Using 246 keyboard characters, it would take a computer that could test 1 million passphrases per second, 5.25 x 10**472 years to brute-force guess your passphrase. A more realistic example, 50 keyboard characters --- 1.22 x 10**85 years. The age of the universe is about 5 x 10**9 years. And I believe the total number of elemental particles (protons neutrons electrons) is on the order of 10**40 (can't remember where I read this). 5 of 3000 common words --- 3.8527 x 10**3 years Of course, faster computers will reduce these numbers. Can your computer do 1 billion passphrases per second? Reduce the _exponents_ of the above numbers by 3. 5 of 3000 common words would take nearly 4 years With a 1 billion passphrase per second computer. To decode _1_ encrypted message.  [6/6] from: ryanc:iesco-dms at: 11-Sep-2000 17:32

Carnivore buster or Carnivore bait, I think we both agree this paper to be accurate: --Ryan * Ryan Cole * Programmer Analyst 707-468-5400 Thought is free. -William Shakespeare

