3. Feistel Cipher Question

Feistel Cipher Question

All you did was describe the Luby-Rackoff construction. That's not "reducing the problem", you're just implying that no one has solved it because they didn't understand it.

Furthermore, two known ciphertext/plaintext pairs is not that much. To top it all off, differential cryptanalysis isn't even a known plaintext attack!

What have you tried so far? Your post and replies have literally just been describing what a feistel network is in different phrasing each time.

Tell you what, set your thing up on a random server and allow us to encrypt arbitrary ciphertexts. Why, you ask? Aren't the two pairs you have provided enough?

Not even close. DIFFERENTIAL CRYPTANALYSIS is a CHOSEN plaintext attack. You're thinking of LINEAR CRYPTANALYSIS, which is a KNOWN plaintext attack.

Also, the king tutorial (if you mention it as a source, take the 5 seconds to link it, dude)

This isn't a CTF contest. Please provide a high level (= pseudocode = readable natural language description) overview of your key derivation method and the PRF/round function you use, as well as any mixing/padding/subs you use; I'm not going to learn Haskell to answer a question on cryptanalysis.

Furthermore, your key derivation function appears (at first glance) to simply be 

x^2 mod n

Last I checked, solving the discrete log problem in 128 bits takes about 0 seconds to find your secret key given any of the subkeys.

Now, onto actual differential cryptanalysis: Literally impossible with what you gave us.

We need two chosen plaintexts that have a very low hamming difference. And we need a lot of these pairs. Diff-crypt is a statistical attack. Funny how giving us two random plaintexts doesn't do much for us.

Here's a writeup on substitution-permutation differential cryptanalysis by a very very good ctf team

/r/crypto Thread Parent
Previous
Next

Recently removed from /r/crypto

Triple-Encrypted Vigenere - Please try to crack it What does this mean? How do certification authorities store their private root keys? Cryptography Pioneers to Win Turing Award Apple Can Still Read Your End-to-End Encrypted iMessages Botched RNG in Intel processors, a threat to key creation? Decoding text with Crypt Tool 2? Hackers build a new Tor client designed to beat the NSA Why Classical cryptography is weak, while some of the classical cyphers have never been broken?

More Random Comments

I am going for an amazing job opportunity and my husband is less than supportive. mums seeking other womxn babies Make a mess of my car ... get messy yourself Malahit/Malachite Firmware Upgrade on Windows [ENGLISH] AITA for refusing to eat my cousin’s cooking after she once tricked me into eating a food she knows I don’t like? CMV: We have gotten to the point where "resisting an officer" shouldn't be a crime. [Rolex] Pepsi on the wrist, espresso in the can [serious] What was your first traumatic experience? Please don't let Firefox fall What is a common misconception that only exists because of clever marketing? Looks so matter. Why do guys lie? Rob Zombie's House of 1000 Corpses Unitless Schirru ft. Madoc, Tiger, and Gord - one of the best decks against Warriors, Crimes, and more RMS addresses the free software community Jon Jones reported salary for the first DC fight including bonuses and ppv points vs. Fury and Wilder’s base purse for their rematch. Both events sold 800k ppvs