Me to Valdis Kletnieks to Gadi: > > Who wants to bet that it's snake-oil crypto? > > If you bang in a long string of "A" chars and use a string of "A" chars > as the key, then try using the same length string of "B" chars (or "a" > chars or "H" chars or "-" chars, etc, etc) results in a "decoded" string > of all the same chars (different ones for each key string, but a decoded > string of all the same chars and of the right length). > > Now, I'm no cryptographer, but I think that's a very unlikely result for > a strong crypto algo -- the wrong key should produce "random junk" no > matter what the original input clear text, no? > > In case it matters, I used 400 chars input string and 30 chars key -- the > max encodor allows for both.
Just noticed (missed it earlier as the input field for the plain- text/cypher-text is too narrow to expose enough characters to show it) BUT the cypher-text from the above example (400xA string crypted with 30xA key) repeats every 47 characters. It also _perfectly overlaps_ the cypher-text string produced by "encrypting" a string of 400 "B" chars with the same key (a string of 30 "A" chars). That must mean it's dodgy, no? Regards, Nick FitzGerald _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
