I would to a triad analysis on the expected language and use the data from that to combine with the triad analysis on the cipher text (frequency of “similar” letters being those distances from each other combined with value ranges, etc. techincal stuff). This is why I specified knowing the language would help the best.

However, this is a wonderful analysis! Great work man! I look forward to more!

]]>Because of the birthday paradox math, it actually wouldn’t take more than about 30 characters of keystream to find a repeated pair. In your example, the pair WD occurs twice. If the message were just three characters longer, there would be a predictable V right there in the keystream, and that’s without constructing a tabula recta. And if a message were say, 500 chracters long, then enough information from the plaintext would leak into the ciphertext through this property that we could likely determine the seed length from the ciphertext alone (assuming we know the language of the message). I could attack it essentially like I would attack a broken Vig cipher.

So even if the keystream appeared to be good, with no periodic repeats, there is still the fundamental property that it is deterministic from previous outputs, regardless of your seed choice.

However, I really like your ideas for this cipher, and the plaintext attack protection being based in the tabula recta is actually really clever (though I’ll have to do a bit more analysis to determine the strength of that). I’d like to see more of what you come up with.

Keep up the awesome work!

]]>Like all PRNGs, this one will cycle for sure eventually; the issue is when. Maximum period is achieved when the internal state, which in this case is a piece of keystream with length equal to the seed, has gone through all possible values before repeating. Therefore the maximum period is 26^n, where n is the length of the seed. For n = 3, that’s already greater than the 1000 characters for the expected longest message.

I disagree with your 1/(26^2) probability calculation. This would be true if the state of the PRNG were defined by the values of only two letters. The state of the PRNG depends on the values of the two letters involved in generating a third, and also on all the letters between the original pair and the new one, the last of which will end up combining with the one we just generated, after n of such operations (n is the seed length). Every letter in any n-letter string ends up affecting any particular letter in the keystream after n of such cycles, or n^2 letters at the most. Therefore, the state of the PRNG does not depend only on the values of two letters, but also on all the letters in the keystream until we reach the result of combining those two letters. Since there are n of such letters, the probability of repeating the state is 1/(26^n).

]]>And if I have enough of the key stream (assuming I can get any of it), I can look for all situations where the same pair occurs twice, and then quickly determine the size of the seed. With that, I can then quickly create a list of all pairs and their outputs and then use that to generate a table and find the keys no problem.

]]>I’m not entirely certain that this type of PRNG is secure. Even in my own tests, statistical anomalies appear every once in a while in the keystream, sometimes even resulting in infinite repetitions in the keystream (the smaller the seed, meaning the smaller the lag, the more likely the repetition). Due to this, I wouldn’t say that this cipher is entirely secure against even ciphertext attacks as, depending on the seed and the resulting keystream, there are possible leaks of information.

However, this is a very awesome step towards strong paper and pencil. Good work!

]]>The most needed encryption is for files. Some of the most useful apps are: VeraCrypt, AESCrypt, and 7z/Keka. Do you have any comment on those apps, all of which run on the clients’ device.

]]>me. And i’m glad studying your article. However wanna commentary on few general things, The web site style is

perfect, the articles is truly excellent : D. Good job, cheers ]]>

Example: my strong password is: x4dt-step-rovski-witno-krt- (Around 137 bits)

I enter this into the program plus the relevant extension, e.g. x4dt-step-rovski-witno-krt-FACEBOOK when I want my Facebook password. The consequent sha-256, as a password, is of ‘overkill’ strength. Each site will have a unique password.

]]>