design.txt - Don Yang (uguu.org) Goal Create a key-driven cipher generator, such that any attacker would have to break a cipher of unknown structure to obtain the plaintext message. Block cipher observations - Most block ciphers are based on some sort of Feistel network, composed by feeding part of input block through a round function, then XOR/ADD/SUB the output with another part of input block. - The round function need not be reversible. Thus, I should be able to generate a relatively high-grade block cipher filled with more or less random code. The only requirement to be able to decrypt the ciphertext is that the Feistel network is arranged in a reversible fashion. Feistel network construction Each round looks like this: Di -----+----> Dj' F Dj' = Di | Di' = Dj * F(K, Di) V Dj ---> * ---> Di' * = add/sub/xor Dj is being modified through some reversible operator *, which depends on value of Di. The outputs are swapped at the end of each round. Note that as long as i != j, the network can always be traced back to get input values to function F, and reverse the effect of *. Thus, to construct a Feistel network that can be decrypted, we simply select random i and j such that they are not equal. Also note that with just a single round, Di is easily recovered (Dj' contains the output value). For the original input to be obscured, each Dx needs to pass through * at least once, the more times the better. Using the above, the network is constructed as follows: select i and j such that i != j increment coverage[j] swap coverage[i] and coverage[j] Repeat this process for each round, and do so in such a way that at the end of all rounds, coverage[x] for any x is greater than minimum required coverage (might need to increase number of rounds to achieve it). Round function construction To build the round function F, any random functions may be used, but simple operations are preferred because F will be executed many times. Popular operation choices are: - Rotate - Modular add/subtract - Modular multiply - S-Box (substitution table) - Exclusive or Select from the above and combine randomly, along with data/key operands for some of the inputs, and we would get our round function... though more clever combinations lead to more randomness and is thus more desirable. Analysis Here comes the most entertaining part of this project... Block size of output ciphers = random. Number of rounds of output ciphers = random. Key length of output ciphers = random. Speed of output ciphers = random. Thus: Strength of output ciphers = random. Therefore: security is provided through obscurity, anything else is not guaranteed. Though, better than most other type of obscure encryptions, this one is less prune to reverse-engineering because it's one layer above the encryption process: generator -> random cipher -> encrypt/decrypt process ^^^^^^^^^^^^^ Source code doesn't even exist here Various measures were taken to ensure minimal quality of the generated ciphers, so this utility should be good enough for practical use. Of course, to be sure, people should use a cipher that has been analyzed and proven to be resilient against known attacks. Improvements There is always room for improvement, the implementation part if anything else. Generating machine code dynamically would be a cool idea, for example, would make the process a whole lot faster for those without access to C compilers. Suppose the speed issues are solved, then, the next step would be to change the encryption process for each block, and also make the block size random (would be complicated to implement CBC with this though). Since the only guaranteed part about random block ciphers is security through obscurity, the more obscurity the better ^_^; Trying to improve the general quality of the generated ciphers is always very desirable. To that end, maybe: increase the number of rounds (increase minimum coverage requirement), incorporate transcendental functions (like how MD5 uses sine to generate its table), break the word-sized boundaries, etc. ... future improvements only if people actually want to use it, of course ^_^;