More Matlab and RC4

June 5th 2009

A reader asked for more details on the RC4 and block cipher mode functions I wrote in Matlab.

To recap, I needed a ‘block cipher’ to produce a complete example of how a straight block cipher fails to hide large patterns in the output, and how an appropriate block cipher mode yields something akin to white noise.

Wikipedia has a “penguin” example with a block encrypted version (penguin still visible) and a block of white noise. The white noise represents what the block mode output is supposed to look like as opposed to being the genuine output of a block cipher mode. So I built this ‘real’ example, more or less.

I didn’t have a block cipher that worked with small blocks. But I knew it wasn’t hard to implement RC4. So I created a function to map 8 bytes of data into 8 bytes of ‘ciphertext’ to simulate the block cipher.

Continue Reading »

Posted under Security & Tech Teaching | No Comments »

Matlab, RC4, and Crypto-Graphics

May 13th 2009

A while back I used graphical images to illustrate why you never, ever want to reuse the keystream of a stream cipher. Recently I’ve constructed similar examples to show the role of modes in using block ciphers. There’s a nice set of block mode examples in Wikipedia, but I wanted to include the real result of applying the mode.

smileycolor smileyecb smileycbc

While cryptographic neophytes may want to know why the second encryption clearly failed (if you can read the message, the encryption failed), cryptographic experts may find it interesting to see other examples of cryptographic failures appearing graphically.

[There is a later post with more info on RC4 in Matlab]

Continue Reading »

Posted under Security & Tech Teaching | 2 Comments »

Stream Ciphers

June 7th 2007

Whenever your browser establishes a “secure” connection to a web site, it encrypts the data. Traditionally, the browser and site use a stream cipher called Rivest Cipher #4 (RC4), although some sites use newer techniques.

Stream ciphers use a deceptively simple mechanism: you combine the plaintext data, bit by bit, with “key” bits, using the exclusive or operation. This is often abbreviated xor, and denoted by ⊕ – a circle with a cross. Continue Reading »

Posted under Security | No Comments »