On Fri, 30 Aug 2002 02:05:58 PDT, coursemate groupsix
<ccs522_g6(_at_)yahoo(_dot_)com> said:
the sender and decrypted by the receiver. One heuristic strategy that we can
use is substitution. The process of substitution involve each cleartext being
replaced with some other character. The result of this substitution will be a
ciphertext that does not resemble the original text in any obvious manner. One
famous example is the Caesar substitution which work as follows:
Adobe was seriously embarassed in the Skylarov incident when it turned out
their encryption was of this form. It's not even *close* to sufficient in
today's Internet. For that matter, even single-DES is considered not
sufficient.
First off, substitution ciphers are prone to frequency-analysis attacks, and
other tricks - if you're trying to encrypt "Packet Too Big", and there's only
a limited number of other possible values, you can just compute what the
key value would have to be for each possible text to result in the given
ciphertext, and see if it works for the rest of the message. I expect this
would be computationally on the same order as the TCP checksum - in other
words, microseconds.
Second off, how do you distribute your "key value of 10"? If everybody uses
10, it's not a key anymore....
I suggest you get a copy of Bruce Schneier's "Applied Cryptography", read it,
understand it, and then think about why this is a *lot* harder than it looks
(hint - how do you get the key to secure a Neighbor Discovery packet if you
haven't gotten enough neighbor/router information to find your DNS server
or other network information packet?).
--
Valdis Kletnieks
Computer Systems Senior Engineer
Virginia Tech
pgpJMfcAbOHY6.pgp
Description: PGP signature