On Fri, Jun 26, 2015 at 1:26 AM, Jon Ribbens <jon+use...@unequivocal.co.uk> wrote: >> There are only 256 possible values for n, one of which doesn't transform the >> data at all (ROT-0). If you're thinking of attacking this by pencil and >> paper, 255 transformations sounds like a lot. For a computer, that's barely >> harder than a single transformation. > > Well, it means you need to send 256 times as much data, which is a > start. If you're instead using a 256-byte translation table then > an attack becomes utterly impractical. >
Utterly impractical? Maybe, if you attempt a pure brute-force approach - there are 256! possible translation tables, which is roughly e500 attempts [1], and at roughly four a microsecond [2] that'd still take a ridiculously long time. But there are two gigantic optimizations you could do. Firstly, there are frequency-based attacks, and byte value duplicates will tell you a lot - classic cryptographic work. And secondly, you can simply take the first few bytes of a file - let's say 16, although a lot of files can be recognized in less than that. Even if there are no duplicate bytes, that'd be a maximum of 16! translation tables that truly matter, or just 2e13. At the same speed, that makes about a million seconds of computing time required. Divide that across a bunch of separate computers (the job is embarrassingly parallel after all), and you could get that result pretty easily. Cut the prefix to just 8 bytes and you have a mere 40K encryption keys to try - so quick that you wouldn't even see it happen. Nope, a simple substitution cipher is still not secure. Even the famous Enigma machine was a lot more than just letter-for-letter substitution - a double letter in the cleartext wouldn't be represented by a double letter in the result - and once the machine's secrets were figured out, the day's key could be reassembled fairly readily. ChrisA [1] It's actually closer to 8.6e506, if you care. [2] timeit result from my laptop - you could do better, but that's a reasonable average -- https://mail.python.org/mailman/listinfo/python-list
