0

Is it possible to achieve perfect secrecy, unbreakable, unguessable, uncrackable by using a totally secret cypher?

The following conditions must apply:

  • Using the secret cypher only 1 time, so that no correlation between outputs can be achieved
  • The cypher itself has to be selected from a big pool of possibilities and having a high complexity so that an attacker would not have the option to just run through all combinations of cryptological operations (XOR, NOR, ShiftRows, Shiftcolumns, etc..)
  • So the attacker only knows the OUTPUT, and doesn't know the private key, doesn't know the cypher, and doesn't know the input. The attacker also doesn't know the size of the input in relation to the output, other than the input being < or = to the output, but not the precise size. Also the cypher would not be shared, so 1 time use by 1 person, and no other user.


  • Now using the cypher only 1 time is self explanatory. If you use it multiple times, and the cypher turns out to be weak, then probaly some kind of correlation attack between multiple outputs could be mounted to recover the input.

  • Now the complexity of the cypher should also be obvious. Like if you just pick a simple cypher like one of those old cyphers from the cold war, or one of a similar structure, then the adversary can just run through the possible combinations of all cryptological operations and then brute force each. It would slow him down, but not stop him.

Then some people might say that this would violate Kerckhoffs's principle, but I disagree.

Because if the cypher is secret, then obtaining the cypher is equivalent to obtaining the private key. If the attacker can obtain the cypher through some side channel attack, then with the same effort he can just obtain the key altogether and decrypt the message.

So a secret cypher that nobody knows, and it's complex enough, would be like Navajo code that was used during WW2.

Furthermore of the input itself is unknown, like the attacker doesn't even know what to look for, then even if he break N rounds of the cypher, he has absolutely no clue what to look for, and doesn't know how many rounds are there left. It doesn't even know if the algorithm he used is correct at all.

So it's not even like searching for a needle in a haystack. It's like having a haystack and no needle, the attacker doesn't even know what to look for.

cryptonoob400
  • 533
  • 1
  • 3
  • 12

3 Answers3

4

Is it possible to achieve perfect secrecy, unbreakable, unguessable, uncrackable by using a totally secret cypher?

There are two different questions: Can you obtain perfect secrecy, and can you obtain an encryption algorithm that cannot be broken.

Perfect Secrecy

The One Time Pad is already a well known construction; Supposing that any construction that provides perfect secrecy is effectively equivalent to a One Time Pad, then using a secret cipher to obtain perfect secrecy will not be possible.

Supposing you did develop some other algorithm that provided perfect secrecy, keeping the algorithm would not be necessary or improve anything: Proof of this can be demonstrated with the One Time Pad, in that it is information-theoretically secure, despite the adversary knowing that a OTP was used to encrypt the message.

Unbreakable, Unguessable, Uncrackable, etc

In theory, probably not.

In practice, yes. However, once again, this is something that can/is achieved without resorting to keeping the algorithm secret; It is usually accomplished by creating designs that understand how an adversary will attack.

Then some people might say that this would violate Kerckhoffs's principle, but I disagree.

This is the very definition of a violation of Kerckhoffs's principle: The cryptosystem should be secure even if the enemy knows everything about it except for the key. It appears that you are not disagreeing about whether or not this scheme violates the principle, but whether or not the principle is worth upholding.

The algorithm as a key

Keeping the algorithm secret means that the algorithm becomes the key material. We can (and do) quantify the size of keys in terms of bits; There is a minimum representation of your algorithm that requires a minimum number of bits to represent.

The real problem with this is that symmetric keys should be shared between two parties; A secret algorithm is a symmetric key which must be shared between all parties. This dramatically increases the chances of exposure of the "key" the an adversary.

Because you have to execute it physically somewhere, somehow, you will have to ensure that copies of your program never end up on disk, never hang around in memory, that nobody ever sees the source code, and that nobody can watch what the CPU is doing. It is hard to make these guarantees even when many eyes are scrutinizing the source for mistakes.

Creating a cryptosystem on the assumption that an adversary does not know a single bit of plaintext implies that you only ever encrypt fully random blocks of data. If you are encrypting anything other then random data, this assumption will not be met and any further analysis is a waste.

Keeping the algorithm (and all plaintext messages) a secret in an attempt to thwart cryptanalysis is effectively equivalent to "hoping" that the adversary does not discover any flaws in the algorithm. "Hope" is not what cryptography provides; Cryptography provides certainty, preferably using as few assumptions against as strong of an adversary as possible. Instead of hoping, it is a proven superior practice to understand and design algorithms that can offer provable security.

Ella Rose
  • 19,603
  • 6
  • 53
  • 101
  • 1 the attacker has no way of knowing the relationship between the input bits and output bits, the size relationship. The output can be way bigger than the input. Like "insertion" kind of cyphers (multiply number by x, or similar). – cryptonoob400 Jun 02 '17 at 20:29
  • 2 I thought it's obvious but no sharing of the cypher would occur, so if the cypther is used only for personal use? Then that attack vector would cease. Plus securing the cypher is effectively the same as securing the private key in this scenario. So a public cypher like AES can be analyzed and brute forced, because the attacker knows what to look for, and how to break it, following the rounds step by step. In this methodology, there is no algorithm, so it's literally like looking for a needle in a haystack that is invisible. – cryptonoob400 Jun 02 '17 at 20:32
1

Are you learning cryptography from Nicolas Cage? This is somewhat of a non question.

Clearly if you produce just a few sentences with even the most basic of ciphers, statistically no one will be able to break it. Just like the Dorabella letter. The point being, what's the point? What is the point of a cipher that only allows you to send 100 letters one time and never again? As an equivalent example, you could just take any sentence with 100 letters and simply permute them. There is no way to reform it correctly due to the possibility of anagrams and your means of permutation never being used again.

It might actually not even be a true cipher in any reasonable assessment of useful cryptographic ciphers.

As for the war, Navajo code (and all the others) weren't particularity complex cryptographically. They're languages after all. Thousands of Navajo spoke them, including their children.

The real key to perfect secrecy is the key itself. It has nothing to do with the complexity of your cipher. That's just incidental detail. The cipher can be of Brobdingnagian complexity or just one xor per character. Any cipher /encryption automatically acquires perfect secrecy if:-

Entropy(key) >= Entropy(plaintext)

This is effectively the definition of a one time pad encryption, but we tend to use the grammatical term rather than the mathematical. In your case, I'm assuming that the plain text is longer than the key. The implication is that your cipher is breakable mathematically, although it's difficult with only a few sentences. If Entropy(key) << Entropy(plaintext), then the odds increase of being able to decipher. In extremis, imagine enciphering Harry Potter. It will be breakable unless you've invented AES+.

Paul Uszak
  • 15,390
  • 2
  • 28
  • 77
1

The other answers have correctly pointed out the importance of the private key, but this scheme lacks any real discussion of the adversary.

If you're going to try to convince anyone of this (or any) scheme, you should specify clearly what the adversary's capabilities are. By saying things like "looking for needles in a haystack that is invisible", you are basically constructing adversaries who can't do anything and know nothing, even a priori. Of course your scheme would work against such an adversary. To test your scheme, make Eve stronger, not weaker.

Is the adversary able to gather a list of plaintexts and corresponding ciphertexts? Can Eve perform chosen ciphertext or chosen plaintext attacks? Eve Eavesdropper may be a supervillain linguist and quickly notice that your ciphertexts are based off of different languages or ciphers, regardless of how obscure they are, or seem to be. Not to mention that there are only about 7,000 languages out there.

Specifying what the adversary can do is extremely important. If I just keep my thoughts in my brain, my messages may be really secure! But if Eve has mind-reading powers, they're not.