Re: A Last Word on Ciphertext Expansion Ratio - Promise.

[Austin Obyrne <austin.obyrne@hotmail.com>]

On Saturday, December 6, 2014 5:46:26 PM UTC, Dennis Lee Bieber wrote:
> On Sat, 6 Dec 2014 07:45:59 -0800 (PST), Austin Obyrne
> <austin.obyrne@hotmail.com> declaimed the following:
> 
> 
> >
> >Appendix. - The palindrome "able was I ere I saw elba" is encrypted here with this new ciphertext as a demonstration just to show the difference.
> >
> >New.
> >
> >322   693  -583  484  883  -817  444  719  -593  87 149  -14  -448 -902  1044  356 686  -648        373   645  -532  467  912  -831  -401 -966 1091  -231 -520  670 -440 -925 1052  87  166        -14    301   612  -535 114   122   13 -446 -963 1046  -291 -549  610 -443 -927 1049  439        934  -859  356  636 -549  391  725  -613  -441 -939  1051  67 121  -34 415  697 -622        502    921  -799  354  612 -551
> >
> 
> 	Danger, Will Robinson, Danger
> 
> 	The above indicates signed integer output... But that could be 16, 32,
> or 64 bit integers internally.
> 
> 	99.9% of the recognized encryption routines would take your 25-byte
> (presuming ASCII) input and give back a 25-byte output. If the output is
> then rendered for human reading it may expand to 50 bytes of hex digits, or
> 75 bytes if the hex bytes are space separated. Nowhere would it expand to
> over 200 bytes.
> 
> >>> from Crypto.Cipher import DES3
> >>> from Crypto import Random
> >>> from Crypto.Util import Counter
> >>> key = "SubKey01SubKey02SubKey03"
> >>> len(key)
> 24
> >>> len(key) * 8
> 192
> >>> nonce = Random.new().read(DES3.block_size/2)
> >>> nonce
> '\xe2\xf7\\u'
> >>> len(nonce)
> 4
> >>> ctr = Counter.new(DES3.block_size*8/2, prefix=nonce)
> >>> cipher = DES3.new(key, DES3.MODE_CTR, counter=ctr)
> >>> plaintext = "Able was I ere I saw Elba"
> >>> msg = nonce + cipher.encrypt(plaintext)
> >>> len(msg)
> 29
> >>> len(plaintext)
> 25
> >>> len(plaintext) + len(nonce)
> 29
> >>> msg
> '\xe2\xf7\\u\xd3\xa3y\xe2\xd4\xdeqL\xfbJ\x02u\xbf\x9fQ%\xc6\x1f\x07\x82\x1a\xbd\x9c\x04\xad'
> >>> " ".join("%2.2X" % ord(c) for c in msg)
> 'E2 F7 5C 75 D3 A3 79 E2 D4 DE 71 4C FB 4A 02 75 BF 9F 51 25 C6 1F 07 82 1A
> BD 9C 04 AD'
> >>> len(" ".join("%2.2X" % ord(c) for c in msg))
> 86
> >>> " ".join("%d" % ord(c) for c in msg)
> '226 247 92 117 211 163 121 226 212 222 113 76 251 74 2 117 191 159 81 37
> 198 31 7 130 26 189 156 4 173'
> >>> print msg
> ?u?y?qL???Q%O\a??\x04
> 
> 	The only reason the encrypted message is longer than the plaintext is
> because it has been salted with a 4-byte random value, and that value is
> provided so the decryption can set itself up for the same "randomness". The
> reason for such a salting is so that two users, say, using the same key,
> and the same plain text, would get different encrypted forms. You can't
> look at the result and say "I know what user A sent... What user B sent is
> identical, therefore I know what B sent" without even trying to decrypt the
> message.
> -- 
> 	Wulfraed                 Dennis Lee Bieber         AF6VN
>     wlfraed@ix.netcom.com    HTTP://wlfraed.home.netcom.com/

Hi Dennis,

Thanks for the tip.  Will be making changes chop chop - no advantage in having negative ciphertext anyway.

Austin.