Re: Tristrata - worth another look?

Alex Alten (Alten@Home.Com)
Fri, 02 Apr 1999 00:19:52 -0800

• Next message: Enzo Michelangeli: "Re: Tristrata - worth another look?"
• Previous message: Enzo Michelangeli: "Re: Tristrata - worth another look?"
• Next in thread: Bruce Schneier: "Re: Tristrata - worth another look?"
• Reply: Bruce Schneier: "Re: Tristrata - worth another look?"
• Reply: Sunder: "Re: Tristrata - worth another look?"
• Reply: Greg Rose: "Re: Tristrata - worth another look?"

At 08:47 AM 4/1/99 -0600, Bruce Schneier wrote:
>At 11:49 PM 3/31/99 -0800, Alex Alten wrote:
>>
>>As a founding employee of TriStrata I want to apologize to the
>>crypto community for that "unbreakable" crap. As far as I can tell
>>none of us here ever made that statement, but somehow we got tarred
>>with it. If you handle the fundamentals correctly, a Vernam cipher
>>is a useful tool in the crypto bag, with its good and bad attributes.
>>RC4 is an example of one type. RKS is just another type.
>
>This explains how the "unbreakable" crap got into your literature. You
>confuse stream ciphers with Vernam ciphers. RC4 is an OFB stream
>cipher. It is not a Vernam cipher.
>
>I think you need to try again.
>

I haven't read all our literature over the years, is there a particular
piece that we published that mentions the word? Certainly I have
never considered it to be unbreakable, and I have been intimately
involved with its design, implementation and evolution for several years.

It occurs to me that you and I are saying the same thing, but disagreeing
about the definition of what a "Vernam cipher" means. So let me precisely
define what I mean when I say it. To me the core enciphering operation of
one is the following:

        X[i] + Y[i] = Z[i]

Where X[i] is a random byte, Y[i] is the cleartext byte, and Z[i] is
the cipher text byte. And i goes from 0 to n-1 bytes (n = message length).
In practice the "+" is ones complement addition, i.e. an exclusive OR
operation.

For each byte i then you have a simple algebraic equation with two
unknowns, X and Y. The essence of a Vernam cipher is constructing
the random sequence of X[i] bytes properly in order to compute the
equation, i.e. encipher the Y[i] into the Z[i] bytes.

Since RC4 is constructing X[i] byte by byte from a randomly shuffled 256
byte array of numbers (which is reshuffled over time), I consider it to be
a type of Vernam cipher. RKS uses a different technique to construct
the sequence of random X[i] bytes. So it too, I consider to be a type
of Vernam cipher.

- Alex

--
Alex Alten
Alten@Home.Com
Alten@TriStrata.Com
P.O. Box 11406
Pleasanton, CA  94588  USA
(925) 417-0159

• Next message: Enzo Michelangeli: "Re: Tristrata - worth another look?"
• Previous message: Enzo Michelangeli: "Re: Tristrata - worth another look?"
• Next in thread: Bruce Schneier: "Re: Tristrata - worth another look?"
• Reply: Bruce Schneier: "Re: Tristrata - worth another look?"
• Reply: Sunder: "Re: Tristrata - worth another look?"
• Reply: Greg Rose: "Re: Tristrata - worth another look?"