Does adding complexity mean a more secure cipher? Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern) Announcing the arrival of Valued Associate #679: Cesar Manara Unicorn Meta Zoo #1: Why another podcast?Easy explanation of “IND-” security notions?Is this hand cipher any more secure than the Vigenère cipher?What does ''latency'' really mean when a block cipher is partially unrolled?RSA: how does it work and how is it more secure than symmetric systemsComplexity of attacks on affine cipherIs my protocol that uses hybrid cryptography and AES-GCM secure?What does 0…0 and 1…1 meanDoes AAD make GCM encryption more secure?What does (block cipher) decryption parallelizable mean?What does “$<!!<!!<$” mean?What does fullstop mean in this context?

Can inflation occur in a positive-sum game currency system such as the Stack Exchange reputation system?

∞ symbol in external pdf disappears when used as figure

Check which numbers satisfy the condition [A*B*C = A! + B! + C!]

What happens to sewage if there is no river near by?

How does cp -a work

Should I call the interviewer directly, if HR aren't responding?

Do you forfeit tax refunds/credits if you aren't required to and don't file by April 15?

Is the Standard Deduction better than Itemized when both are the same amount?

Why is "Consequences inflicted." not a sentence?

Models of set theory where not every set can be linearly ordered

What are the motives behind Cersei's orders given to Bronn?

Why are there no cargo aircraft with "flying wing" design?

Why was the term "discrete" used in discrete logarithm?

How can I make names more distinctive without making them longer?

If a contract sometimes uses the wrong name, is it still valid?

What is the longest distance a 13th-level monk can jump while attacking on the same turn?

What is this single-engine low-wing propeller plane?

Is a manifold-with-boundary with given interior and non-empty boundary essentially unique?

Stars Make Stars

What is the musical term for a note that continously plays through a melody?

How do I keep my slimes from escaping their pens?

How can I fade player when goes inside or outside of the area?

What does the "x" in "x86" represent?

When to stop saving and start investing?



Does adding complexity mean a more secure cipher?



Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern)
Announcing the arrival of Valued Associate #679: Cesar Manara
Unicorn Meta Zoo #1: Why another podcast?Easy explanation of “IND-” security notions?Is this hand cipher any more secure than the Vigenère cipher?What does ''latency'' really mean when a block cipher is partially unrolled?RSA: how does it work and how is it more secure than symmetric systemsComplexity of attacks on affine cipherIs my protocol that uses hybrid cryptography and AES-GCM secure?What does 0…0 and 1…1 meanDoes AAD make GCM encryption more secure?What does (block cipher) decryption parallelizable mean?What does “$<!!<!!<$” mean?What does fullstop mean in this context?










7












$begingroup$


I have a cryptography workshop question I'm having trouble with as follows;



Person A creates a cipher $E_k(m)$ which produces a ciphertext from message "m" using key "k". The function inside E is kept secret but the length of $E_K(m)$ is known.



Person B recommends "increasing" security of the cipher by instead doing :



$(E_k(m) oplus m) || (E_k(m) oplus 1111...11)$



Does this in fact increase security of the cipher or increase new problems.



My thinking is, depending on the function within E, xoring the output of the cipher with the plaintext message could expose the key, meaning the extra complexity is for nothing. Am I on the right track, or am I missing something?



I have tried searching for examples of similar schemes and found nothing (which probably means it's not a good scheme) but I need to justify my answer.



Any steers in the right direction would be greatly appreciated, I'm more than happy to do the research myself just unsure what specifically to look for.



Unfortunately the above context is all I have been provided for this question.










share|improve this question











$endgroup$



migrated from stackoverflow.com Apr 11 at 14:18


This question came from our site for professional and enthusiast programmers.






















    7












    $begingroup$


    I have a cryptography workshop question I'm having trouble with as follows;



    Person A creates a cipher $E_k(m)$ which produces a ciphertext from message "m" using key "k". The function inside E is kept secret but the length of $E_K(m)$ is known.



    Person B recommends "increasing" security of the cipher by instead doing :



    $(E_k(m) oplus m) || (E_k(m) oplus 1111...11)$



    Does this in fact increase security of the cipher or increase new problems.



    My thinking is, depending on the function within E, xoring the output of the cipher with the plaintext message could expose the key, meaning the extra complexity is for nothing. Am I on the right track, or am I missing something?



    I have tried searching for examples of similar schemes and found nothing (which probably means it's not a good scheme) but I need to justify my answer.



    Any steers in the right direction would be greatly appreciated, I'm more than happy to do the research myself just unsure what specifically to look for.



    Unfortunately the above context is all I have been provided for this question.










    share|improve this question











    $endgroup$



    migrated from stackoverflow.com Apr 11 at 14:18


    This question came from our site for professional and enthusiast programmers.




















      7












      7








      7


      1



      $begingroup$


      I have a cryptography workshop question I'm having trouble with as follows;



      Person A creates a cipher $E_k(m)$ which produces a ciphertext from message "m" using key "k". The function inside E is kept secret but the length of $E_K(m)$ is known.



      Person B recommends "increasing" security of the cipher by instead doing :



      $(E_k(m) oplus m) || (E_k(m) oplus 1111...11)$



      Does this in fact increase security of the cipher or increase new problems.



      My thinking is, depending on the function within E, xoring the output of the cipher with the plaintext message could expose the key, meaning the extra complexity is for nothing. Am I on the right track, or am I missing something?



      I have tried searching for examples of similar schemes and found nothing (which probably means it's not a good scheme) but I need to justify my answer.



      Any steers in the right direction would be greatly appreciated, I'm more than happy to do the research myself just unsure what specifically to look for.



      Unfortunately the above context is all I have been provided for this question.










      share|improve this question











      $endgroup$




      I have a cryptography workshop question I'm having trouble with as follows;



      Person A creates a cipher $E_k(m)$ which produces a ciphertext from message "m" using key "k". The function inside E is kept secret but the length of $E_K(m)$ is known.



      Person B recommends "increasing" security of the cipher by instead doing :



      $(E_k(m) oplus m) || (E_k(m) oplus 1111...11)$



      Does this in fact increase security of the cipher or increase new problems.



      My thinking is, depending on the function within E, xoring the output of the cipher with the plaintext message could expose the key, meaning the extra complexity is for nothing. Am I on the right track, or am I missing something?



      I have tried searching for examples of similar schemes and found nothing (which probably means it's not a good scheme) but I need to justify my answer.



      Any steers in the right direction would be greatly appreciated, I'm more than happy to do the research myself just unsure what specifically to look for.



      Unfortunately the above context is all I have been provided for this question.







      encryption






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Apr 11 at 14:59









      Ella Rose

      17.1k44585




      17.1k44585










      asked Apr 11 at 14:08









      melloncolliemelloncollie

      417




      417




      migrated from stackoverflow.com Apr 11 at 14:18


      This question came from our site for professional and enthusiast programmers.









      migrated from stackoverflow.com Apr 11 at 14:18


      This question came from our site for professional and enthusiast programmers.






















          3 Answers
          3






          active

          oldest

          votes


















          11












          $begingroup$


          xoring the output of the cipher with the plaintext message




          Xoring the message into the ciphertext removes the ability to decrypt the ciphertext.



          If all you have is $k, c = E_k(m) oplus m$, then you need to know $m$ in order to strip the external $m$ off of $E_k(m)$ before you can apply $m = D_k(E_k(m))$; Basically, you would need to know the message in order to "decrypt" the message, but since you already know the message, then there would be no knowledge gained from "decrypting".



          $(E_k(m)oplus m)||(E_k(m) oplus 1111...11)$



          The previous section was striked out, because there was more to the suggestion than simply xoring the message into the ciphertext.



          In fact, the complete suggestion is far, far worse then simply implying the inability to decrypt a ciphertext: Anyone can decrypt a ciphertext from this scheme without requiring the key.



          $$c = (E_k(m) oplus m) || E_k(m) oplus 1111dots 11)\c_texta = E_k(m) oplus m\c_textb = E_k(m) oplus 1111 dots 11\c' = c_textb oplus 1111dots11\m = c_texta oplus c'$$



          The value $1111dots11$ is known to all, so anyone can compute $$E_k(m) = E_k(m) oplus 1111dots11 oplus 1111dots11$$



          So $E_k(m)$ is effectively public knowledge, so again anyone can compute $$m = E_k(m) oplus m oplus E_k(m)$$



          This scheme is completely broken.




          I have tried searching for examples of similar schemes and found nothing (which probably means it's not a good scheme) but I need to justify my answer.




          See the previous section - "encryption" is an invertible process: You have to be able to undo the transformation so that you can retrieve the plaintext from any given ciphertext.



          It is completely broken, so you won't find anything similar to it (other than situations where people asked this same question and found it to be broken)




          Does this in fact increase security of the cipher or increase new problems.




          It's a lot easier to determine whether or not doing x or y will increase/decrease security once you have a clear goal of what it means to be secure. This is a context dependent notion.



          It helps to list:



          • What you have

          • What your adversary can do

          • What you want to accomplish (in very specific terms).

          If you don't know where to start, then look for the standard notions of security that cryptographers have already worked out for the context of interest (e.g. indistinguishability for ciphers)






          share|improve this answer











          $endgroup$








          • 2




            $begingroup$
            In this case we actually could decrypt the message. The problem is everybody can :-(. Because in addition to $E_k(m) oplus m$ we also get $E_k(m) oplus 111ldots 11$
            $endgroup$
            – Marc Ilunga
            Apr 11 at 14:59











          • $begingroup$
            @MarcIlunga I actually failed to pay attention to the mathjax part of the question, which is different than what the text part asks! Thanks for bringing that to my attention
            $endgroup$
            – Ella Rose
            Apr 11 at 15:01










          • $begingroup$
            Thank you to both of you. Greatly appreciate the help. Definitely need to work on my number theory.
            $endgroup$
            – melloncollie
            Apr 11 at 15:14


















          5












          $begingroup$

          This is indeed a example of complexity not adding security and actually weakening it.



          The second encryption can be written as $c = c_1|| c_2$, where $c_1 = E_k(m) oplus m$ and $c_2 = E_k(m) oplus 111ldots11$.



          Now observe that $m' = c_1 oplus c_2 = m oplus 111ldots11$.
          And we can easily get $m$ as $m' oplus 111ldots 11$






          share|improve this answer









          $endgroup$




















            0












            $begingroup$

            Even ignoring the complete and total brokenness of the full cipher, the $(E_k(m) oplus 1111...11)$ component keeps any possible first half from adding security. Since XORing the ciphertext with all 1s is an operation independent of either the key or the message, the cipher



            $(f(x)) || (E_k(m) oplus 1111...11)$



            permits the recovery of $E_k(m)$ for any possible $f(x)$.






            share|improve this answer









            $endgroup$













              Your Answer








              StackExchange.ready(function()
              var channelOptions =
              tags: "".split(" "),
              id: "281"
              ;
              initTagRenderer("".split(" "), "".split(" "), channelOptions);

              StackExchange.using("externalEditor", function()
              // Have to fire editor after snippets, if snippets enabled
              if (StackExchange.settings.snippets.snippetsEnabled)
              StackExchange.using("snippets", function()
              createEditor();
              );

              else
              createEditor();

              );

              function createEditor()
              StackExchange.prepareEditor(
              heartbeatType: 'answer',
              autoActivateHeartbeat: false,
              convertImagesToLinks: false,
              noModals: true,
              showLowRepImageUploadWarning: true,
              reputationToPostImages: null,
              bindNavPrevention: true,
              postfix: "",
              imageUploader:
              brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
              contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
              allowUrls: true
              ,
              noCode: true, onDemand: true,
              discardSelector: ".discard-answer"
              ,immediatelyShowMarkdownHelp:true
              );



              );













              draft saved

              draft discarded


















              StackExchange.ready(
              function ()
              StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcrypto.stackexchange.com%2fquestions%2f68705%2fdoes-adding-complexity-mean-a-more-secure-cipher%23new-answer', 'question_page');

              );

              Post as a guest















              Required, but never shown

























              3 Answers
              3






              active

              oldest

              votes








              3 Answers
              3






              active

              oldest

              votes









              active

              oldest

              votes






              active

              oldest

              votes









              11












              $begingroup$


              xoring the output of the cipher with the plaintext message




              Xoring the message into the ciphertext removes the ability to decrypt the ciphertext.



              If all you have is $k, c = E_k(m) oplus m$, then you need to know $m$ in order to strip the external $m$ off of $E_k(m)$ before you can apply $m = D_k(E_k(m))$; Basically, you would need to know the message in order to "decrypt" the message, but since you already know the message, then there would be no knowledge gained from "decrypting".



              $(E_k(m)oplus m)||(E_k(m) oplus 1111...11)$



              The previous section was striked out, because there was more to the suggestion than simply xoring the message into the ciphertext.



              In fact, the complete suggestion is far, far worse then simply implying the inability to decrypt a ciphertext: Anyone can decrypt a ciphertext from this scheme without requiring the key.



              $$c = (E_k(m) oplus m) || E_k(m) oplus 1111dots 11)\c_texta = E_k(m) oplus m\c_textb = E_k(m) oplus 1111 dots 11\c' = c_textb oplus 1111dots11\m = c_texta oplus c'$$



              The value $1111dots11$ is known to all, so anyone can compute $$E_k(m) = E_k(m) oplus 1111dots11 oplus 1111dots11$$



              So $E_k(m)$ is effectively public knowledge, so again anyone can compute $$m = E_k(m) oplus m oplus E_k(m)$$



              This scheme is completely broken.




              I have tried searching for examples of similar schemes and found nothing (which probably means it's not a good scheme) but I need to justify my answer.




              See the previous section - "encryption" is an invertible process: You have to be able to undo the transformation so that you can retrieve the plaintext from any given ciphertext.



              It is completely broken, so you won't find anything similar to it (other than situations where people asked this same question and found it to be broken)




              Does this in fact increase security of the cipher or increase new problems.




              It's a lot easier to determine whether or not doing x or y will increase/decrease security once you have a clear goal of what it means to be secure. This is a context dependent notion.



              It helps to list:



              • What you have

              • What your adversary can do

              • What you want to accomplish (in very specific terms).

              If you don't know where to start, then look for the standard notions of security that cryptographers have already worked out for the context of interest (e.g. indistinguishability for ciphers)






              share|improve this answer











              $endgroup$








              • 2




                $begingroup$
                In this case we actually could decrypt the message. The problem is everybody can :-(. Because in addition to $E_k(m) oplus m$ we also get $E_k(m) oplus 111ldots 11$
                $endgroup$
                – Marc Ilunga
                Apr 11 at 14:59











              • $begingroup$
                @MarcIlunga I actually failed to pay attention to the mathjax part of the question, which is different than what the text part asks! Thanks for bringing that to my attention
                $endgroup$
                – Ella Rose
                Apr 11 at 15:01










              • $begingroup$
                Thank you to both of you. Greatly appreciate the help. Definitely need to work on my number theory.
                $endgroup$
                – melloncollie
                Apr 11 at 15:14















              11












              $begingroup$


              xoring the output of the cipher with the plaintext message




              Xoring the message into the ciphertext removes the ability to decrypt the ciphertext.



              If all you have is $k, c = E_k(m) oplus m$, then you need to know $m$ in order to strip the external $m$ off of $E_k(m)$ before you can apply $m = D_k(E_k(m))$; Basically, you would need to know the message in order to "decrypt" the message, but since you already know the message, then there would be no knowledge gained from "decrypting".



              $(E_k(m)oplus m)||(E_k(m) oplus 1111...11)$



              The previous section was striked out, because there was more to the suggestion than simply xoring the message into the ciphertext.



              In fact, the complete suggestion is far, far worse then simply implying the inability to decrypt a ciphertext: Anyone can decrypt a ciphertext from this scheme without requiring the key.



              $$c = (E_k(m) oplus m) || E_k(m) oplus 1111dots 11)\c_texta = E_k(m) oplus m\c_textb = E_k(m) oplus 1111 dots 11\c' = c_textb oplus 1111dots11\m = c_texta oplus c'$$



              The value $1111dots11$ is known to all, so anyone can compute $$E_k(m) = E_k(m) oplus 1111dots11 oplus 1111dots11$$



              So $E_k(m)$ is effectively public knowledge, so again anyone can compute $$m = E_k(m) oplus m oplus E_k(m)$$



              This scheme is completely broken.




              I have tried searching for examples of similar schemes and found nothing (which probably means it's not a good scheme) but I need to justify my answer.




              See the previous section - "encryption" is an invertible process: You have to be able to undo the transformation so that you can retrieve the plaintext from any given ciphertext.



              It is completely broken, so you won't find anything similar to it (other than situations where people asked this same question and found it to be broken)




              Does this in fact increase security of the cipher or increase new problems.




              It's a lot easier to determine whether or not doing x or y will increase/decrease security once you have a clear goal of what it means to be secure. This is a context dependent notion.



              It helps to list:



              • What you have

              • What your adversary can do

              • What you want to accomplish (in very specific terms).

              If you don't know where to start, then look for the standard notions of security that cryptographers have already worked out for the context of interest (e.g. indistinguishability for ciphers)






              share|improve this answer











              $endgroup$








              • 2




                $begingroup$
                In this case we actually could decrypt the message. The problem is everybody can :-(. Because in addition to $E_k(m) oplus m$ we also get $E_k(m) oplus 111ldots 11$
                $endgroup$
                – Marc Ilunga
                Apr 11 at 14:59











              • $begingroup$
                @MarcIlunga I actually failed to pay attention to the mathjax part of the question, which is different than what the text part asks! Thanks for bringing that to my attention
                $endgroup$
                – Ella Rose
                Apr 11 at 15:01










              • $begingroup$
                Thank you to both of you. Greatly appreciate the help. Definitely need to work on my number theory.
                $endgroup$
                – melloncollie
                Apr 11 at 15:14













              11












              11








              11





              $begingroup$


              xoring the output of the cipher with the plaintext message




              Xoring the message into the ciphertext removes the ability to decrypt the ciphertext.



              If all you have is $k, c = E_k(m) oplus m$, then you need to know $m$ in order to strip the external $m$ off of $E_k(m)$ before you can apply $m = D_k(E_k(m))$; Basically, you would need to know the message in order to "decrypt" the message, but since you already know the message, then there would be no knowledge gained from "decrypting".



              $(E_k(m)oplus m)||(E_k(m) oplus 1111...11)$



              The previous section was striked out, because there was more to the suggestion than simply xoring the message into the ciphertext.



              In fact, the complete suggestion is far, far worse then simply implying the inability to decrypt a ciphertext: Anyone can decrypt a ciphertext from this scheme without requiring the key.



              $$c = (E_k(m) oplus m) || E_k(m) oplus 1111dots 11)\c_texta = E_k(m) oplus m\c_textb = E_k(m) oplus 1111 dots 11\c' = c_textb oplus 1111dots11\m = c_texta oplus c'$$



              The value $1111dots11$ is known to all, so anyone can compute $$E_k(m) = E_k(m) oplus 1111dots11 oplus 1111dots11$$



              So $E_k(m)$ is effectively public knowledge, so again anyone can compute $$m = E_k(m) oplus m oplus E_k(m)$$



              This scheme is completely broken.




              I have tried searching for examples of similar schemes and found nothing (which probably means it's not a good scheme) but I need to justify my answer.




              See the previous section - "encryption" is an invertible process: You have to be able to undo the transformation so that you can retrieve the plaintext from any given ciphertext.



              It is completely broken, so you won't find anything similar to it (other than situations where people asked this same question and found it to be broken)




              Does this in fact increase security of the cipher or increase new problems.




              It's a lot easier to determine whether or not doing x or y will increase/decrease security once you have a clear goal of what it means to be secure. This is a context dependent notion.



              It helps to list:



              • What you have

              • What your adversary can do

              • What you want to accomplish (in very specific terms).

              If you don't know where to start, then look for the standard notions of security that cryptographers have already worked out for the context of interest (e.g. indistinguishability for ciphers)






              share|improve this answer











              $endgroup$




              xoring the output of the cipher with the plaintext message




              Xoring the message into the ciphertext removes the ability to decrypt the ciphertext.



              If all you have is $k, c = E_k(m) oplus m$, then you need to know $m$ in order to strip the external $m$ off of $E_k(m)$ before you can apply $m = D_k(E_k(m))$; Basically, you would need to know the message in order to "decrypt" the message, but since you already know the message, then there would be no knowledge gained from "decrypting".



              $(E_k(m)oplus m)||(E_k(m) oplus 1111...11)$



              The previous section was striked out, because there was more to the suggestion than simply xoring the message into the ciphertext.



              In fact, the complete suggestion is far, far worse then simply implying the inability to decrypt a ciphertext: Anyone can decrypt a ciphertext from this scheme without requiring the key.



              $$c = (E_k(m) oplus m) || E_k(m) oplus 1111dots 11)\c_texta = E_k(m) oplus m\c_textb = E_k(m) oplus 1111 dots 11\c' = c_textb oplus 1111dots11\m = c_texta oplus c'$$



              The value $1111dots11$ is known to all, so anyone can compute $$E_k(m) = E_k(m) oplus 1111dots11 oplus 1111dots11$$



              So $E_k(m)$ is effectively public knowledge, so again anyone can compute $$m = E_k(m) oplus m oplus E_k(m)$$



              This scheme is completely broken.




              I have tried searching for examples of similar schemes and found nothing (which probably means it's not a good scheme) but I need to justify my answer.




              See the previous section - "encryption" is an invertible process: You have to be able to undo the transformation so that you can retrieve the plaintext from any given ciphertext.



              It is completely broken, so you won't find anything similar to it (other than situations where people asked this same question and found it to be broken)




              Does this in fact increase security of the cipher or increase new problems.




              It's a lot easier to determine whether or not doing x or y will increase/decrease security once you have a clear goal of what it means to be secure. This is a context dependent notion.



              It helps to list:



              • What you have

              • What your adversary can do

              • What you want to accomplish (in very specific terms).

              If you don't know where to start, then look for the standard notions of security that cryptographers have already worked out for the context of interest (e.g. indistinguishability for ciphers)







              share|improve this answer














              share|improve this answer



              share|improve this answer








              edited Apr 11 at 15:12

























              answered Apr 11 at 14:47









              Ella RoseElla Rose

              17.1k44585




              17.1k44585







              • 2




                $begingroup$
                In this case we actually could decrypt the message. The problem is everybody can :-(. Because in addition to $E_k(m) oplus m$ we also get $E_k(m) oplus 111ldots 11$
                $endgroup$
                – Marc Ilunga
                Apr 11 at 14:59











              • $begingroup$
                @MarcIlunga I actually failed to pay attention to the mathjax part of the question, which is different than what the text part asks! Thanks for bringing that to my attention
                $endgroup$
                – Ella Rose
                Apr 11 at 15:01










              • $begingroup$
                Thank you to both of you. Greatly appreciate the help. Definitely need to work on my number theory.
                $endgroup$
                – melloncollie
                Apr 11 at 15:14












              • 2




                $begingroup$
                In this case we actually could decrypt the message. The problem is everybody can :-(. Because in addition to $E_k(m) oplus m$ we also get $E_k(m) oplus 111ldots 11$
                $endgroup$
                – Marc Ilunga
                Apr 11 at 14:59











              • $begingroup$
                @MarcIlunga I actually failed to pay attention to the mathjax part of the question, which is different than what the text part asks! Thanks for bringing that to my attention
                $endgroup$
                – Ella Rose
                Apr 11 at 15:01










              • $begingroup$
                Thank you to both of you. Greatly appreciate the help. Definitely need to work on my number theory.
                $endgroup$
                – melloncollie
                Apr 11 at 15:14







              2




              2




              $begingroup$
              In this case we actually could decrypt the message. The problem is everybody can :-(. Because in addition to $E_k(m) oplus m$ we also get $E_k(m) oplus 111ldots 11$
              $endgroup$
              – Marc Ilunga
              Apr 11 at 14:59





              $begingroup$
              In this case we actually could decrypt the message. The problem is everybody can :-(. Because in addition to $E_k(m) oplus m$ we also get $E_k(m) oplus 111ldots 11$
              $endgroup$
              – Marc Ilunga
              Apr 11 at 14:59













              $begingroup$
              @MarcIlunga I actually failed to pay attention to the mathjax part of the question, which is different than what the text part asks! Thanks for bringing that to my attention
              $endgroup$
              – Ella Rose
              Apr 11 at 15:01




              $begingroup$
              @MarcIlunga I actually failed to pay attention to the mathjax part of the question, which is different than what the text part asks! Thanks for bringing that to my attention
              $endgroup$
              – Ella Rose
              Apr 11 at 15:01












              $begingroup$
              Thank you to both of you. Greatly appreciate the help. Definitely need to work on my number theory.
              $endgroup$
              – melloncollie
              Apr 11 at 15:14




              $begingroup$
              Thank you to both of you. Greatly appreciate the help. Definitely need to work on my number theory.
              $endgroup$
              – melloncollie
              Apr 11 at 15:14











              5












              $begingroup$

              This is indeed a example of complexity not adding security and actually weakening it.



              The second encryption can be written as $c = c_1|| c_2$, where $c_1 = E_k(m) oplus m$ and $c_2 = E_k(m) oplus 111ldots11$.



              Now observe that $m' = c_1 oplus c_2 = m oplus 111ldots11$.
              And we can easily get $m$ as $m' oplus 111ldots 11$






              share|improve this answer









              $endgroup$

















                5












                $begingroup$

                This is indeed a example of complexity not adding security and actually weakening it.



                The second encryption can be written as $c = c_1|| c_2$, where $c_1 = E_k(m) oplus m$ and $c_2 = E_k(m) oplus 111ldots11$.



                Now observe that $m' = c_1 oplus c_2 = m oplus 111ldots11$.
                And we can easily get $m$ as $m' oplus 111ldots 11$






                share|improve this answer









                $endgroup$















                  5












                  5








                  5





                  $begingroup$

                  This is indeed a example of complexity not adding security and actually weakening it.



                  The second encryption can be written as $c = c_1|| c_2$, where $c_1 = E_k(m) oplus m$ and $c_2 = E_k(m) oplus 111ldots11$.



                  Now observe that $m' = c_1 oplus c_2 = m oplus 111ldots11$.
                  And we can easily get $m$ as $m' oplus 111ldots 11$






                  share|improve this answer









                  $endgroup$



                  This is indeed a example of complexity not adding security and actually weakening it.



                  The second encryption can be written as $c = c_1|| c_2$, where $c_1 = E_k(m) oplus m$ and $c_2 = E_k(m) oplus 111ldots11$.



                  Now observe that $m' = c_1 oplus c_2 = m oplus 111ldots11$.
                  And we can easily get $m$ as $m' oplus 111ldots 11$







                  share|improve this answer












                  share|improve this answer



                  share|improve this answer










                  answered Apr 11 at 15:06









                  Marc IlungaMarc Ilunga

                  42718




                  42718





















                      0












                      $begingroup$

                      Even ignoring the complete and total brokenness of the full cipher, the $(E_k(m) oplus 1111...11)$ component keeps any possible first half from adding security. Since XORing the ciphertext with all 1s is an operation independent of either the key or the message, the cipher



                      $(f(x)) || (E_k(m) oplus 1111...11)$



                      permits the recovery of $E_k(m)$ for any possible $f(x)$.






                      share|improve this answer









                      $endgroup$

















                        0












                        $begingroup$

                        Even ignoring the complete and total brokenness of the full cipher, the $(E_k(m) oplus 1111...11)$ component keeps any possible first half from adding security. Since XORing the ciphertext with all 1s is an operation independent of either the key or the message, the cipher



                        $(f(x)) || (E_k(m) oplus 1111...11)$



                        permits the recovery of $E_k(m)$ for any possible $f(x)$.






                        share|improve this answer









                        $endgroup$















                          0












                          0








                          0





                          $begingroup$

                          Even ignoring the complete and total brokenness of the full cipher, the $(E_k(m) oplus 1111...11)$ component keeps any possible first half from adding security. Since XORing the ciphertext with all 1s is an operation independent of either the key or the message, the cipher



                          $(f(x)) || (E_k(m) oplus 1111...11)$



                          permits the recovery of $E_k(m)$ for any possible $f(x)$.






                          share|improve this answer









                          $endgroup$



                          Even ignoring the complete and total brokenness of the full cipher, the $(E_k(m) oplus 1111...11)$ component keeps any possible first half from adding security. Since XORing the ciphertext with all 1s is an operation independent of either the key or the message, the cipher



                          $(f(x)) || (E_k(m) oplus 1111...11)$



                          permits the recovery of $E_k(m)$ for any possible $f(x)$.







                          share|improve this answer












                          share|improve this answer



                          share|improve this answer










                          answered Apr 11 at 23:32









                          MarkMark

                          1885




                          1885



























                              draft saved

                              draft discarded
















































                              Thanks for contributing an answer to Cryptography Stack Exchange!


                              • Please be sure to answer the question. Provide details and share your research!

                              But avoid


                              • Asking for help, clarification, or responding to other answers.

                              • Making statements based on opinion; back them up with references or personal experience.

                              Use MathJax to format equations. MathJax reference.


                              To learn more, see our tips on writing great answers.




                              draft saved


                              draft discarded














                              StackExchange.ready(
                              function ()
                              StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcrypto.stackexchange.com%2fquestions%2f68705%2fdoes-adding-complexity-mean-a-more-secure-cipher%23new-answer', 'question_page');

                              );

                              Post as a guest















                              Required, but never shown





















































                              Required, but never shown














                              Required, but never shown












                              Required, but never shown







                              Required, but never shown

































                              Required, but never shown














                              Required, but never shown












                              Required, but never shown







                              Required, but never shown







                              Popular posts from this blog

                              Sum ergo cogito? 1 nng

                              三茅街道4182Guuntc Dn precexpngmageondP