General cryptography question

[metguru]

I understand that encrypted data these days uses a matrix or long algorithms, or whatever, but what about using substitution? How secure is it to have something like a 64 or more character key, used just for adding to the origonal ascii value. Would something like that be as hard to crack as an algorithm of todays standards? im asumming not..and are there benefits to using these algorithms over a long length key for substitution?

[encipher]

Using substitution with a long key can be pretty strong but it still will not come close to the strength of more advanced algorithms. The benifit of using the newer algorithms is obvious, its the strength they provide... Draw backs are the cost of computation and its implementation.

[Aardpsymon]

a simple ceaser shift type opperation (I assume thats what you are meaning, a-> b or a->m etc based on the key) is quite quick to encode and decode. Yes at a glance it works as well as some methods. The downside is that once it is broken they not only have the message they have the key as well. Brute forcing a more modern algorithm may result in (most of) the message but shouldn't give the key as well.

[oofki]

Shifts/subs are way too easy to be "broken" Irreversible algos are the way to go.

[metguru]

i get it now, thanks guys.

[Aardpsymon]

Shifts/subs are way too easy to be "broken" Irreversible algos are the way to go.

Not for encrypting e-mail they aren't! :P

[oofki]

Well in that case pgp :-) But generally - no. I do not submit sensitive information via emails so it doesnt matter to me :-)

[sec_ware]

Hi

Substitution ciphers _can_ be extremely secure. Actually, the only known
class of unbreakable ciphers is often categorised as a subsitution ciphers:
the one-time pad (or see also polyalphabetic substitutions).

The drawback certainly is that the key has to be quite long, has to be perfectly
random, and the pad should not be got lost


Modern ciphers, like AES, are block ciphers, which combine base elements,
such as substitution and transposition.

Substitution (S-box) is a mean to increase confusion, which is besides
diffusion, one of the main criteria to characterise cryptographic systems
(see Shannon[1]) in order to frustrate statistical analysis.



Oofki, I do have a question: how do you decrypt a ciphertext, which was encrypted with an irreversible algorithm?


Cheers

[1] http://netlab.cs.ucla.edu/wiki/files/shannon1949.pdf

[Aardpsymon]

Oofki, I do have a question: how do you decrypt a ciphertext, which was encrypted with an irreversible algorithm?

You don't. Its only used for passwords really. When a password is created it is encrypted, then when it is entered it is encrypted in the same way and the encrypted versions are compared.

[metguru]

Hi

Substitution ciphers _can_ be extremely secure. Actually, the only known
class of unbreakable ciphers is often categorised as a subsitution ciphers:
the one-time pad (or see also polyalphabetic substitutions).

The drawback certainly is that the key has to be quite long, has to be perfectly
random, and the pad should not be got lost

Why would they need to be perfectly random? If you used something like a book for a key, how would that be worse than using the same length string of random characters? The chance of someone guessing that you used that book as a key would be fairly slim, so i wouldn't even consider that as a factor in the security, unless it was an extremely common book that has something to do with the contents or something in that nature. And even if they did guess it, they'd still need the exact same document, with all the same spaces and everything.