Abstract: This paper presents a chosen plaintext cryptanalysis of the FEAL-8 cryptosystem. The attack requires the ciphertext corresponding to approximately 10000 pairs of 64 bit plaintext blocks. The difference (bitwise xor) between the two blocks of each pair is equal to an appropriately selected constant. We first state that some differential statistics for intermediate values of the data randomizer are non uniform and independent of the encryption key. We then show that these statistics can be used to compute gradually the expanded key of the data randomizer.In 1989 some announcements were made that the so-called FEAL-8, 8 round version of the FEAL cryptosystem, was vulnerable to a chosen plaintext attack [1], So far, however, only the cryptanalysis of the 4 round version FEAL-4 by Bert Den Boer [2] was published. In this paper we present a chosen plaintext attack of FEAL-8 based on some differential statistics of its data randomization scheme.

Abstract: It is well known that a stream cipher system can be described in terms of a Vernam scheme using a Pseudo-Random Number Generator as key generator. Each character mt of the plaintext (viewed as an integer) is enciphered by adding the corresponding pseudo-random key character st. Deciphering is obtained by subtracting the same value stream from the ciphertext (see Fig.1).

Abstract: The problem of ensuring recoverability of encrypting data in a file storage system is examined. In this situation, the original data (plaintext) are removed from the system after encryption. In the event of errors either in the initial processing or in the storage of the data, the file may be rendered unrecoverable. A model of a file storage system that incorporates errors in these areas is developed. A two-stage coding system involving error-correcting codes and interleaving is introduced. The performance of this system is analyzed for various sizes of encryption blocks and error-correcting codes. >

Abstract: A cipher system is disclosed in which each character of a plaintext alphabet has associated with it a randomly distributed collection of integers of a given length. These collections of integers are secretly shared by a sender and receiver pair. The plaintext characters of a message are sequentially coded by randomly selecting representatives from the integer collections corresponding to the plaintex characters. To this sequence of concatenated integers, regarded as a single integer, is added a random integer of length equal to that of the coded-for-message integer stiring. This random integer is taken from a random digits shared by the sender and receiver. The indexing of the random integer in the digit string is transmitted as part of the cryptogram. The summed random integer plus the coding integer string is transmitted as the body of the cryptogram. To decrypt, the receiver subtracts the random integer from the transmitted integer, breaks up the remaining integer into the blocks numerically coding the plaintext characters and retrieves the plaintext characters of the message. Provision is made for further obscuring the cryptogram integer.

Abstract: This paper describes a method of proving that a prover (or a crypt-analyst) really knows a secret plaintext or a new code-breaking algorithm for a particular public-key cryptosystem, without revealing any information about the plaintext or algorithm itself. We propose a secure direct protocol which is more efficient than the conventional protocols. This protocol requires only two transmissions between a prover and a verifier. A general form of the secure direct protocol is shown. The explicit forms for the RSA cryptosystem and the discrete logarithm problem are also proposed.

Abstract: Several readers solved the HC-9 challenge ciphier and describe how they did it. Another challenge message using a different alphabet sheet and punched card, plus a less obvious key then used previously, is provided. Lengthy plaintext with matching ciphertext offers some help.

Abstract: PURPOSE: To improve the security of devices and the reliability of a transmission method by providing a transmitter with an encoder, a random code generator, etc., and a receiver with an decoder, etc., and also providing the transmitter and receiver with an address generator. CONSTITUTION: When a plaintext message 6 is inputted to inputs E1 and E2 of a transmitter 1, address generators 8 and 12 of the transmitter 1 and a receiver 3 respectively and random code generator 9 are triggered. Next, the identification of the message is performed by the generators 8 and 12, and the address of a corresponding identification code In is transmitted to portable objects 4 and 5. Intrinsic keys R1 and R2 are calculated by the objects 4 and 5 according to a prescribed expression (expression that decides the intrinsic key R as a function of secret code S, standard key E and the code In by a program P). By storing the same program P, the code S, the code In and a key E in the objects 4 and 5, the message 6 is transmitted and decoded through an encoder 7, an decoder 11, etc., and the security of this device and the reliability of a transmitting method can be improved.

Abstract: The D.E.S. cipher is naturally viewed as a composition of sixteen invertible transformations on 64-bit strings (where the transformations depend of the value of a 56-bit key). Each of the transformations has a special form and satisfies the particular property that each of its output bits is determined by a "small" number of its input bits. We investigate the computational power of block ciphers on n-bit strings that can be expressed as polynomial-length (with respect to n) compositions of invertible transformations that have a form similar to those of D.E.S. In particular, we require that the basic transformations have the property that each of their output bits depends on the value of a small number of their input bits (where "small" is somewhere in the range between O(1) and O(log n)). We present some sufficient conditions for ciphers of this type to be "pseudorandom function generators" and, thus, to yield private key cryptosystems that are secure against adaptive chosen plaintext attacks.