Off the top of my head: given standard assumptions about what is considered a valid attack, there’s an attack that takes time on the order of the square root of the size of the keyspace.
NB if I don’t try to break your proposal, don’t think it’s secure—cryptanalysis is generally time-consuming work.
Clue: this attach has nothing to do with the fact that you used pi; it would work on any cipher that says “the key is the index into this infinite stream”. The attack is here though I encourage you to try to work it out for yourself first.
NB 2: do NOT fix your design and present it again. That would be COMPLETELY THE WRONG LESSON to draw. See Memo to the Amateur Cipher Designer.
I didn’t really expect it to work; I just wanted to try this because Wei Dai said that it might teach me something. I fully realized that my surprise at its failure was not a rational emotion, I just felt that it was important to acknowledge this surprise in order to help my emotions better reflect my rational thought in the future. That article was interesting though (the memo, not the attack; I haven’t read that yet).
That’s fine :-) it’s just that having spotted an attack and dashed off a comment, I get nervous that someone will draw the wrong inference if I don’t cryptanalyze a proposal. Thanks for setting my mind at rest!
Off the top of my head: given standard assumptions about what is considered a valid attack, there’s an attack that takes time on the order of the square root of the size of the keyspace.
NB if I don’t try to break your proposal, don’t think it’s secure—cryptanalysis is generally time-consuming work.
Wei Dai was right; I do feel surprised. Can you give me some more details on how this would be done?
Clue: this attach has nothing to do with the fact that you used pi; it would work on any cipher that says “the key is the index into this infinite stream”. The attack is here though I encourage you to try to work it out for yourself first.
NB 2: do NOT fix your design and present it again. That would be COMPLETELY THE WRONG LESSON to draw. See Memo to the Amateur Cipher Designer.
I didn’t really expect it to work; I just wanted to try this because Wei Dai said that it might teach me something. I fully realized that my surprise at its failure was not a rational emotion, I just felt that it was important to acknowledge this surprise in order to help my emotions better reflect my rational thought in the future. That article was interesting though (the memo, not the attack; I haven’t read that yet).
That’s fine :-) it’s just that having spotted an attack and dashed off a comment, I get nervous that someone will draw the wrong inference if I don’t cryptanalyze a proposal. Thanks for setting my mind at rest!