

Can someone break my weak home-brew encryption? - cool-RR
http://blog.ram.rachum.com/post/45762666705/can-someone-break-my-weak-home-brew-encryption

======
ColinWright
One single, lonely piece of ciphertext is probably perfectly safe. Home-brew
encryption becomes a problem when arbitrary plain-text can be enciphered. Then
you get differential analysis, and you risk exposing the algorithm.

This isn't worth anyone's time to play with, and I'm sure you'll end up with a
feeling that it's secure.

Deploy it, use it. Then details of the algorithm will leak, multiple cipher-
texts will be available, and that's when you'll have problems. Besides, if no
one except you uses it, it's probably secure enough. Letting someone else use
it means exposing the algorithm. Then you'll have trouble.

~~~
cool-RR
I will never use it for anything, if that wasn't obvious. It's just an
exercise.

~~~
kedean
It would be a better excercise if multiple ciphertexts from the same key were
posted, as well as some ciphertexts from different keys. That would simulate
real world interaction with the output of an encryption scheme.

------
Avenger42
For more backstory, this was originally posted as a question on Security.SE
(which, when looking at it now, has had the encrypted text removed):

[http://security.stackexchange.com/questions/32779/how-
would-...](http://security.stackexchange.com/questions/32779/how-would-one-
crack-a-weak-but-unknown-encryption-protocol)

------
hackii
kerkhoff principle; encryption should not rely on keeping an algorithm as
secret. a key can be changed, an algorithm not if it's widely in use

