问题
I am currently working on an application and I am at the stage of encrypting the data. I thought of using Security through Obscurity via implementing my encryption algorithm. However, many articles that I have read had suggested that using custom cryptographic algorithm is usually weak and can be broken easily.
My question is: how an attacker may break a custom encryption algorithm even though he/she does not know anything about the algorithm?
回答1:
My question is: how an attacker may break a custom encryption algorithm even though he/she does not know anything about the algorithm?
He has the code for the algorithm. What else is there to know?
If you think you can keep an algorithm secret even from people who have the code, don't waste this on encryption where there is no need to keep the algorithm secret. Instead, publish anti-piracy software where keeping the algorithm secret is necessary. You'll make a ton of money on your unbreakable anti-piracy scheme.
Except almost every anti-piracy scheme that has ever existed that relies on someone not being able to understand code that they have in their possession has been broken. People have figured out the algorithm. Obscuring code's function is very, very hard to get right.
Say there's a flaw in your algorithm. Nobody will be able to analyze the algorithm and find the flaw unless they're a malicious actor who first goes through all the effort to reverse engineer the algorithm. So you make the work much harder for the good guys and the bad guys. But the bad guys have a stronger incentive, so you advantage the bad guys over the good guys in finding algorithmic flaws.
回答2:
During the past, say, 100 years, many clever people have been spending lots of time on developing encryption algorithms. Some of these have been proven to be relatively safe if the key is long enough. Experience has also shown that it is difficult to devolp such algorithms.
The proof that an algorithm is safe requires that it is open to the public (unless the developer is able to prove this himself, which is at least as challenging as developing the algorithm itself).
Considering this, it is very unlikely that your own algorithm will perform anywhere as good as these.
What an attacker will do: He will look for patterns in your encoded data. In the simplest case, these patterns will be certain bytes that occur more often than others, but there are much more sophisticated statistical methods. The patterns will provide hints for breaking the code. (I know this is a bit simplified, so for more information, just do a web search on cryptography or get one of the many books on this topic.)
回答3:
What is your custom encryption exactly? I mean, at a 10,000 foot overview.
- A substitution cipher
- A transposition cipher
- A compression algorithm
- A block cipher
- A stream cipher
- An iterated hash function XORed with the plaintext (a.k.a. a stream cipher)
- Some combination of all of the above.
The first three are trivially broken by modern computers. The next three are trivially broken by side-channels added to their implementation. (The last one requires more information.)
If your cryptosystem is so innovative that I can't think of a way to attack it, you should be able to publish the algorithm without any degradation of security. Otherwise, you're putting a lot of faith in peoples' inability to perform black-box testing.
Security through obscurity is bad precisely because it allows security failures to go unnoticed by defenders (but usually not by attackers). You might think, "But I use a one-time-pad!" to which I say, "How are you handling chosen-ciphertext attacks?"
Here's a helpful heuristic: Read this blog post about a stealth backdoor. Did you learn anything new? If so, your cryptosystem is probably broken.
来源:https://stackoverflow.com/questions/36655250/why-i-should-not-use-my-custom-encryption-algorithm