EternityForest
Member
What if one was to, at every round feed the last ciphertext byte back into the prng so that a bit flip attack anywhere but the last byte would garbage up the whole stream? Perhaps just adding the last byte to j every round would work? Seems like a cheap way to combine auth+encryption. Is there some kind of weird math thing I dont get that would make this not work?
Any attempt at a bit flipping attack will propagate in some not-linear fashion unknown to the attacker.
Because Addition mod n as used here appears to preserve uniqueness, it cannot possibly reduce the entropy of j.
It seems as though this scheme should not compromise security or possibly might enhance it.
And, Bit Flipping would be either impossible or much harder.
What do you guys think?
Any attempt at a bit flipping attack will propagate in some not-linear fashion unknown to the attacker.
Because Addition mod n as used here appears to preserve uniqueness, it cannot possibly reduce the entropy of j.
It seems as though this scheme should not compromise security or possibly might enhance it.
And, Bit Flipping would be either impossible or much harder.
What do you guys think?
Last edited: