CipherSaber is a symmetric encryption system based on RC4 that is simple enough that novice programmers can memorize the algorithm implement it from scratch, yet supposedly strong. In CipherSaber each message begins with a random ten byte initialization vector (IV). This IV is appended to the CipherSaber key to form the input to the RC4 key setup algorithm. The IV is needed because RC4 is a stream cipher. The message, XORed with the RC4 keystream, immediately follows. A symmetric-key algorithm is an algorithm for cryptography that uses the same cryptographic key to encrypt and decrypt the message. ... For the Vietnam road named RC4, see Route Coloniale 4. ... In computing, a programmer is someone who does computer programming and develops computer software. ... This article refers to the unit of binary information. ... In cryptography, an initialization vector (IV) is a block of bits that is combined with the first block of data in any of several modes of a block cipher. ... In cryptography, a stream cipher is a cipher in which the input data are encrypted one bit (sometimes one byte) at a time. ...

The Fluhrer-Mantin-Shamir attack on RC4 has rendered the original CipherSaber system vulnerable if a large number (>1000) messages are sent with the same CipherSaber key. To address this, the CipherSaber designer has invented his own variant on RC4 in which the RC4 key setup loop is repeated multiple times (20 is recommended). In addition to agreeing a secret key, parties communicating with Ciphersaber-2 must agree on how many times to repeat this loop. Adi Shamir at the CRYPTO 2003 conference. ...

History

CipherSaber was invented by Arnold Reinhold to keep strong cryptography in the hands of the public. Many governments have implemented legal restrictions on who can use cryptography, and many more have proposed them. By publicizing details on a secure yet easy-to-program encryption algorithm, Reinhold hopes to keep encryption technology accessible to everyone.

Actual security

While CipherSaber protects against unsophisticated attacker, its security from both theoretical and practical point of view is not satisfactory.

CipherSaber is supposed to be used as a complete cryptographic protocol, as otherwise there would be little point in implementing the cipher on your own. That means no message authentication of any kind - MACs, hashes or any other means.

• As the algorithm is strictly symmetric, each pair of people need to exchange keys and protect them. It's much more difficult than one key per person in assymetric cryptography
• As it's a stream cipher without any message authentication, attacker can easily replace any known bytes with any other values. For example if the message is known to contain "ls -ld /" (Unix command for listing directory contents), attacker can replace it with "rm -rf /" (Unix command for removing a directory) by xoring with (30, 30, 0, 0, 30, 2, 0, 0)

RC-4 is not the strongest cipher, as for 2005 many of its weaknesses are known, in particular: In cryptography, a stream cipher is a cipher in which the input data are encrypted one bit (sometimes one byte) at a time. ...

• Key data is not used in highly optimal way, if the data is ASCII-only, only positions 32-127 in permutation will be mixed. As the key is supposed to be a passphrase, dictionary attack may be possible.
• CipherSabre relies on decent random number generator for IV, but most programming environments provide only very weak PRNGs. Using system's typically weak PRNG or imperfectly implementing own PRNG may seriousky reduce security.

There are 95 printable ASCII characters, numbered 32 to 126. ... A random number generator is a computational or physical device designed to generate a sequence of numbers that does not have any easily discernable pattern, so that the sequence can be treated as being random. ...

External links

• CipherSaber home page (http://ciphersaber.gurus.com)
• CipherSaber implementation list (http://www.xs4all.nl/~cg/ciphersaber/)