Message-ID:

We are Microsoft. Unix is irrelevant. Openness is futile. Prepare to be assimilated.

I do "read" the what's-the-difference code all the time, but I am not always careful about what I write (or say) using that code. I.e., I write and say things all the time that I have not checked with the WTD program. Sometimes I do use it, but sometimes I don't even check. I never deliberately lie or say inappropriate things in code at this time; I can't remember ever having done so.

I'm also not that big at all on the "first letter of every word in a sentence" code. I am much more inclined in general to look for cryptic communications in media sources than I am to use codes when I speak and write. I've done it sometimes though...I usually prefer direct communication when I converse and post on the internet.

As always, you may treat this as an "artsy post about mental health" if you find it absurd or weird.

On 6/16/2021 4:16 PM, DV wrote:
>
> I do "read" the what's-the-difference code all the time, but I am not always careful about what I write (or say) using that code. I.e., I write and say things all the time that I have not checked with the WTD program. Sometimes I do use it, but sometimes I don't even check. I never deliberately lie or say inappropriate things in code at this time; I can't remember ever having done so.
>
> I'm also not that big at all on the "first letter of every word in a sentence" code. I am much more inclined in general to look for cryptic communications in media sources than I am to use codes when I speak and write. I've done it sometimes though...I usually prefer direct communication when I converse and post on the internet.
>
> As always, you may treat this as an "artsy post about mental health" if you find it absurd or weird.
>

http://fractallife247.com/test/hmac_cipher/ver_0_0_0_1?ct_hmac_cipher=67f2b7396a76e2b8458913a2ef51bfac7df4b6013b96cea5b067f24484d6227724c5005722ccb0c7090cc01b1a3ff8e61fba631535173ca909030329d42a9d5422bc8fba319076b3b2f9fb26d0893df0a1ef2be4fd3f0f9165b08bf2ff613f806cde29a811c37ba7e459d33a7ee278bb5f445c7a3ea654b694d85d72909ee4a44115de5b042f39161d93b5ecb3bacc31c822ed4a815c673139c72168ed5a439354dada2f6f387688f58d4f7b10787dbfd879a0caf829ba7d7bcd295c726e3876b99868f537fbe3f243b2a6b533d2498d42b5e8e0c1edd6d29378031b45b4f8833e4a8df65ede

On Wednesday, June 16, 2021 at 8:46:17 PM UTC-4, Chris M. Thomasson wrote:
> On 6/16/2021 4:16 PM, DV wrote:
> >
> > I do "read" the what's-the-difference code all the time, but I am not always careful about what I write (or say) using that code. I.e., I write and say things all the time that I have not checked with the WTD program. Sometimes I do use it, but sometimes I don't even check. I never deliberately lie or say inappropriate things in code at this time; I can't remember ever having done so.
> >
> > I'm also not that big at all on the "first letter of every word in a sentence" code. I am much more inclined in general to look for cryptic communications in media sources than I am to use codes when I speak and write. I've done it sometimes though...I usually prefer direct communication when I converse and post on the internet.
> >
> > As always, you may treat this as an "artsy post about mental health" if you find it absurd or weird.
> >
> http://fractallife247.com/test/hmac_cipher/ver_0_0_0_1?ct_hmac_cipher=67f2b7396a76e2b8458913a2ef51bfac7df4b6013b96cea5b067f24484d6227724c5005722ccb0c7090cc01b1a3ff8e61fba631535173ca909030329d42a9d5422bc8fba319076b3b2f9fb26d0893df0a1ef2be4fd3f0f9165b08bf2ff613f806cde29a811c37ba7e459d33a7ee278bb5f445c7a3ea654b694d85d72909ee4a44115de5b042f39161d93b5ecb3bacc31c822ed4a815c673139c72168ed5a439354dada2f6f387688f58d4f7b10787dbfd879a0caf829ba7d7bcd295c726e3876b99868f537fbe3f243b2a6b533d2498d42b5e8e0c1edd6d29378031b45b4f8833e4a8df65ede

Although your website looks pretty innocuous on Yahoo cache, I am still not going to click the link.

What is on the website you linked to?

On 6/17/2021 3:03 AM, DV wrote:
> On Wednesday, June 16, 2021 at 8:46:17 PM UTC-4, Chris M. Thomasson wrote:
>> On 6/16/2021 4:16 PM, DV wrote:
>>>
>>> I do "read" the what's-the-difference code all the time, but I am not always careful about what I write (or say) using that code. I.e., I write and say things all the time that I have not checked with the WTD program. Sometimes I do use it, but sometimes I don't even check. I never deliberately lie or say inappropriate things in code at this time; I can't remember ever having done so.
>>>
>>> I'm also not that big at all on the "first letter of every word in a sentence" code. I am much more inclined in general to look for cryptic communications in media sources than I am to use codes when I speak and write. I've done it sometimes though...I usually prefer direct communication when I converse and post on the internet.
>>>
>>> As always, you may treat this as an "artsy post about mental health" if you find it absurd or weird.
>>>
>> http://fractallife247.com/test/hmac_cipher/ver_0_0_0_1?ct_hmac_cipher=67f2b7396a76e2b8458913a2ef51bfac7df4b6013b96cea5b067f24484d6227724c5005722ccb0c7090cc01b1a3ff8e61fba631535173ca909030329d42a9d5422bc8fba319076b3b2f9fb26d0893df0a1ef2be4fd3f0f9165b08bf2ff613f806cde29a811c37ba7e459d33a7ee278bb5f445c7a3ea654b694d85d72909ee4a44115de5b042f39161d93b5ecb3bacc31c822ed4a815c673139c72168ed5a439354dada2f6f387688f58d4f7b10787dbfd879a0caf829ba7d7bcd295c726e3876b99868f537fbe3f243b2a6b533d2498d42b5e8e0c1edd6d29378031b45b4f8833e4a8df65ede
>
> Although your website looks pretty innocuous on Yahoo cache, I am still not going to click the link.
>
> What is on the website you linked to?
>

It is my experimental HMAC Cipher, that I finally put up online. The
link contains the ciphertext in hexbytes that is able to be decrypted
into the original plaintext using the default key. It is not malicious.
Actually it saves one from having to manually copy-and-paste the
ciphertext into the correct textbox in the page, and click on the
decrypt button. Fwiw, you can read about some of it here:

http://funwithfractals.atspace.cc/ct_cipher

https://groups.google.com/g/sci.crypt/c/b1NEJCP_HVs/m/C9nYmuvwAgAJ

https://groups.google.com/g/sci.crypt/c/3SI9SOzEsqk/m/42dzpT2wAwAJ

I have it in some C and Python 3 code as well:

C https://pastebin.com/raw/feUnA3kP

Python 3 https://pastebin.com/raw/NAnsBJAZ

On Thursday, June 17, 2021 at 3:44:36 PM UTC-4, Chris M. Thomasson wrote:
> On 6/17/2021 3:03 AM, DV wrote:
> > On Wednesday, June 16, 2021 at 8:46:17 PM UTC-4, Chris M. Thomasson wrote:
> >> On 6/16/2021 4:16 PM, DV wrote:
> >>>
> >>> I do "read" the what's-the-difference code all the time, but I am not always careful about what I write (or say) using that code. I.e., I write and say things all the time that I have not checked with the WTD program. Sometimes I do use it, but sometimes I don't even check. I never deliberately lie or say inappropriate things in code at this time; I can't remember ever having done so.
> >>>
> >>> I'm also not that big at all on the "first letter of every word in a sentence" code. I am much more inclined in general to look for cryptic communications in media sources than I am to use codes when I speak and write. I've done it sometimes though...I usually prefer direct communication when I converse and post on the internet.
> >>>
> >>> As always, you may treat this as an "artsy post about mental health" if you find it absurd or weird.
> >>>
> >> http://fractallife247.com/test/hmac_cipher/ver_0_0_0_1?ct_hmac_cipher=67f2b7396a76e2b8458913a2ef51bfac7df4b6013b96cea5b067f24484d6227724c5005722ccb0c7090cc01b1a3ff8e61fba631535173ca909030329d42a9d5422bc8fba319076b3b2f9fb26d0893df0a1ef2be4fd3f0f9165b08bf2ff613f806cde29a811c37ba7e459d33a7ee278bb5f445c7a3ea654b694d85d72909ee4a44115de5b042f39161d93b5ecb3bacc31c822ed4a815c673139c72168ed5a439354dada2f6f387688f58d4f7b10787dbfd879a0caf829ba7d7bcd295c726e3876b99868f537fbe3f243b2a6b533d2498d42b5e8e0c1edd6d29378031b45b4f8833e4a8df65ede
> >
> > Although your website looks pretty innocuous on Yahoo cache, I am still not going to click the link.
> >
> > What is on the website you linked to?
> >
> It is my experimental HMAC Cipher, that I finally put up online. The
> link contains the ciphertext in hexbytes that is able to be decrypted
> into the original plaintext using the default key. It is not malicious.
> Actually it saves one from having to manually copy-and-paste the
> ciphertext into the correct textbox in the page, and click on the
> decrypt button. Fwiw, you can read about some of it here:
>
> http://funwithfractals.atspace.cc/ct_cipher
>
> https://groups.google.com/g/sci.crypt/c/b1NEJCP_HVs/m/C9nYmuvwAgAJ
>
> https://groups.google.com/g/sci.crypt/c/3SI9SOzEsqk/m/42dzpT2wAwAJ
>
> I have it in some C and Python 3 code as well:
>
> C https://pastebin.com/raw/feUnA3kP
>
> Python 3 https://pastebin.com/raw/NAnsBJAZ

I won't click any of the non-Google links you posted, but your project idea sounds neat. Crypto stuff is sometimes interesting.

Do you have any explanations of your HMAC cipher that aren't on non-well-known websites?

On 6/17/2021 2:12 PM, DV wrote:
> On Thursday, June 17, 2021 at 3:44:36 PM UTC-4, Chris M. Thomasson wrote:
>> On 6/17/2021 3:03 AM, DV wrote:
>>> On Wednesday, June 16, 2021 at 8:46:17 PM UTC-4, Chris M. Thomasson wrote:
>>>> On 6/16/2021 4:16 PM, DV wrote:
>>>>>
>>>>> I do "read" the what's-the-difference code all the time, but I am not always careful about what I write (or say) using that code. I.e., I write and say things all the time that I have not checked with the WTD program. Sometimes I do use it, but sometimes I don't even check. I never deliberately lie or say inappropriate things in code at this time; I can't remember ever having done so.
>>>>>
>>>>> I'm also not that big at all on the "first letter of every word in a sentence" code. I am much more inclined in general to look for cryptic communications in media sources than I am to use codes when I speak and write. I've done it sometimes though...I usually prefer direct communication when I converse and post on the internet.
>>>>>
>>>>> As always, you may treat this as an "artsy post about mental health" if you find it absurd or weird.
>>>>>
>>>> http://fractallife247.com/test/hmac_cipher/ver_0_0_0_1?ct_hmac_cipher=67f2b7396a76e2b8458913a2ef51bfac7df4b6013b96cea5b067f24484d6227724c5005722ccb0c7090cc01b1a3ff8e61fba631535173ca909030329d42a9d5422bc8fba319076b3b2f9fb26d0893df0a1ef2be4fd3f0f9165b08bf2ff613f806cde29a811c37ba7e459d33a7ee278bb5f445c7a3ea654b694d85d72909ee4a44115de5b042f39161d93b5ecb3bacc31c822ed4a815c673139c72168ed5a439354dada2f6f387688f58d4f7b10787dbfd879a0caf829ba7d7bcd295c726e3876b99868f537fbe3f243b2a6b533d2498d42b5e8e0c1edd6d29378031b45b4f8833e4a8df65ede
>>>
>>> Although your website looks pretty innocuous on Yahoo cache, I am still not going to click the link.
>>>
>>> What is on the website you linked to?
>>>
>> It is my experimental HMAC Cipher, that I finally put up online. The
>> link contains the ciphertext in hexbytes that is able to be decrypted
>> into the original plaintext using the default key. It is not malicious.
>> Actually it saves one from having to manually copy-and-paste the
>> ciphertext into the correct textbox in the page, and click on the
>> decrypt button. Fwiw, you can read about some of it here:
>>
>> http://funwithfractals.atspace.cc/ct_cipher
>>
>> https://groups.google.com/g/sci.crypt/c/b1NEJCP_HVs/m/C9nYmuvwAgAJ
>>
>> https://groups.google.com/g/sci.crypt/c/3SI9SOzEsqk/m/42dzpT2wAwAJ
>>
>> I have it in some C and Python 3 code as well:
>>
>> C https://pastebin.com/raw/feUnA3kP
>>
>> Python 3 https://pastebin.com/raw/NAnsBJAZ
>
> I won't click any of the non-Google links you posted, but your project idea sounds neat. Crypto stuff is sometimes interesting.
>
> Do you have any explanations of your HMAC cipher that aren't on non-well-known websites?
>

I posted a lot about it over on sci.crypt. I am around a 1/4 way through
a paper that can be found here: http://funwithfractals.atspace.cc/ct_cipher/

Here is the text from my crude in progress paper. I found a damn typo,
familar should be familiar! damn it.
__________________________________
Experimental HMAC Cipher
By: Chris M. Thomasson
Pre-Alpha Version (0.0.0)

Prerequisites
This document assumes the reader is familar with how HMAC
(https://en.wikipedia.org/wiki/HMAC) works.

Now, keep in mind that my algorithm relies on a quirky implementation
detail that does not alter the internal state when we take a digest. In
other words, my code needs the ability to take a digest without
destroying its internal state: This is not a traditional HMAC!

In order to get my algorithm working, an HMAC can copy its internal
state, then perform the digest operation on said copy. So, to clear
up... Taking a digest should not mutate the state of the HMAC. This is
how the quirky Python HMAC implementation works, and unfortunately my
algorithm uses that.

1. Introduction
The cipher uses propagation of HMAC digest bytes to achieve a radical
diffusion of a plaintext within its ciphertext, and vise versa. It has
the following basic properties:

1: Every encryption of the same plaintext creates a radically different
ciphertext.

2: If a single bit of a ciphertext is altered, it decrypts into a
radically different plaintext.

2. The Secret Key
Both properties of my cipher rely on a good cryptographic hash function.
HMAC is an abstract layer on top of a hash algorithm that allows for a
secret key. Let us refer to this HMAC key as SK.hmac_key from now on. We
also need to allow Alice and Bob to choose a hash to use with HMAC. Let
us refer to this as SK.hash_algo. The size of HMAC's digest in bytes is
based on the digest size of SK.hash_algo. For example, SHA-256 has
32-byte digests.

Another aspect involves prepending random bytes from a TRNG to the front
of a plaintext. Let us refer to the number of these random bytes as
SK.rand_n. Okay, the secret key SK used by Alice and Bob is comprised of:
_________________________________
SK.hmac_key = Key for HMAC.
SK.hash_algo = The Hash Algorithm.
SK.rand_n = The Number of TRNG bytes.
_________________________________
SK.hmac_key must be a cryptographically secure password, e.g. comprised
of 1024 bytes from a TRNG.

SK.hash_algo must be a cryptographically secure hash, e.g. SHA-384.

SK.rand_n must be equal to, or ideally larger than the digest size of
SK.hash_algo.

3. Pseudo-Code
Brief Description of the pseudo-code...

3.1 The CRYPT_ROUND Function
The CRYPT_ROUND function encrypts or decrypts a plaintext P. It takes
two parameters P and M, where M is the mode of operation. It returns its
final result as C which is either the decrypted or encrypted bytes wrt
the value of M. In the pseudo-code for the CRYPT function:

P = The plaintext or ciphertext bytes.
M = ENCRYPT means encrypt P; DECRYPT means decrypt P.
C = The return value based on M.

C = CRYPT_ROUND(P, M):
_________________________________
1: Create an HMAC session H using SK.hmac_key for its key, and
SK.hash_algo for its underlying hash algorithm.

2: Update H with the bytes of SK.hmac_key in reverse order.

3: Iterate through all the bytes in P:

Set I_P is used as an index for P, set it to zero.

WHILE (I_P is less than the size in bytes of P)
{ 3.1: Obtain a raw hash digest D from H.

3.2: Iterate through all the bytes in D.

Set I_D is used as an index for D, set it to zero.

WHILE (I_P is less than the size in bytes of P AND I_D is less than the
size in bytes of D)
{ 3.2.1: Set the byte C[I_P] to P[I_P] xor'ed with D[I_D].

3.2.2: Follow the mode M, encrypt or decrypt:

IF (M is equal to ENCRYPT)
{ 3.2.2.1: Update H using the byte P[I_P].

3.2.2.2: Update H using the byte C[I_P].

}

ELSE
{ 3.2.2.3: Update H using the byte C[I_P].

3.2.2.4: Update H using the byte P[I_P].

}
3.2.3: Increment I_D by one.

3.2.4: Increment I_P by one.

}
} 4. Return C to the caller.

_________________________________

3.2 The CRYPT Function
The CRYPT function encrypts or decrypts a plaintext P. It takes two
parameters P and M, where M is the mode of operation. It returns its
final result as C which is either the decrypted or encrypted bytes wrt
the value of M. In the pseudo-code for the CRYPT function:

P = The plaintext or ciphertext bytes.
M = ENCRYPT means encrypt P; DECRYPT means decrypt P.
C = The return value based on M.

C = CRYPT(P, M):
_________________________________
1: If the mode M is for encryption:

IF (M is equal to ENCRYPT)
{ 1.1: Create SK.rand_n number of bytes R from a TRNG.

1.2: Prepend R to P.

}
2: Call CRYPT_ROUND(P, M) using P as the first parameter and M as the
second parameter, and set its result to C.

3: Set C_1 to the bytes of C in reverse order.

4: Call CRYPT_ROUND(C_1, M) using C_1 as the first parameter and M as
the second parameter, and set its result to C.

5: If the mode M is for decryption:

IF (M is equal to DECRYPT)
{ 5.1: Remove SK.rand_n number of bytes from the front of C making it
SK.rand_n bytes smaller.
} 6: Return C to the caller.

_________________________________

4. Description
A description of the pseudo-code in section 3 on a step-by-step basis.

4.1 The CRYPT_ROUND Function
Steps CRYPT_ROUND.(1 and 2) Create a normal HMAC session called H using
SK.hmac_key as its secret key _AND_ make it use SK.hash_algo as the
underlying HMAC hash algorithm. Update H with the bytes of SK.hmac_key
in reverse order. SK.hmac_key should be a crypto secure key, preferably
larger than 1024 bytes of data generated from a TRNG. SK.hash_algo needs
to be a crypto secure hash algorithm, perhaps SHA-384 with its 48-byte
digests. Keep in mind that SK.rand_n needs to be at least as large as 48
bytes in this case of the digest size reaped from SHA-384. SK.rand_n
needs to be equal to, or preferably larger than the digest size of
SK.hash_algo. Therefore, I recommend using a larger SK.rand_n, perhaps
something like 79 in this case. These two steps create our HMAC
"starting place" for either encryption or decryption depending on the
mode M.

Click here to read the complete article

Here is my crude C code in the following link
https://pastebin.com/raw/feUnA3kP:
____________________________________________

/*
Chris M. Thomasson 6/4/2018
Experimental HMAC Cipher
C version with hardcoded secret key

Using the following HMAC lib:

https://github.com/ogay/hmac

Here is some info on my cipher:

http://funwithfractals.atspace.cc/ct_cipher
________________________________________________________*/

#include <stdio.h>
#include <stdlib.h>
#include <assert.h>
#include <string.h>
#include <time.h>
#include "hmac_sha2.h"

#define HMAC_SZ 32

// Uncomment PYTHON_TEST_VECTOR to sync with the Python 3 test vector
// Python code: https://pastebin.com/raw/NAnsBJAZ
// plaintext 9 bytes at: "Plaintext"
// ciphertext bytes:
//
723f811f5eb43df4e0dd50cc2016ff8f14f53137143135f31c99eb0030da44cbc6ace1d9be236858de

//#define PYTHON_TEST_VECTOR

struct ct_secret_key
{ unsigned char* hmac_key;
size_t hmac_key_sz;
char* hmac_algo;
size_t rand_n;
};

struct ct_buf
{ unsigned char* p;
size_t sz;
};

void ct_hex_printf(
FILE* fout,
unsigned char* buf,
size_t buf_sz
) {
for (size_t i = 0; i < buf_sz; i++)
{
fprintf(fout, "%02x", buf[i]);
}
}

unsigned char*
ct_reverse(
unsigned char* P,
size_t P_sz
) {
for (size_t i = 0; i < P_sz / 2; ++i)
{
size_t r = P_sz - i - 1;
unsigned char t = P[i];
P[i] = P[r];
P[r] = t;
}

return P;
}

size_t
ct_file_get_size(
FILE* file
) {
size_t file_sz = 0;
for (file_sz = 0; fgetc(file) != EOF; ++file_sz);
rewind(file);
return file_sz;
}

// return value ct_buf.p needs to be freed!
struct ct_buf
ct_file_copy(
FILE* file
) {
size_t file_sz = ct_file_get_size(file);
struct ct_buf buf = { calloc(1, file_sz), file_sz };
assert(buf.p);

if (buf.p)
{
for (size_t i = 0; i < file_sz; ++i)
{
int byte = fgetc(file);
assert(byte != EOF);
buf.p[i] = byte;
}
}

return buf;
}

// return value ct_buf.p needs to be freed!
struct ct_buf
ct_prepend_from_file(
struct ct_secret_key const* const SK,
const char* fname
) {
FILE* file = fopen(fname, "rb");
assert(file);

size_t file_sz = ct_file_get_size(file) + SK->rand_n;

struct ct_buf buf = { calloc(1, file_sz), file_sz };

if (buf.p)
{
// Prepend the random bytes.
// These should be drawn from a TRNG!!!

srand((unsigned int)time(NULL));

#if defined (PYTHON_TEST_VECTOR)
for (size_t i = 0; i < SK->rand_n; ++i)
{
buf.p[i] = (unsigned char)i;
}
#else
for (size_t i = 0; i < SK->rand_n; ++i)
{
buf.p[i] = rand() % 256;
}
#endif

// Append the original plaintext
for (size_t i = SK->rand_n; i < file_sz; ++i)
{
int byte = fgetc(file);
assert(byte != EOF);
buf.p[i] = byte;
}
}

fclose(file);

return buf;
}

struct ct_buf
ct_load_from_file(
const char* fname
) {
FILE* file = fopen(fname, "rb");
assert(file);

size_t file_sz = ct_file_get_size(file);

struct ct_buf buf = { calloc(1, file_sz), file_sz };

if (buf.p)
{
// Append the original plaintext
for (size_t i = 0; i < file_sz; ++i)
{
int byte = fgetc(file);
assert(byte != EOF);
buf.p[i] = byte;
}
}

fclose(file);

return buf;
}

void ct_hmac_sha256_digest(
hmac_sha256_ctx* ctx,
unsigned char* digest
) {
hmac_sha256_ctx ctx_copy = *ctx;
hmac_sha256_final(&ctx_copy, digest, HMAC_SZ);
}

unsigned char*
ct_crypt_round(
struct ct_secret_key* SK,
unsigned char* P,
size_t P_sz,
int M
) {
hmac_sha256_ctx H;

hmac_sha256_init(&H, SK->hmac_key, SK->hmac_key_sz);
ct_reverse(SK->hmac_key, SK->hmac_key_sz);
hmac_sha256_update(&H, SK->hmac_key, SK->hmac_key_sz);
ct_reverse(SK->hmac_key, SK->hmac_key_sz);

unsigned char D[256] = { 0 };

size_t P_I = 0;

unsigned long di = 0;

while (P_I < P_sz)
{
ct_hmac_sha256_digest(&H, D);

printf("\nD[%lu]:", di);
ct_hex_printf(stdout, D, HMAC_SZ);
printf("\n");

size_t D_I = 0;
++di;

while (P_I < P_sz && D_I < HMAC_SZ)
{
unsigned char P_byte = P[P_I];
unsigned char C_byte = P_byte ^ D[D_I];
P[P_I] = C_byte;

if (M == 0)
{
unsigned char update[2] = {
P_byte, C_byte
};

hmac_sha256_update(&H, update, 2);
}

else
{
unsigned char update[2] = {
C_byte, P_byte
};

hmac_sha256_update(&H, update, 2);
}

++P_I;
++D_I;
}
}

return P;
}

unsigned char*
ct_crypt(
struct ct_secret_key* SK,
unsigned char* P,
size_t P_sz,
int M
) {
printf("Crypt Round 0:\n________________________\n");
unsigned char* C = ct_crypt_round(SK, P, P_sz, M);
unsigned char* C_1 = ct_reverse(C, P_sz);
printf("\n\nCrypt Round 1:\n________________________\n");
C = ct_crypt_round(SK, C_1, P_sz, M);
return C;
}

Click here to read the complete article

Here is my Python 3 test vector code for my C version
https://pastebin.com/raw/NAnsBJAZ:

_______________________________________________

# Chris M. Thomasson Copyright 2018 (c)
# Experimental HMAC Cipher
# Test Vector For C program at
# https://pastebin.com/raw/feUnA3kP
#____________________________________________________________

# Our external libs
#____________________________________________________________
import random;
import hashlib;
import hmac;

# Some Utilities
#____________________________________________________________
def ct_bytes_to_hex(origin, offset):
hex = "";
n = len(origin);
t = "0123456789ABCDEF";
for i in range(offset, n):
c = ord(origin[i]);
nibl = c & 0x0F;
nibh = (c & 0xF0) >> 4;
hex = hex + t[nibh];
hex = hex + t[nibl];
hex = hex + " ";
if (not ((i + 1) % 16) and i != n - 1):
hex = hex + "\r\n";
return hex;

# Generate n random bytes
# These need should ideally be from a truly random, non-repeatable
# source. TRNG!
def ct_rand_bytes(n):
rb = "";
for i in range(n):
#rb = rb + chr(random.randint(0, 255));
# HACK to get the same numbers
rb = rb + chr(i);
return rb;

# The Secret Key
# Contains all the parts of the secret key
#____________________________________________________________
class ct_secret_key:
def __init__(self, hmac_key, hash_algo, rand_n):
self.hmac_key = hmac_key;
self.hash_algo = hash_algo;
self.rand_n = rand_n;

def __repr__(self):
return "hmac_key:%s\nhash_algo:%s\nrand_n:%s" %
(ct_bytes_to_hex(self.hmac_key, 0), self.hash_algo, self.rand_n);

def __str__(self): return self.__repr__();

# The Ciphertext or Plaintext
# It holds the bytes of a ciphertext or a plaintext
#____________________________________________________________
class ct_bin:
def __init__(self, ctxt):
self.bytes = ctxt;
def __repr__(self):
return "%s" % (ct_bytes_to_hex(self.bytes, 0));

def __str__(self): return self.__repr__();

# The Crypt Round Function
#____________________________________________________________
def ct_crypt_round(SK, P, M):
H = hmac.new(SK.hmac_key.encode(), None, SK.hash_algo);
H.update(SK.hmac_key[::-1].encode());
C = "";
I_P = 0;
I_P_N = len(P.bytes);

while (I_P < I_P_N):
D = H.digest();
print("D:%s" % (H.hexdigest()));
I_D = 0;
I_D_N = len(D);
while (I_P < I_P_N and I_D < len(D)):
P_byte = ord(P.bytes[I_P]);
C_I_P = P_byte ^ D[I_D];
C = C + chr(C_I_P);
if (M == False):
U = bytearray([P_byte, C_I_P]);
H.update(U);
else:
U = bytearray([C_I_P, P_byte]);
H.update(U);
I_P = I_P + 1;
I_D = I_D + 1;
return ct_bin(C);

# The Crypt Function
#____________________________________________________________
def ct_crypt(SK, P, M):
if (M == False):
R = ct_rand_bytes(SK.rand_n);
P.bytes = R + P.bytes;
C = ct_crypt_round(SK, P, M);
C_1 = ct_bin(C.bytes[::-1]);
C = ct_crypt_round(SK, C_1, M);
if (M == True):
size = len(C.bytes) - SK.rand_n;
C.bytes = C.bytes[SK.rand_n : SK.rand_n + size];
return C;

# The Main Program
#____________________________________________________________

# Alice and Bob's Secret Key
#____________________
SK = ct_secret_key(
"Password",
hashlib.sha256, # The hash function. It should be a crypto secure hash.
32 # The number of bytes. The should be generated by a TRNG
);
print("%s" % (SK));

# Alice's Plaintext
#____________________
Original_Plaintext = "Plaintext";
A_P = ct_bin(Original_Plaintext);
print(
"\n\nAlice's Plaintext Bytes:"
"\n____________________\n%s\n" % (A_P)
);

# Encrypt
#____________________
C = ct_crypt(SK, A_P, False);
print(
"\n\nCiphertext Bytes:"
"\n____________________\n%s\n" % (C)
);

# Decrypt
#____________________
B_P = ct_crypt(SK, C, True);
print(
"\n\nBob's Ciphertext Bytes:"
"\n____________________\n%s\n" % (B_P)
);

if (B_P.bytes != Original_Plaintext):
print("DATA CORRUPTED!");

_______________________________________________

My JavaScript code for my online JavaScript can be found on the page:

http://fractallife247.com/test/hmac_cipher/ver_0_0_0_1/ct_main.js

It uses the following HMAC lib:

http://fractallife247.com/test/hmac_cipher/ver_0_0_0_1/hashes.js

My JavaScript is:
__________________________________________________

// Chris M. Thomassons Experimental HMAC Cipher
// Version 0.0.0.1
// Using the following HMAC library:
// https://github.com/h2non/jshashes
//___________________________________________________

"use strict";

// My Ciphers required HMAC Support
// Quick and Dirty! ;^o
// consistent API, digest and update
//___________________________________________________
function ct_hmac(key, hash) {
this.m_key = key;
this.m_data = "";
this.m_hash = hash;
this.m_hash.setUTF8(false);
}

ct_hmac.prototype.clear = function (data) {
this.m_data = "";
};

ct_hmac.prototype.update = function (data) {
this.m_data += data;
};

ct_hmac.prototype.digest = function () {
return this.m_hash.hex_hmac(this.m_key, this.m_data);
};

// Utilities
//___________________________________________________
function ct_hexbytes_to_string(origin, offset) {
var pstring = "";
var lookup = "0123456789abcdef";
var imax = origin.length;

for (var i = offset + 1; i < imax; ++i) {
var high_nibble = lookup.indexOf(origin[i - 1]);
var low_nibble = lookup.indexOf(origin[i]);

if (high_nibble > -1 && low_nibble > -1) {
var c = high_nibble * 16 + low_nibble;
pstring = pstring + String.fromCharCode(c);
++i;
}
}

return pstring;
}

function ct_string_to_hexbytes(origin, offset) {
var hexbytes = "";
var lookup = "0123456789abcdef";
var imax = origin.length;

for (var i = offset; i < imax; i++) {
var c = origin.charCodeAt(i);

if (c > 255) {
alert("CHAR RANGE ERROR: " + c);
return null;
}

var low_nibble = c & 0x0F;
var high_nibble = (c & 0xF0) >> 4;

hexbytes = hexbytes + lookup[high_nibble];
hexbytes = hexbytes + lookup[low_nibble];
}

return hexbytes;
}

function ct_string_to_codes(origin) {
var output = new Array();

for (var i = 0; i < origin.length; ++i) {
output.push(origin.charCodeAt(i));
}

return output;
}

function ct_codes_to_string(origin) {
var output = "";

for (var i = 0; i < origin.length; ++i) {
output += String.fromCharCode(origin[i]);
}

return output;
}

function ct_string_reverse(s) {
return Array.from(s).reverse().join("");
}

function ct_rand_bytes(n) {
var output = new Array();

for (var i = 0; i < n; ++i) {
var byte = Math.floor(Math.random() * 255);
output.push(byte);
}

return output;
}

// My HMAC Cipher's Secret Key
//___________________________________________________
function ct_hmac_cipher_skey(rand_n, hmac) {
this.m_rand_n = rand_n;
this.m_hmac = hmac;
}

function ct_hmac_cipher_skey_get_hash_algo() {
var hmac_algo =
ct_gui_parse_radio_checked("g_ct_html_input_key_hmac", "SHA256");

if (hmac_algo == "SHA256") {
return new Hashes.SHA256;
}

return new Hashes.SHA512;
}

// My HMAC Cipher
//___________________________________________________
function ct_hmac_cipher(skey) {
this.m_skey = skey;
}

ct_hmac_cipher.prototype.crypt_round = function (P, M) {
var H = this.m_skey.m_hmac;
H.clear();
H.update(ct_string_reverse(H.m_key));

var C = new Array();

var digest_n = 0;
var digest_output = "";

var I_P = 0;
var I_P_N = P.length;

while (I_P < I_P_N) {
var digest_hex = H.digest();
var digest_string = ct_hexbytes_to_string(digest_hex, 0);
var D = ct_string_to_codes(digest_string);

digest_output += "[" + digest_n + "]:" + digest_hex + "\n";
++digest_n;

var I_D = 0;

while (I_P < I_P_N && I_D < D.length) {
var P_byte = P[I_P];
var C_I_P = P_byte ^ D[I_D];

C.push(C_I_P);

if (M == false) {
var U = ct_codes_to_string([P_byte, C_I_P]);
H.update(U);
} else {
var U = ct_codes_to_string([C_I_P, P_byte]);
H.update(U);
}

I_P = I_P + 1;
I_D = I_D + 1;
}
}

ct_gui_parse_append_element_to_string("g_ct_html_input_digests",
digest_output);

return C;
};

ct_hmac_cipher.prototype.crypt = function (data, M) {
var P = ct_string_to_codes(data);

if (M == false) {
var R = ct_rand_bytes(this.m_skey.m_rand_n);
P = R.concat(P);
}

ct_gui_parse_append_element_to_string("g_ct_html_input_digests",
"Round 0...\n");
var C = this.crypt_round(P, M);
C.reverse();
ct_gui_parse_append_element_to_string("g_ct_html_input_digests",
"Round 1...\n");
C = this.crypt_round(C, M);

if (M == true) {
C.splice(0, this.m_skey.m_rand_n);
}

return C;
};

function ct_hmac_cipher_create() {
var key = ct_gui_parse_string_from_element("g_ct_html_input_key",
"Password");
var rand_n =
ct_gui_parse_int_from_element("g_ct_html_input_key_rand_n", 64);
var cipher_hash = ct_hmac_cipher_skey_get_hash_algo();
var cipher_skey = new ct_hmac_cipher_skey(rand_n, new ct_hmac(key,
cipher_hash));
var cipher = new ct_hmac_cipher(cipher_skey);

Click here to read the complete article

Subject	Author
note on codes...	DV
note on codes...	Chris M. Thomasson
note on codes...	DV
note on codes...	Chris M. Thomasson
note on codes...	DV
note on codes...	Chris M. Thomasson
note on codes...	Chris M. Thomasson
note on codes...	Chris M. Thomasson
note on codes...	Chris M. Thomasson

We are Microsoft. Unix is irrelevant. Openness is futile. Prepare to be assimilated.

devel / comp.theory / note on codes...

devel / comp.theory / note on codes...