Don't know why, but none of this showed up for me (maybe a TB thing).

On 26/02/2024 15:32, Chax Plore wrote:

Hello everyone,

I recommend to your attention this cipher: MARC.

This is another attempt to make RC4-like cipher, but without weaknesses.

"MARC: modified ARC4", Jianliang Zheng, Jie Li.

Conference: Proceedings of the 5th international conference on
Foundations and Practice of Security.

DOI:10.1007/978-3-642-37119-6_3

I also want to confirm my test vectors of MARC, which I calculated using
my own implementation - I will be grateful if someone checks my vectors
(the paper provided no vectors):

Key: 0123456789abcdef
Output:
BC53AC89 A1089065 F84DF6BD 516E03E8 E9EEF975 FBC9DF22 85FD2E60 4F614CF0 295F4D9F 414898F9 2BBF3B1C 556C6324 B4F92008 9C3CE19B FDA0CDA1 B0517EFB 0BE1409E 2722EF46 D087933C 9EF6C8E3 FBA9993A 5D4485AF 85425AA1 6D0879A3 D0BD42F3 2D461198 3E9FE061 9C1449FC 2E988CC5 C07852BE 96EB2D4B 9D817046

Key: 0123456789abcdeffedcba9876543210
Output:
0855EA59 C1163612 8D42E3F9 C451F325 249AA1E3 578C9CDF DE25BFAF 2720F3AF CCA79DDE 86D63151 6536E2FE BB12C542 F7F83BAC 32DF4558 5FCB5D02 21CE901A 648D9E70 9EB8018A 0D861839 80F5402D 3051DF13 DD9829A2 1B1E27B2 76636B21 66EF842C 20624046 6E3C81C6 878C1ACD B797F70A 6AA989AE 78DE85F4 28071799

Key: 00000000000000000000000000000000
Output:
029AA08D 74643F19 7E7D3AC5 4CD142AF 1567755F A8AA13D3 87E0DFE0 FC9A6DEE F56D657A B1F84CD8 E95DD274 4E0D8E04 F9F5CB25 8A3F237F A5C54A8C 1612E298 B6A34320 49D6EBDB 2066B095 D89E9E00 2A8C87E6 2D612582 409BBC23 01006E0B 3B0FAB39 869623C1 25A35293 AD05BF07 1AC69598 0797FCC3 BB056DF2 B4C9F44E

Key: 7438b9ca16be14b950b3978c7f3e540351da8a4a6e930cd3ece7f08dc2ec1ba2 {
= SHA256('MARC') }
Output:
BCD29139 57D3E0D9 6D473183 64ED0C47 8BA1AC44 2A361B1C 453B03A7 CE0F1987 288D01E7 6623A67E 99FE90EF 2C1A24DA EC6C5421 A1133710 4A2D10AE BB33A931 5DB0BB8A 02FC63CB 2978CB9D 43412D9A F889D26B B0A90857 4A6F27F6 1584CE91 208159BE 6CDBFF4E 8B302057 540DDFA6 A7307BB5 45DA87AF 923F2DFE 6D5A5C4B

Regards,
Chax Plore

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Hello everyone,

I recommend to your attention this cipher: MARC.

This is another attempt to make RC4-like cipher, but without weaknesses.

"MARC: modified ARC4", Jianliang Zheng, Jie Li.

Conference: Proceedings of the 5th international conference on
Foundations and Practice of Security.

DOI:10.1007/978-3-642-37119-6_3

I also want to confirm my test vectors of MARC, which I calculated using
my own implementation - I will be grateful if someone checks my vectors
(the paper provided no vectors):


Key: 0123456789abcdef
Output:
BC53AC89 A1089065 F84DF6BD 516E03E8 E9EEF975 FBC9DF22 85FD2E60 4F614CF0 295F4D9F 414898F9 2BBF3B1C 556C6324 B4F92008 9C3CE19B FDA0CDA1 B0517EFB 0BE1409E 2722EF46 D087933C 9EF6C8E3 FBA9993A 5D4485AF 85425AA1 6D0879A3 D0BD42F3 2D461198 3E9FE061 9C1449FC 2E988CC5 C07852BE 96EB2D4B 9D817046


Key: 0123456789abcdeffedcba9876543210
Output:
0855EA59 C1163612 8D42E3F9 C451F325 249AA1E3 578C9CDF DE25BFAF 2720F3AF CCA79DDE 86D63151 6536E2FE BB12C542 F7F83BAC 32DF4558 5FCB5D02 21CE901A 648D9E70 9EB8018A 0D861839 80F5402D 3051DF13 DD9829A2 1B1E27B2 76636B21 66EF842C 20624046 6E3C81C6 878C1ACD B797F70A 6AA989AE 78DE85F4 28071799


Key: 00000000000000000000000000000000
Output:
029AA08D 74643F19 7E7D3AC5 4CD142AF 1567755F A8AA13D3 87E0DFE0 FC9A6DEE F56D657A B1F84CD8 E95DD274 4E0D8E04 F9F5CB25 8A3F237F A5C54A8C 1612E298 B6A34320 49D6EBDB 2066B095 D89E9E00 2A8C87E6 2D612582 409BBC23 01006E0B 3B0FAB39 869623C1 25A35293 AD05BF07 1AC69598 0797FCC3 BB056DF2 B4C9F44E


Key: 7438b9ca16be14b950b3978c7f3e540351da8a4a6e930cd3ece7f08dc2ec1ba2 {
= SHA256('MARC') }
Output:
BCD29139 57D3E0D9 6D473183 64ED0C47 8BA1AC44 2A361B1C 453B03A7 CE0F1987 288D01E7 6623A67E 99FE90EF 2C1A24DA EC6C5421 A1133710 4A2D10AE BB33A931 5DB0BB8A 02FC63CB 2978CB9D 43412D9A F889D26B B0A90857 4A6F27F6 1584CE91 208159BE 6CDBFF4E 8B302057 540DDFA6 A7307BB5 45DA87AF 923F2DFE 6D5A5C4B


Regards,
Chax Plore
--

-----BEGIN PGP PUBLIC KEY FINGERPRINT-----
5745 807C 2B82 14D8 AB06 422C 8876 5DFC 2A51 778C
------END PGP PUBLIC KEY FINGERPRINT------

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Mon, 26 Feb 2024 16:32:26 +0100, Chax Plore wrote:

Hello everyone,

I recommend to your attention this cipher: MARC.

This is another attempt to make RC4-like cipher, but without weaknesses.

"MARC: modified ARC4", Jianliang Zheng, Jie Li.

Conference: Proceedings of the 5th international conference on
Foundations and Practice of Security.

DOI:10.1007/978-3-642-37119-6_3

I also want to confirm my test vectors of MARC, which I calculated using
my own implementation - I will be grateful if someone checks my vectors
(the paper provided no vectors):

With the hex key 0123456789abcdef, I get the following output from my implementation.

bc53ac89 a1089065 f84df6bd 516e03e8 e9eef975
fbc9df22 85fd2e60 4f614cf0 295f4d9f 414898f9
2bbf3b1c 556c6324 b4f92008 9c3ce19b fda0cda1
b0517efb 0be1409e 2722ef46 d087933c 9ef6c8e3
fba9993a 5d4485af 85425aa1 6d0879a3 d0bd42f3
2d461198 3e9fe061 9c1449fc 2e988cc5 c07852be
96eb2d4b 9d817046 42485eb9 e08247ac 48b61966
e157ee8f 33def637 882e9670 44d56b5c b1ef24e5
a08c5495 2193f7a1 88d15a52 cdc079ae 4b36a3e5
89320486 11db7738 626c65e8 15d895d7 65baf1cb
13453f3b d1623f53 681381dd 1c8c00b3 eee33250
6cff2fa9 aa55d540 e0853ddc d2df9231 9350ed91
7a581834 cbdb8f15 6ef37e27 87e24358 84b83aa3
61711fa4 7bd5f354 bb186f4e fd34dd66 24c06267
838b3c94 b5f9f0fd 27d40b29 c982aed7 12bd7c0e
0ac341f7 5bc67199 e00cd5e7 3b1e5b8e 3ffafb77
e976fec4 c81829a1 b63f3df5 56b47dc4 f24abfe4
372681c4 129758de 0bd85549 379dae0c 228b9e72
6d1fe0f3 dc92b154 39aabf69 12ca05e0 2ee60326
e8685431 bb2cc3d3 43f25fca af087a7d 0eaed647

Seems to match yours.

--
Leo

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 26/02/2024 16:32 Chax Plore <ftilojim@tznvy.pbz> wrote:

Hello everyone,

I recommend to your attention this cipher: MARC.

This is another attempt to make RC4-like cipher, but without weaknesses.

"MARC: modified ARC4", Jianliang Zheng, Jie Li.

I still use RC4-Drop(1024) as is. I don't believe anyone can break it and I'd like to see proof if someone claims they can.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Here is the source code I cooked up:


unit MARC;

interface

type
MarcState = record
i, j, k: Byte;
S: array[0..255] of byte;
end;

procedure MarcInit(var State: MarcState; const KeyData; const KeyLength: Integer);

function MarcLong(var State: MarcState): LongWord;

implementation

procedure MarcInit(var State: MarcState; const KeyData; const KeyLength: Integer);
var
Key: array[0..1] of byte absolute KeyData;
temp: byte;
r: integer;
begin
with State do
begin
for r := 0 to 255 do
S[r] := Byte(r);
i := 0;
j := 0;
k := 0;
for r := 0 to 575 do
begin
j := j + S[i] + Key[i mod KeyLength];
k := k xor j;
temp := S[i];
S[i] := S[j];
S[j] := S[k];
S[k] := temp;
Inc(i);
end;
i := j + k;
end;
end;

procedure SwapByte(var A, B: Byte);
var
C: Byte;
begin
C := A;
A := B;
B := C;
end;

function MarcLong(var State: MarcState): LongWord;
var
A: array[1..4] of byte absolute result;
m, n: byte;
begin
with State do
begin
inc(i);
j := j + S[i];
k := k xor j;
swapbyte(S[i], S[j]);
m := S[j] + S[k];
n := S[i] + S[j];
A[4] := S[m];
A[3] := S[n];
A[2] := S[m xor j];
A[1] := S[n xor k];
end;
end;



On 2024-02-26 16:32, Chax Plore wrote:

"MARC: modified ARC4", Jianliang Zheng, Jie Li.

Conference: Proceedings of the 5th international conference on
Foundations and Practice of Security.

DOI:10.1007/978-3-642-37119-6_3

I also want to confirm my test vectors of MARC, which I calculated using
my own implementation - I will be grateful if someone checks my vectors
(the paper provided no vectors):--

-----BEGIN PGP PUBLIC KEY FINGERPRINT-----
5745 807C 2B82 14D8 AB06 422C 8876 5DFC 2A51 778C
------END PGP PUBLIC KEY FINGERPRINT------

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Thu, 29 Feb 2024 01:38:28 -0000 (UTC), The Running Man wrote:

I still use RC4-Drop(1024) as is. I don't believe anyone can break it
and I'd like to see proof if someone claims they can.

Yeah, you need a lot more data to infer anything about the key if you drop
the earlier, more biased output.

Still, it's worth touching the key schedule as well. Especially if you're combining a long-term key and an IV by concatenation. Doesn't hurt to put everything through a hash/KDF first or just run more iterations of the RC4
key schedule.

--
Leo

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 01/03/2024 15:22 Leo <test@example.com>
wrote:

On Thu, 29 Feb 2024 01:38:28 -0000 (UTC), The Running Man wrote:

I still use RC4-Drop(1024) as is. I don't believe anyone can break it
and I'd like to see proof if someone claims they can.

Yeah, you need a lot more data to infer anything about the key if you drop the earlier, more biased output.

Still, it's worth touching the key schedule as well. Especially if you're combining a long-term key and an IV by concatenation. Doesn't hurt to put everything through a hash/KDF first or just run more iterations of the RC4 key schedule.

--
Leo

I change the key after 4GB of ciphertext generation.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)