Re: HMAC cipher and a TRNG...

Chris M. Thomasson <chris.m.thomasson.1@gmail.com> wrote:

A compromised secret password is bad.  I was just interested if I
could create different ciphertexts for the same plaintext and
password, as an experiment.  See?

Slightly revisionist history.

IIRC you were worried about having all bits of the plaintext change if
any one bit of the ciphertext was changed by Eve.

Because if all you were worried about was different ciphertexts from
same key and plaintext, that is already available from standard
constructions.  Note this short example:

    #!/usr/bin/tclsh

    package require aes ;# aes encryption module

    proc hexdump {value} {
      binary scan $value H* hex
      return $hex
    }

    set fd [open /dev/urandom {RDONLY BINARY}]

    # IV #1
    set iv1 [read $fd 16]

    # IV #2
    set iv2 [read $fd 16]

    # key
    set key [read $fd 16]

    # plaintext
    set pt [read $fd 32]

    # ciphertext #1
    puts "before creating ciphertext #1"
    puts key=[hexdump $key]
    puts "pt =[hexdump $pt]"
    set ct1 [aes::aes -mode cbc -dir encrypt -key $key -iv $iv1 $pt]

    # ciphertext #2 - same plaintext and key
    puts "before creating ciphertext #2"
    puts key=[hexdump $key]
    puts "pt =[hexdump $pt]"
    set ct2 [aes::aes -mode cbc -dir encrypt -key $key -iv $iv2 $pt]

    # display cipher texts
    puts ct1=[hexdump $ct1]
    puts ct2=[hexdump $ct2]

This uses AES, and CBC mode.  Running the above code (assuming you have
Tcl and Tcllib installed, results in:

    before creating ciphertext #1
    key=5726ed430f6b2f4ec4c18e68d77385a2
    pt =e17752182f07dd0239ce09308b6f4912a043567f0df79fb176baf996d0772e4c
    before creating ciphertext #2
    key=5726ed430f6b2f4ec4c18e68d77385a2
    pt =e17752182f07dd0239ce09308b6f4912a043567f0df79fb176baf996d0772e4c
    ct1=ee68def5cb2978215356b585fe87d74a99a7786c08c6559594c82d0102c258b2
    ct2=ae0b908dc7049a4608e57cd94249d00850b63ae1d1b9d4416fb8dda692df0da2

Same key, same plaintext, two different ciphertexts.