Quote Originally Posted by fullmetalcoder View Post
My question is : Why isn't such a method used everywhere ???
Because it's easy to break

In case the password is shorter than the input data, you're reusing the same password (this is called Electronic Code Book (ECB) mode), which is the same as if you encrypted two different messages with the same key - it's easy to break. Russian ciphers were compromised because of reusing the same key for multiple messages.

It has many advantages and, provided a shared key is affordable, no real drawbacks AFAIK...
To be honest it's pretty easy to break Furthermore it only encrypts the message but you can still change the contents, etc.

Furthermore, try encrypting a message containing only zeros with your method and see what you get as output

A WEP passphrase is something like 10 ASCII chars long, which, you shall admit, corresponds to 10*8 = 80 bits
DES has 56 bit keys and it's considered quite safe (not counting the brute force attack, of course). But it's because the way the key is used.

BTW. WEP is not safe because of its keylength. And the RC4 cipher used for Wi-Fi along WEP is not that good either. Usage of WPA with AES is advised.

Using a passphrase of this size (which is rather reasonable) in my homemade encryption function gives 2^80 = more than 1.2*10^24 possible combinations
This is nothing. You can make a brute force attack on it using parallel computing (http://distributed.net) - you'd have it broken within days.

Assuming one attempts a "brute-force" cracking of a 100 characters long text message encoded with the aforementioned key he will have to try decoding the message with each of these combinations and then check if it is likely to be a message...
Not quite. You can limit the number of possibilities by making comparisons knowing the key length.

With luck the brute-force attack can find the correct key after 2^40 attempts (sounds a lot ? try it and you'll see that it would be quite a luck indeed...). That would take him : 10.000 * 2^40 = 1.1*10^16 T-states
Even for 2^80 combinations (provided you encrypt messages shorter than the key length) with computers that can do about 2^31 operations per second (for single core 2GHz processors) you only need ~2^50 second with a single processor or 2^40 seconds for 1000 computers, etc. It's not that much.

1.1*10^16 / 3*10^9 = 3.665.039 seconds = 1018 hours = 42 days and an half : about a month and an half!!!
You can break a static key WEP protected network after listening for the traffic for ~4 hours and some time to process the sniffed data.

You can strenghten the cipher by using some feedback mode with your method for messages longer than the key (http://en.wikipedia.org/wiki/Block_c..._of_operation).

But your cipher is still very weak for shorter messages using a known plaintext attack (you know the plain text, you know the cipher text, you try to find the key).

Quote Originally Posted by e8johan
One reason not to use this method is that the same key is used for both decryption and encryption. Some modern encryption methods works with one public key used for encryption and a different, private, key for decryption. This means that the encryption key can be spread freely and the the decryption can be protected.
Symmetric ciphers are used everywhere, including SSL. Assymetric systems have a wider range of use than symmetric ones and they are safer, because they require more time consuming operations than symmetric ones (the keys are much longer) and additionally you can't implement them in hardware efficiently. For example you can assure that the message is not changed, you can be sure that the message was not forged by someone else, etc.