Chris M. Thomasson <chris.m.thomasson.1@gmail.com> wrote:

A compromised secret password is bad. I was just interested if I
could create different ciphertexts for the same plaintext and
password, as an experiment. See?

Slightly revisionist history.

IIRC you were worried about having all bits of the plaintext change if
any one bit of the ciphertext was changed by Eve.

Because if all you were worried about was different ciphertexts from
same key and plaintext, that is already available from standard
constructions. Note this short example:

#!/usr/bin/tclsh

package require aes ;# aes encryption module

proc hexdump {value} {
binary scan $value H* hex
return $hex
}

set fd [open /dev/urandom {RDONLY BINARY}]

# IV #1
set iv1 [read $fd 16]

# IV #2
set iv2 [read $fd 16]

# key
set key [read $fd 16]

# plaintext
set pt [read $fd 32]

# ciphertext #1
puts "before creating ciphertext #1"
puts key=[hexdump $key]
puts "pt =[hexdump $pt]"
set ct1 [aes::aes -mode cbc -dir encrypt -key $key -iv $iv1 $pt]

# ciphertext #2 - same plaintext and key
puts "before creating ciphertext #2"
puts key=[hexdump $key]
puts "pt =[hexdump $pt]"
set ct2 [aes::aes -mode cbc -dir encrypt -key $key -iv $iv2 $pt]

# display cipher texts
puts ct1=[hexdump $ct1]
puts ct2=[hexdump $ct2]

This uses AES, and CBC mode. Running the above code (assuming you have
Tcl and Tcllib installed, results in:

before creating ciphertext #1
key=5726ed430f6b2f4ec4c18e68d77385a2
pt =e17752182f07dd0239ce09308b6f4912a043567f0df79fb176baf996d0772e4c
before creating ciphertext #2
key=5726ed430f6b2f4ec4c18e68d77385a2
pt =e17752182f07dd0239ce09308b6f4912a043567f0df79fb176baf996d0772e4c
ct1=ee68def5cb2978215356b585fe87d74a99a7786c08c6559594c82d0102c258b2
ct2=ae0b908dc7049a4608e57cd94249d00850b63ae1d1b9d4416fb8dda692df0da2

Same key, same plaintext, two different ciphertexts.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)