From Newsgroup: sci.crypt

"""
DrMoron: A quirky HMAC-based stream cipher primitive
Core idea: Use HMAC as keystream generator with self-synchronizing feedback,
prepend large TRNG prefix (> digest size), full reverse
between two passes.

Rules (enforced by design intent, not code):
- rand_n MUST be > digest size of chosen hash (e.g. >64 for SHA-512) for strong initial entropy flood.
- Use only secure hashes (SHA-512, SHA3-512, BLAKE2b, BLAKE3 recommended).
- Key: 64-byte TRNG minimum.
- No built-in auth/MAC rCo malleable by design (ciphertext tamper raA atomic garbage output).
- Security claim: Hardness roughly equivalent to breaking HMAC-H under continuous feedback + reverse mixing.

This is raw ciphertext only rCo no bolted-on integrity. Test diffusion, differentials, stats directly.
"""

import hashlib
import hmac
import os

# 1. Improved Hex Utility
# ____________________________________________________________
def ct_bytes_to_hex(data):
"""Returns a clean hex string with 16-byte rows."""
return '\n'.join(data[i:i+16].hex(' ') for i in range(0, len(data), 16)).upper()

# 2. Key Class (Handles Raw Bytes)
# ____________________________________________________________
class ct_secret_key:
def __init__(self, hmac_key, hash_algo, rand_n):
self.hmac_key = hmac_key if isinstance(hmac_key, bytes) else hmac_key.encode()
self.hash_algo = hash_algo
self.rand_n = rand_n

def __repr__(self):
return (f"hmac_key: {self.hmac_key.hex()[:16]}...\n"
f"hash_algo: {self.hash_algo().name}\n"
f"rand_n: {self.rand_n}")

# 3. The Crypt Round Function (Raw Byte Logic)
# ____________________________________________________________
def ct_crypt_round(SK, data_in, decrypt_mode):
"""Single HMAC-feedback round."""
H = hmac.new(SK.hmac_key, None, SK.hash_algo)
H.update(SK.hmac_key[::-1]) # Reversed key for init twist

output = bytearray()
p_idx = 0
p_len = len(data_in)

while p_idx < p_len:
D = H.digest() # Keystream block
d_idx = 0
d_len = len(D)

while p_idx < p_len and d_idx < d_len:
p_byte = data_in[p_idx]
c_byte = p_byte ^ D[d_idx]
output.append(c_byte)

# Feedback: (P,C) encrypt, (C,P) decrypt
if not decrypt_mode:
H.update(bytes([p_byte, c_byte]))
else:
H.update(bytes([c_byte, p_byte]))

p_idx += 1
d_idx += 1

return bytes(output)

# 4. The Main Crypt Wrapper
# ____________________________________________________________
def ct_crypt(SK, data_in, decrypt_mode):
"""Full duplex: forward raA reverse raA forward, with TRNG prefix on encrypt."""
processed_data = data_in

if not decrypt_mode:
# Prepend fresh TRNG prefix (critical for uniqueness)
prefix = os.urandom(SK.rand_n)
processed_data = prefix + processed_data

# Round 1 forward
C = ct_crypt_round(SK, processed_data, decrypt_mode)

# Full reverse (bidirectional diffusion)
C_rev = C[::-1]

# Round 2 forward
final = ct_crypt_round(SK, C_rev, decrypt_mode)

if decrypt_mode:
final = final[SK.rand_n:] # Strip prefix

return final

# ____________________________________________________________
# Simple Test Execution
# ____________________________________________________________

if __name__ == "__main__":
# 64-byte random key (TRNG)
trng_64_bytes = os.urandom(64)

SK = ct_secret_key(
trng_64_bytes,
hashlib.sha512, # Secure default (can swap to sha3_512,
blake2b, etc.)
73 # >64-byte digest, as per rules
)

plaintext = b"ABCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCDE"

# Encrypt
ciphertext = ct_crypt(SK, plaintext, False)
print(f"Ciphertext Hex:\n{ct_bytes_to_hex(ciphertext)}")

# Decrypt & verify
decrypted = ct_crypt(SK, ciphertext, True)
print(f"\nDecrypted String: {decrypted.decode()}")
assert decrypted == plaintext, "Decryption failed!"
print("Round-trip successful.")
--- Synchronet 3.21b-Linux NewsLink 1.2

From Newsgroup: sci.crypt

On Tue, 10 Feb 2026 05:07:19 -0800
"Chris M. Thomasson" <chris.m.thomasson.1@gmail.com> wrote:

"""
DrMoron: A quirky HMAC-based stream cipher primitive
Core idea: Use HMAC as keystream generator with self-synchronizing feedback,
prepend large TRNG prefix (> digest size), full reverse
between two passes.

Dr. Moron:

Bad name for crypto.

Good name for mind-altering Kool-Aid. Glug, glug, glug.

E for [e]ffort. E for [e]ntertain. E for [E]eyore ... hee haw!

--- Synchronet 3.21d-Linux NewsLink 1.2

From Newsgroup: sci.crypt

On 3/2/2026 1:46 PM, Eeyore Hee Haw wrote:

On Tue, 10 Feb 2026 05:07:19 -0800
"Chris M. Thomasson" <chris.m.thomasson.1@gmail.com> wrote:

"""
DrMoron: A quirky HMAC-based stream cipher primitive
Core idea: Use HMAC as keystream generator with self-synchronizing feedback, >> prepend large TRNG prefix (> digest size), full reverse
between two passes.

Dr. Moron:

Bad name for crypto.

rofl! Yeah... ;^)

But it has not been properly tested out by professionals. So, shit
happens. By the way,

https://fractallife247.com/test/hmac_cipher/drmoron/?ct_hmac_cipher=a6ef9b673661ca5a13d2ca2f8e1bcfb19bc5702c8c83954159405725d50e2fa15f5c4c2d5b09094f025a0974d36a57e7fa8061ed528395bf7efd41416f6cd4f22f4874a78d26877c652adcfb27a57769fd7752eba69a4f4ee2c2ba678dc0514522029efd3d555ccf


:^)

Good name for mind-altering Kool-Aid. Glug, glug, glug.

E for [e]ffort. E for [e]ntertain. E for [E]eyore ... hee haw!

I personally think it is secure. Its ciphertexts are good. But! I cannot
claim that at this time. Fair enough?
--- Synchronet 3.21d-Linux NewsLink 1.2