pith. sign in

arxiv: 2604.16669 · v1 · submitted 2026-04-17 · 💻 cs.CR

Stringology Based Cryptology

Victor Kebande This is my paper

Pith reviewed 2026-05-10 07:54 UTC · model grok-4.3

classification 💻 cs.CR
keywords stringologycryptanalysispattern matchingstream cipherskeystream evaluationstructural analysiscryptographic sequences
0
0 comments X

The pith

Stringology techniques detect recurring patterns and structural correlations in cryptographic sequences like keystreams and ciphertexts.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper introduces Stringology-Based Cryptology as a method that treats outputs from cryptographic primitives as symbolic sequences. It applies classical string processing and pattern matching to identify pattern recurrence, substring distributions, and other structural features. The approach is demonstrated through frequency analysis and recurrence metrics on stream cipher keystreams. This yields insights that sit alongside traditional statistical randomness tests rather than replacing them. The goal is to open a route for evaluating cryptographic sequences through their internal string-like properties.

Core claim

By interpreting cryptographic outputs as symbolic sequences, stringology algorithms can be used to detect pattern recurrence, substring distributions, and structural correlations, providing complementary insights into the structural characteristics of cryptographic sequences.

What carries the argument

Stringology-Based Cryptology (SBC), which applies classical string processing algorithms such as pattern matching and frequency counting to cryptographic output sequences treated as strings.

If this is right

  • Pattern frequency analysis can be applied directly to keystream outputs generated by stream ciphers.
  • Substring recurrence metrics provide a way to measure structural correlations within cryptographic sequences.
  • SBC analysis supplies complementary data on structural properties that statistical tests do not address.
  • The method opens a path for future work in structural cryptanalysis and evaluation of cryptographic primitives.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • The same string-based metrics could be tested on outputs from hash functions or block cipher modes to see whether structural signals appear there as well.
  • Integration of SBC metrics into existing randomness test batteries might produce a more complete profile of sequence behavior.
  • If the metrics prove sensitive to known weak generators, they could serve as a lightweight pre-filter before heavier algebraic analysis.
  • The approach suggests examining whether cryptographic design criteria already implicitly control string-like properties such as substring distributions.

Load-bearing premise

Classical string-processing algorithms applied to cryptographic outputs will detect meaningful structural correlations or weaknesses that are not already captured by existing statistical randomness test suites.

What would settle it

Apply the pattern frequency and substring recurrence metrics to the keystream of a well-studied secure stream cipher such as AES-CTR or Salsa20 and check whether the metrics return values indistinguishable from those produced by uniform random sequences.

Figures

Figures reproduced from arXiv: 2604.16669 by Victor Kebande.

Figure 1
Figure 1. Figure 1: Threat model for the Stringology-Based Cryptology. A challenge oracle outputs a sequence S drawn either from a cryptographic generator G(K, N) or from a uniform random distribution. The adversary A analyzes structural properties of S using the SBC pipeline to distinguish its origin. B. Stringology and Pattern Analysis Stringology studies algorithms and data structures for an￾alyzing strings [5, 8]. Pattern… view at source ↗
Figure 2
Figure 2. Figure 2: Stringology-Based Cryptology analysis pipeline. [PITH_FULL_IMAGE:figures/full_fig_p003_2.png] view at source ↗
Figure 3
Figure 3. Figure 3: Deviation scores between cipher-generated and random sequences [PITH_FULL_IMAGE:figures/full_fig_p005_3.png] view at source ↗
Figure 4
Figure 4. Figure 4: Normalized substring pattern frequencies for cipher-generated and [PITH_FULL_IMAGE:figures/full_fig_p005_4.png] view at source ↗
read the original abstract

The modern cryptographic primitives are known to generate large volumes of sequential data like keystreams, ciphertext blocks, and hash outputs. Traditional cryptgraphic evaluation methods rely primarily on statistical randomness tests and algebraic cryptanalysis techniques. This paper introduces the concept of Stringology-Based Cryptology (SBC), which applies classical string processing and pattern matching techniques to analyze structural properties of cryptographic outputs. By interpreting cryptographic outputs as symbolic sequences, stringology algorithms can be used to detect pattern recurrence, substring distributions, and structural correlations. In addition, the paper demonstrate how pattern frequency analysis and substring recurrence metrics can be applied to evaluate keystream outputs generated by stream ciphers. Experimental results illustrate that SBC analysis provides complementary insights into structural characteristics of cryptographic sequences and may support future research in structural cryptanalysis and cryptographic evaluation

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

2 major / 2 minor

Summary. The paper introduces Stringology-Based Cryptology (SBC), a framework that treats cryptographic outputs (keystreams, ciphertexts, hashes) as symbolic sequences and applies classical string-processing algorithms such as pattern matching, substring recurrence, and frequency analysis to detect structural properties. It claims that these metrics, when applied to stream-cipher keystreams, yield complementary insights beyond traditional statistical randomness tests and algebraic cryptanalysis, and that experimental results support this complementarity for future structural cryptanalysis.

Significance. If the approach can be shown to detect structural correlations or weaknesses not already captured by standard randomness batteries, it would constitute a genuinely new methodological direction in cryptanalysis. The framing is novel in its explicit importation of stringology tools, but the manuscript supplies no concrete algorithms, no quantitative results, and no mapping from detected recurrences to cryptanalytic advantage, so the claimed significance remains prospective rather than demonstrated.

major comments (2)
  1. [Abstract] Abstract: The statement that 'experimental results illustrate that SBC analysis provides complementary insights' is unsupported; the manuscript contains no data, no tables or figures, no description of the stringology algorithms employed, no keystream examples, and no comparison against NIST SP 800-22, Dieharder, or any other established randomness suite. Without such evidence the complementarity claim cannot be evaluated and is load-bearing for the paper's central thesis.
  2. [Body] Body (proposal of metrics): No formal definitions are given for the pattern-frequency or substring-recurrence metrics, nor is there any derivation showing why these quantities would be independent of the statistical biases already tested by existing suites. The absence of even a single worked example on a known stream cipher (e.g., RC4 or Salsa20) leaves the methodological contribution undefined.
minor comments (2)
  1. [Abstract] Abstract: Typo 'cryptgraphic' should read 'cryptographic'.
  2. [Abstract] Abstract: Subject-verb agreement: 'the paper demonstrate' should be 'the paper demonstrates'.

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for the constructive and detailed feedback on our manuscript. We agree that the current version is a high-level conceptual introduction to Stringology-Based Cryptology and lacks the formal definitions, concrete examples, and empirical comparisons needed to substantiate the claims. We will perform a major revision to address these points directly.

read point-by-point responses

  1. Referee: [Abstract] Abstract: The statement that 'experimental results illustrate that SBC analysis provides complementary insights' is unsupported; the manuscript contains no data, no tables or figures, no description of the stringology algorithms employed, no keystream examples, and no comparison against NIST SP 800-22, Dieharder, or any other established randomness suite. Without such evidence the complementarity claim cannot be evaluated and is load-bearing for the paper's central thesis.

    Authors: We agree that the abstract claim is unsupported in the submitted manuscript. The text was submitted as a conceptual proposal, and the reference to experimental results was premature. In the revised manuscript we will remove this claim from the abstract, add a new section that describes the specific stringology algorithms (pattern matching, substring recurrence via suffix structures, and frequency analysis), include at least one full worked example on a known stream-cipher keystream, and provide direct numerical comparisons against NIST SP 800-22 and Dieharder on the same sequences to allow evaluation of complementarity. revision: yes

  2. Referee: [Body] Body (proposal of metrics): No formal definitions are given for the pattern-frequency or substring-recurrence metrics, nor is there any derivation showing why these quantities would be independent of the statistical biases already tested by existing suites. The absence of even a single worked example on a known stream cipher (e.g., RC4 or Salsa20) leaves the methodological contribution undefined.

    Authors: We acknowledge that formal definitions and a worked example are absent. The submitted manuscript focused on the high-level framing. In the revision we will supply precise definitions: pattern-frequency as the normalized occurrence count of each distinct substring of length k across the sequence, and substring-recurrence as the rate of repeated substrings detected via the LCP array of the suffix array. We will also include a short derivation arguing that these metrics capture positional and structural regularities orthogonal to the aggregate frequency and run-length biases tested by standard suites. Finally, we will add a concrete worked example computing both metrics on a 1 MB RC4 keystream and contrasting the results with NIST and Dieharder outputs. revision: yes

Circularity Check

0 steps flagged

No derivation chain or self-referential loop present

full rationale

The manuscript introduces the SBC concept and asserts that experimental results on keystreams illustrate complementary structural insights relative to statistical tests. No equations, derivations, fitted parameters, predictions, or uniqueness theorems are presented that could reduce to the paper's own inputs by construction. The central claim is a forward proposal rather than a closed logical or empirical loop; complementarity is asserted without a self-defined success metric or self-citation load-bearing step. This is a standard non-circular conceptual paper.

Axiom & Free-Parameter Ledger

0 free parameters · 1 axioms · 1 invented entities

The proposal introduces no explicit free parameters, mathematical axioms, or new physical entities; it rests on the unstated domain assumption that string algorithms will expose cryptographically relevant structure.

axioms (1)
  • domain assumption Cryptographic outputs can be meaningfully interpreted as symbolic sequences whose structural properties are independent of their statistical randomness profile.
    Invoked throughout the abstract when stringology techniques are applied to keystreams and hash outputs.
invented entities (1)
  • Stringology-Based Cryptology (SBC) no independent evidence
    purpose: New named framework for applying string algorithms to crypto sequence analysis.
    The abstract coins and defines the term as the central contribution.

pith-pipeline@v0.9.0 · 5413 in / 1288 out tokens · 105313 ms · 2026-05-10T07:54:44.636334+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Reference graph

Works this paper leans on

16 extracted references · 16 canonical work pages · 1 internal anchor

  1. [1]

    A holistic secure commu- nication mechanism using a multilayered cryptographic protocol to enhanced security

    Z. Wang, M. Tabassumet al., “A holistic secure commu- nication mechanism using a multilayered cryptographic protocol to enhanced security.”Computers, Materials & Continua, vol. 78, no. 3, 2024

    work page 2024

  2. [2]

    Faster randomness testing with the nist statistical test suite,

    M. S `ys and Z. ˇR´ıha, “Faster randomness testing with the nist statistical test suite,” inSecurity, Privacy, and Applied Cryptography Engineering: 4th International Conference, SPACE 2014, Pune, India, October 18-22,

    work page 2014

  3. [3]

    Springer, 2014, pp

    Proceedings 4. Springer, 2014, pp. 272–284

    work page 2014

  4. [4]

    Testu01 and practrand: Tools for a randomness evaluation for famous multimedia ciphers,

    L. Sleem and R. Couturier, “Testu01 and practrand: Tools for a randomness evaluation for famous multimedia ciphers,”Multimedia Tools and Applications, vol. 79, no. 33, pp. 24 075–24 088, 2020

    work page 2020

  5. [5]

    Adapting the knuth– morris–pratt algorithm for pattern matching in huffman encoded texts,

    D. Shapira and A. Daptardar, “Adapting the knuth– morris–pratt algorithm for pattern matching in huffman encoded texts,”Information processing & management, vol. 42, no. 2, pp. 429–439, 2006

    work page 2006

  6. [6]

    A boyer–moore- style algorithm for regular expression pattern matching,

    B. W. Watson and R. E. Watson, “A boyer–moore- style algorithm for regular expression pattern matching,” Science of Computer Programming, vol. 48, no. 2-3, pp. 99–117, 2003

    work page 2003

  7. [7]

    The efficient generation of cryptographic con- fusion sequences,

    T. Ritter, “The efficient generation of cryptographic con- fusion sequences,”Cryptologia, vol. 15, no. 2, pp. 81– 139, 1991

    work page 1991

  8. [8]

    Attacks against the ind-cpad security of exact fhe schemes,

    J. H. Cheon, H. Choe, A. Passel `egue, D. Stehl ´e, and E. Suvanto, “Attacks against the ind-cpad security of exact fhe schemes,” inProceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, 2024, pp. 2505–2519

    work page 2024

  9. [9]

    Advances in stringology and applications,

    A. Alatabbi, “Advances in stringology and applications,” Ph.D. dissertation, PhD thesis, Natural and Mathematical Sciences, King’s College London, 2014

    work page 2014

  10. [10]

    Testing the nist sta- tistical test suite on artificial pseudorandom sequences,

    A. M. Zubkov and A. A. Serov, “Testing the nist sta- tistical test suite on artificial pseudorandom sequences,” Mathematical Aspects of Cryptography, vol. 10, no. 2, pp. 89–96, 2019

    work page 2019

  11. [11]

    Extended-chacha20 stream cipher with enhanced quarter round function,

    V . R. Kebande, “Extended-chacha20 stream cipher with enhanced quarter round function,”IEEE Access, vol. 11, pp. 114 220–114 237, 2023

    work page 2023

  12. [12]

    An overview on cryptanalysis of arx ci- phers,

    S. Barbero, “An overview on cryptanalysis of arx ci- phers,”DE CIFRIS KOINE, p. 10, 2024

    work page 2024

  13. [13]

    Rotational cryptanalysis of arx,

    D. Khovratovich and I. Nikoli ´c, “Rotational cryptanalysis of arx,” inInternational Workshop on Fast Software Encryption. Springer, 2010, pp. 333–346

    work page 2010

  14. [14]

    Chacha, a variant of salsa20,

    D. J. Bernsteinet al., “Chacha, a variant of salsa20,” inWorkshop record of SASC, vol. 8, no. 1. Lausanne, Switzerland, 2008, pp. 3–5

    work page 2008

  15. [15]

    Stringology-Based Cryptanalysis for EChaCha20 Stream Cipher

    V . Kebande, “Stringology-based cryptanalysis for echacha20 stream cipher,”arXiv preprint arXiv:2604.08862, 2026

    work page internal anchor Pith review Pith/arXiv arXiv 2026

  16. [16]

    Crochemore and W

    M. Crochemore and W. Rytter,Jewels of stringology: text algorithms. World Scientific, 2002

    work page 2002