I had a speculation I wanted to share.

It's been widely stated that if you could use a onetime cipher to
encrypt a text, the method is unbreakable without the key. So to
protect something it would, I'd think, be sufficient to generate a
random string of bits and XOR with it.

Well, true randomness is infeasible to generate algorithmically, so
the question is, can one use common facilities to do almost as well.

Suppose, for instance, one has a cryptographically strong way to
take a keytext and turn it into some bit pattern. In encrypting a
disk, or just a file, one has not only the key text and the plaintext
of the file or disk. One has also available the position of the
text in the file or on the disk.

Now suppose I took a key of some kind, and for argument's sake
added the position of the text block to it (or added some function
of the text block...linear or not...to it) and applied the
cryptographically strong bit generator to the modified original
key string, and XORed the resulting bit pattern with that bit of
the file or disk.

Question is, would the resulting encryption be cryptographically
strong itself? (My original cryptodisk was using CRC instead of
a strong transform here, because it was designed to thwart
random, but not necessarily cryptographically learned, people.)

Then one can ask if maybe doing this for a few hundred blocks'
worth of a file or disk and repeating, but applying the key in
some different order and maybe with a second XORing of another
simple function of position, to obscure things a little, would
be usefully strong.

I don't know this, but it occurs to me that most operating systems
have authentication ciphers readily available. In VMS the
$hash_password service, for example, is available for this.

Seems to me that if the scheme should be cryptographically strong
it would blur any distinction between authentication and general
ciphers. I don't see a way to break such a scheme, unless the
bitstring one generates (rather compute intensively) gets a lot
smaller than the plaintext size, in which case it beoomes a case
of an "XOR with key" but with a long key. Even so, I speculate
that it would be useful in many situations where the idea is to
either protect data or to enforce that someone use a particular
abstraction engine. (My software WORM which I discussed at VMS
Magic a few years back used the notion of encrypting a container
file for the latter reason; encrypting it served not to hide
the data but to ensure that access went thru the encryption
engine so that the write-once property could not be escaped without
leaving other telltale corruption.)

Commentary is invited if anyone feels like it.