[2668] in cryptography@c2.net mail archive
Re: Chaffing & winnowing without overhead
daemon@ATHENA.MIT.EDU (Mordechai Ovits)
Tue May 12 16:18:37 1998
Date: Tue, 12 May 1998 16:10:31 -0400
From: "Mordechai Ovits" <movits@syndata.com>
To: Ryan Anderson <ryan@michonline.com>
CC: "Jesús Cea Avión" <jcea@argo.es>, coderpunks@toad.com,
cypherpunks@toad.com, cryptography@c2.net, hacking@argo.es,
teleco-vigo@argo.es, Lista PGP <MAIL-PGP@listserv.rediris.es>,
Lista Apedanica <apedanica@encomix.com>, cripto-foro@fi.upm.es
Ryan Anderson wrote:
> Note that any of the 2^n plaintexts cna be reconstructed from the
> following sequence of triples. (Assuming no knowledge of the MAC. The
> attacker has no idea which of each pair of triples related to each
> sequence is correct, so he must search every possibility, which turns out
> to be each of the 2^n plaintexts.)
OK, but to be technically correct, you arent *transmitting* all 2^n
possibilities. That would be like saying that when you blowfish encrypt a
64-bit block and send it, you are sending all 2^64 plaintext, because given
all 2^128 possible keys you will cover the entire "plaintext-space". while
it is crucial to make sure that you leave the possible decryptions
exponential, you are not transmitting all possible plaintests. That would
be .... uhhh... bad.
--
o Mordy Ovits
o Programmer / Cryptographer
o SynData Technologies Inc.
o Download A Free Copy Of Our Software At:
o http://www.syncrypt.com
