Ed Gerck wrote:
> This may sound intuitive but is not correct. Shannon proved that if
> "n" (bits, bytes, letters, etc.) is the unicity distance of a
> ciphersystem, then ANY message that is larger than "n" bits CAN be
> uniquely deciphered from an analysis of its ciphertext -- even though
> that
Hmm. another simpler theory to remove Shannon from the discussion.
assume that the original assertion is correct - that for each plaintext p
and each cyphertext c there exists only one key k that is valid to map
encrypt(p,k)=c. In this case, for each possible cyphertext c, *every*
possible plainte
On Fri, Feb 21, 2003 at 06:31:20AM -0800, Ed Gerck wrote:
> Shannon proved that if
> "n" (bits, bytes, letters, etc.) is the unicity distance of a ciphersystem,
> then ANY message that is larger than "n" bits CAN be uniquely deciphered
> from an analysis of its ciphertext
[...]
> Conversely, Shann
"Arnold G. Reinhold" wrote:
> At 2:18 PM -0800 2/19/03, Ed Gerck wrote:
> >The previous considerations hinted at but did not consider that a
> >plaintext/ciphertext pair is not only a random bit pair.
> >
> >Also, if you consider plaintext to be random bits you're considering a very
> >special -
At 2:18 PM -0800 2/19/03, Ed Gerck wrote:
Anton Stiglic wrote:
> The statement was for a plaintext/ciphertext pair, not for a random-bit/
> random-bit pair. Thus, if we model it terms of a bijection on random-bit
> pairs, we confuse the different statistics for plaintext, ciphertext, keys
an
Anton Stiglic wrote:
> > The statement was for a plaintext/ciphertext pair, not for a random-bit/
> > random-bit pair. Thus, if we model it terms of a bijection on random-bit
> > pairs, we confuse the different statistics for plaintext, ciphertext, keys
> and
> > we include non-AES bijections.
>
> The statement was for a plaintext/ciphertext pair, not for a random-bit/
> random-bit pair. Thus, if we model it terms of a bijection on random-bit
> pairs, we confuse the different statistics for plaintext, ciphertext, keys
and
> we include non-AES bijections.
While your reformulation of the p
The relevant aspect is that the plaintext and key statistics are the
determining factors as to whether the assertion is correct or not.
In your case, for example, with random keys and ASCII text in English,
one expects that a 128-bit ciphertext segment would NOT satisfy the
requirement for a uniq
Ed Gerck <[EMAIL PROTECTED]> wrote:
> For each AES-128 plaintext/ciphertext (c,p) pair with length
> equal to or larger than the unicity distance, there exists exactly
> one key k such that c=AES-128-Encrypt(p, k).
Excuse my naivete in the math for this, but is it relevant that the unicity
distan
The statement was for a plaintext/ciphertext pair, not for a random-bit/
random-bit pair. Thus, if we model it terms of a bijection on random-bit
pairs, we confuse the different statistics for plaintext, ciphertext, keys and
we include non-AES bijections. Hence, I believe that what we got so far i
Matt Crawford wrote:
>But here's the more interesting question. If S = Z/2^128 and F is the
>set of all bijections S->S, what is the probability that a set G of
>2^128 randomly chosen members of F contains no two functions f1, f2
>such that there exists x in S such that f1(x) = f2(x)?
Vanishingly
At 5:45 PM -0600 2/18/03, Matt Crawford wrote:
> ... We can ask what is the
probability of a collision between f and g, i.e. that there exists
some value, x, in S such that f(x) = g(x)?
But then you didn't answer your own question. You gave the expected
number of collisions, but not the pro
> ... We can ask what is the
> probability of a collision between f and g, i.e. that there exists
> some value, x, in S such that f(x) = g(x)?
But then you didn't answer your own question. You gave the expected
number of collisions, but not the probability that at least one
exists.
That probab
At 1:09 PM +1100 2/18/03, Greg Rose wrote:
At 02:06 PM 2/17/2003 +0100, Ralf-Philipp Weinmann wrote:
"For each AES-128 plaintext/ciphertext (c,p) pair there
exists exactly one key k such that c=AES-128-Encrypt(p, k)."
I'd be very surprised if this were true, and if it was, it might
have bad i
At 02:06 PM 2/17/2003 +0100, Ralf-Philipp Weinmann wrote:
"For each AES-128 plaintext/ciphertext (c,p) pair there
exists exactly one key k such that c=AES-128-Encrypt(p, k)."
I'd be very surprised if this were true, and if it was, it might have bad
implications for related key attacks and the
I was wondering whether the following is true:
"For each AES-128 plaintext/ciphertext (c,p) pair there
exists exactly one key k such that c=AES-128-Encrypt(p, k)."
Of course we can look at the generalized case of Rijndael
with block size == key size and ask the same question. I'd
be happy with
16 matches
Mail list logo