On 1241996128 seconds since the Beginning of the UNIX epoch Jerry Leichter wrote: >
>So here we have it all: A new cryptographic mode, documented only in >C code, being proposed for broad use with no analysis. > >In any case, there are obvious, well-understood solutions here: Use >counter mode, which propagates changes by a single block of the >cryptosystem. Or use any other stream cipher mode. (An interesting >question is whether there's a mode that will recover from insertions >or deletions. Perhaps something like: Use counter mode. If two >consecutive ciphertext bytes are 0, fill the rest of the ciphertext >block with 0's, jump the counter by 65536, and insert a special block >containing the new counter value.) I'm not convinced that a stream cipher is appropriate here because if you change the data then you'll reveal the plaintext. -- Roland Dowdeswell http://Imrryr.ORG/~elric/ --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com