>Actually, by definition, a cipher should be a permutation from the set >of plaintexts to the set of ciphertexts. It has to be 1 to 1 bijective >or it isn't an encryption algorithm. > >Therefore, if you want an ergodic sequence of size 2^N, a counter >encrypted under an N bit block cipher will do it. > >Perry
Yes, and the set of keys define a subset of all of the possible permutations (working on the same size input as the block cipher). The set of all permutations is a group, but a subset of that is not necessarily a subgroup. Most security proofs of modes of operations, and others, model a block cipher as a random permutation. --Anton --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
