Mr Pink writes: > In Applied Crypto, the use of padding for CBC encryption is suggested > to be met by ending the data block with a 1 and then all 0s to the end > of the block size. > > Is this not introducing a risk as you are essentially introducing a > large amount of guessable plaintext into the ciphertext. > > Is it not wiser to use RNG data as the padding, and using some kind of > embedded packet size header to tell the system what is padding?
Back in 2001, there was a discussion of the general issue of altering data structures to avoid known plaintext on sci.crypt, under the subject of "Known Plaintext Considered Harmless". A surprising diversity of opinions were expressed. http://groups.google.com/group/sci.crypt/browse_thread/thread/f1aae3a2d10dbcd4?tvc=2&q=known+plaintext+considered+harmless Hal Finney --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
