At Thu, 28 Aug 2008 17:32:10 +1200,
Peter Gutmann wrote:
> 
> Eric Rescorla <[EMAIL PROTECTED]> writes:
> 
> >There are a set of techniques that allow you to encrypt elements of arbitrary
> >sets back onto that set.
> 
> ... and most of them seem to be excessively complicated for what they end up
> achieving.  Just for reference the mechanism from the sci.crypt thread of more
> than a decade ago was:

[Description of reduced-range stream cipher elided]


> Another advantage of the KSG use is that you can precalculate the key stream
> offline, the implementation I used at the time pre-generated 4K of keystream
> and then used it to encrypt bursty text messages with real-time constraints
> that didn't allow for pauses to run the cipher.
> 
> (The thread contains lots of tweaks and variations of this).

There's noting inherently wrong with this mechanism, but like all
stream ciphers, it can't be used if you want to encrypt multiple
independent values, e.g., credit cards in a database--without
a randomizer (which implies expansion) you have the usual two-time
pad problems. A B-R style block cipher can, albeit with lookup
table issues.

-Ekr

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to