On Mon, May 07, 2001 at 09:00:09AM -0500, Scott Gregory Miller wrote: > > > On Sun, 6 May 2001, Adam Langley wrote: > > > Notes from an IRC conversation between Tavin and myself: > > > > * partSize = MIN (len (data + padding), MAX (len (data + padding) >> > > 7, 16384) ) > > * to pad data to a power of 2, you repeat the data > No. This lends an attack as well, since the attacker can try and assume > that several of the last blocks of the file are the same.
Does that matter given that the mode we are using is rolling? I can see why just using nulls would be a little concerning since that would produce a next to unlimited set of known plain and ciphertexts (if I remember the mode right, something with all null would make each block just the last one encrypted) - but now I think you are getting overly paranoid... -- 'DeCSS would be fine. Where is it?' 'Here,' Montag touched his head. 'Ah,' Granger smiled and nodded. Oskar Sandberg md98-osa at nada.kth.se _______________________________________________ Devl mailing list Devl at freenetproject.org http://lists.freenetproject.org/mailman/listinfo/devl
