-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 26/06/14 19:57, Michael Rogers wrote: > It seems to me that the information leak depends on the observer's > prior knowledge about possible message sizes. For example, if the > observer knows that the message is either "Yes" or "No" then > padding to the next power of two does nothing to conceal the > message size (which in turn reveals the content).
Sorry for the self-reply. Putting it in these terms made me wonder whether we should aim to minimise the mutual information between the input and output distributions. Cheers, Michael -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBCAAGBQJTrG5dAAoJEBEET9GfxSfMK3QH/04wK5XAC9yCM+5YJPNVNnE1 b7iYKLTFbTqu7qc7EEPWS1qYC/+WNHGxPGzVQvvOmzLt4Cs0im3DvqMmPRHy02A7 Przn6SW7HEJ8YjkShid4X7kQtxSe/3ena7ATgcYPzHZVLq6NvOYrltr+1oaRoxqj h7xitBAredu7Q4TqY3XfXxYwgXk1CWMkIBLcicC3WPcTVIl6H66HRmTGzygqMnqp LsSTptiYU/kxbQB5J1Xt/oGtY8p0U3h75uGgM3WgDiA21wjoq4s8+zMYdK1nZlWX WojHgA7YEwOvoAoM3J78CwXK76vDRonlaqFCKI7trg2VNeVAB1zVQYisv2pHlGg= =Ud6z -----END PGP SIGNATURE----- _______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
