Ben Laurie wrote:
Good ciphers aren't permutations, though, are they? Because if they
were, they'd be groups, and that would be bad.
There are multiple misconceptions rolled together there.
1) All of the common block ciphers (good and otherwise) are permutations.
To prove this, it suffices
On Dec 21, 2005, at 0:10, Ben Laurie wrote:
Good ciphers aren't permutations, though, are they? Because if they
were, they'd be groups, and that would be bad.
A given cipher, with a given key, is a permutation of blocks.
(Assuming output blocks and input blocks are the same size.) It may
Matt Crawford wrote:
On Dec 21, 2005, at 0:10, Ben Laurie wrote:
Good ciphers aren't permutations, though, are they? Because if they
were, they'd be groups, and that would be bad.
A given cipher, with a given key, is a permutation of blocks. (Assuming
output blocks and input blocks are the
Actually, by definition, a cipher should be a permutation from the set
of plaintexts to the set of ciphertexts. It has to be 1 to 1 bijective
or it isn't an encryption algorithm.
Therefore, if you want an ergodic sequence of size 2^N, a counter
encrypted under an N bit block cipher will do it.
--
Peter Gutmann
In fact the real situation is even worse than this.
Although there has been plenty of anecdotal evidence
of the ineffectiveness of SSL certificates over the
years, it wasn.t until mid-2005 (ten years after
their introduction) that a rigorous study of their
Good ciphers aren't permutations, though, are they? Because if they
were, they'd be groups, and that would be bad.
Actually, by definition, a cipher should be a permutation from the set
of plaintexts to the set of ciphertexts. It has to be 1 to 1 bijective
or it isn't an encryption
Clinton's Asst. A.G.
http://www.chicagotribune.com/news/opinion/chi-0512210142dec21,0,3553632.story?
coll=chi-newsopinioncommentary-hed
Dick Morris
http://www.drudgereport.com/flash7.htm
--dan
-
The Cryptography Mailing
Hi,
I have been asked by to verify the quality of the random numbers which are
used for certificate requests that are being sent to us, to make sure that
they are good enough, and we don´t issue certificates for weak keys.
The client applications that generate the keys and issue the
On 12/21/05, Perry E. Metzger [EMAIL PROTECTED] wrote:
Good ciphers aren't permutations, though, are they? Because if they
were, they'd be groups, and that would be bad.
Actually, by definition, a cipher should be a permutation from the set
of plaintexts to the set of ciphertexts. It has to
On Sun, Dec 18, 2005 at 09:47:27AM -0800, James A. Donald wrote:
Has anyone been attacked through a certificate that
would not have been issued under stricter security? The
article does not mention any such attacks, nor have I
ever heard of such an attack.
Ought we forget that two such
On Thu, 22 Dec 2005, Philipp [iso-8859-1] G?hring wrote:
I have been asked by to verify the quality of the random numbers which are
used for certificate requests that are being sent to us, to make sure that
they are good enough, and we don?t issue certificates for weak keys.
Consider an
On Thu, Dec 22, 2005 at 10:28:47AM +0100, Philipp G?hring wrote:
I think the better way would be if I had a possibility to verify the quality
of the random numbers used in a certificate request myself, without the
dependence on the vendor.
This is impossible. You don't see the raw random
Thanks for the comments. A new version of the work paper
Comparison Of Secure Email Technologies X.509 / PKI, PGP, and IBE
is available at http://email-security.net/papers/pki-pgp-ibe.htm
The Blog (link in the paper page) contains the most relevant
public input; private input is also
Hi Travis,
The only thing is, you cannot test in randomness,
That´s true, but I can test non-randomness. And if I don´t detect
non-randomness, I can assume randomness to a certain extent.
and it is an abuse
of statistics to make predictions about individual events --
Wasn´t that one of
Philipp G#ring [EMAIL PROTECTED] writes:
I have been asked by to verify the quality of the random numbers which are
used for certificate requests that are being sent to us, to make sure that
they are good enough, and we don´t issue certificates for weak keys.
Go tell whoever wrote your
Victor Duchovni [EMAIL PROTECTED] writes:
On Thu, Dec 22, 2005 at 10:28:47AM +0100, Philipp G?hring wrote:
I think the better way would be if I had a possibility to verify the quality
of the random numbers used in a certificate request myself, without the
dependence on the vendor.
This is
16 matches
Mail list logo