On Tue, Dec 27, 2005 at 11:34:15PM +, Ben Laurie wrote:
> If you don't have sufficient plain/ciphertext, then of course you can
> choose incorrect pairs.
Yep - that's my point. The thing to note is that for an arbitrary
permutation, knowing the image of n plaintexts tells you (almost)
nothing
David Malone wrote:
> On Tue, Dec 27, 2005 at 03:26:59AM -0600, Travis H. wrote:
>> On 12/26/05, Ben Laurie <[EMAIL PROTECTED]> wrote:
>>> Surely if you do this, then there's a meet-in-the middle attack: for a
>>> plaintext/ciphertext pair, P, C, I choose random keys to encrypt P and
>>> decrypt C.
On Tue, Dec 27, 2005 at 03:26:59AM -0600, Travis H. wrote:
> On 12/26/05, Ben Laurie <[EMAIL PROTECTED]> wrote:
> > Surely if you do this, then there's a meet-in-the middle attack: for a
> > plaintext/ciphertext pair, P, C, I choose random keys to encrypt P and
> > decrypt C. If E_A(P)=D_B(C), then
On Mon, Dec 26, 2005 at 12:51:37PM +, Ben Laurie wrote:
> > The other day I was thinking of using a very large key to select a
> > permutation at random from the symmetric group S_(2^x). That would be
> > a group, but I don't see how you knowing that I'm using a random
> > permutation would he
On 12/26/05, Ben Laurie <[EMAIL PROTECTED]> wrote:
> Surely if you do this, then there's a meet-in-the middle attack: for a
> plaintext/ciphertext pair, P, C, I choose random keys to encrypt P and
> decrypt C. If E_A(P)=D_B(C), then your key was A.B, which reduces the
> strength of your cipher from
Travis H. wrote:
> On 12/21/05, Perry E. Metzger <[EMAIL PROTECTED]> wrote:
>>> Good ciphers aren't permutations, though, are they? Because if they
>>> were, they'd be groups, and that would be bad.
>> Actually, by definition, a cipher should be a permutation from the set
>> of plaintexts to the se
On 12/21/05, Perry E. Metzger <[EMAIL PROTECTED]> wrote:
> > Good ciphers aren't permutations, though, are they? Because if they
> > were, they'd be groups, and that would be bad.
>
> Actually, by definition, a cipher should be a permutation from the set
> of plaintexts to the set of ciphertexts. I
> Good ciphers aren't permutations, though, are they? Because if they
> were, they'd be groups, and that would be bad.
Actually, by definition, a cipher should be a permutation from the set
of plaintexts to the set of ciphertexts. It has to be 1 to 1 bijective
or it isn't an encryption algorith
>Actually, by definition, a cipher should be a permutation from the set
>of plaintexts to the set of ciphertexts. It has to be 1 to 1 bijective
>or it isn't an encryption algorithm.
>
>Therefore, if you want an ergodic sequence of size 2^N, a counter
>encrypted under an N bit block cipher will do i
Matt Crawford wrote:
> On Dec 21, 2005, at 0:10, Ben Laurie wrote:
>> Good ciphers aren't permutations, though, are they? Because if they
>> were, they'd be groups, and that would be bad.
>
> A given cipher, with a given key, is a permutation of blocks. (Assuming
> output blocks and input blocks
On Dec 21, 2005, at 0:10, Ben Laurie wrote:
Good ciphers aren't permutations, though, are they? Because if they
were, they'd be groups, and that would be bad.
A given cipher, with a given key, is a permutation of blocks.
(Assuming output blocks and input blocks are the same size.) It may
Ben Laurie <[EMAIL PROTECTED]> writes:
> Jack Lloyd wrote:
>> On Mon, Dec 12, 2005 at 12:20:26AM -0600, Travis H. wrote:
>>> 2) While CTR mode with a random key is sufficient for creating a
>>> permutation of N-bit blocks for a fixed N, is there a general-purpose
>>> way to create a N-bit permutat
Jack Lloyd wrote:
> On Mon, Dec 12, 2005 at 12:20:26AM -0600, Travis H. wrote:
>> 2) While CTR mode with a random key is sufficient for creating a
>> permutation of N-bit blocks for a fixed N, is there a general-purpose
>> way to create a N-bit permutation, where N is a variable? How about
>> pick
On Mon, 12 Dec 2005, Travis H. wrote:
One thing I haven't seen from a PRNG or HWRNG library or device is an
unpredictable sequence which does not repeat; in other words, a
[cryptographically strong?] permutation. This could be useful in all
Rich Schroeppel tells me his "Hasty Pudding" cipher
On Mon, Dec 12, 2005 at 12:20:26AM -0600, Travis H. wrote:
> 2) While CTR mode with a random key is sufficient for creating a
> permutation of N-bit blocks for a fixed N, is there a general-purpose
> way to create a N-bit permutation, where N is a variable? How about
> picking a cryptographically
15 matches
Mail list logo