From: Carl Ellison <cme@tis.com>
Date: Sun, 17 Jul 94 09:53:27 PDT
To: berzerk@xmission.xmission.com
Subject: Re: Triple encryption...
In-Reply-To: <Pine.3.89.9407151717.A16059-0100000@xmission>
Message-ID: <9407171652.AA12181@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


>Date: Fri, 15 Jul 1994 17:09:47 -0600 (MDT)
>From: Berzerk <berzerk@xmission.xmission.com>
>Subject: Re: Triple encryption...

>On Fri, 15 Jul 1994, Carl Ellison wrote:
>> I'd be most concerned about any ciphertext-only attack which is improved by
>> having purely random bits as input.  Whichever algorithm is more resistant
>Ahhhhhhh, I don't know how to say this, but no such atack exists, and 
>none will ever exist.  You can not EVER atack a cipher if the plaintext 
>is "random", as you have no basis for saying which "plaintext" is in fact 
>the "plaintext".  Now if you know the plaintext(random bits) this is a 
>different story.

Call it a hunch.

I didn't say I knew of any such attacks.  In fact, I used to believe that
such are completely impossible (and may yet come back to that belief), but
for the moment, I'm entertaining the notion of such attacks and seeing
where that leads me.  If there were such attacks, they would rely on
information about the key leaking into the ciphertext, independent of the
plaintext.  It might be possible to prove that any key-driven permutation
(1:1 mapping) can not allow such attacks, but I haven't composed such a
proof yet.

 - Carl