From: "W. Kinney" <kinney@ucsu.Colorado.EDU>
Date: Tue, 9 Nov 93 08:44:11 PST
To: cypherpunks@toad.com
Subject: Cyphergurus: Advice needed
Message-ID: <199311091643.AA11260@ucsu.Colorado.EDU>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----


I'm writing a Macintosh encryption application (nearing completion), which,
when it encrypts a file, changes its file type and creator so that the 
encryption program will be launch when the file is double-clicked. I have to 
save four pieces of information about the original plaintext: file type, 
creator, data fork length, and resource fork length. These are placed in a 
resource in the encrypted file. 

What I'd like to get opinions on is _should I encrypt this header information_, 
since its format will be known to an attacker and, in many cases, its contents 
easy to guess? My inclination is to leave it plaintext, since the worst that 
can happen if a file type is known is the same type of attack that would 
_always_ be possible with an encrypted header.

Thanks to all with thoughts on the subject.

                                  -- Will



-----BEGIN PGP SIGNATURE-----
Version: 2.3

iQCVAgUBLN9hEPfv4TpIg2PxAQEZCwP9G2nysBI31CnD2UasTUHQb3itwc2S1juc
TGJRvo5iB1WRFHwYwxyraae41Kf2Xsu6qiuHAQWEuvGhG4MyiZjXwZsE5FU9pxRR
CV/pvSG4J/teXvJXv575Vr3lVxI6isDa4oZcMtv5rOS7ihIqF4ssuHnlOa6mHckU
KW81MGB8nkQ=
=cLCE
-----END PGP SIGNATURE-----