1998-05-12 - Re: Chaffing & winnowing without overhead

Header Data

From: “Mordechai Ovits” <movits@syndata.com>
To: Ryan Anderson <ryan@michonline.com>
Message Hash: 8ad2b6261e8999d0595c71ff31cf7118641622bdac0e6847bd236f5366de97f6
Message ID: <3558ACB7.678309E7@syndata.com>
Reply To: <Pine.GSO.3.96.980511163424.41C-100000@pawn.michonline.com>
UTC Datetime: 1998-05-12 20:14:04 UTC
Raw Date: Tue, 12 May 1998 13:14:04 -0700 (PDT)

Raw message

From: "Mordechai Ovits" <movits@syndata.com>
Date: Tue, 12 May 1998 13:14:04 -0700 (PDT)
To: Ryan Anderson <ryan@michonline.com>
Subject: Re: Chaffing & winnowing without overhead
In-Reply-To: <Pine.GSO.3.96.980511163424.41C-100000@pawn.michonline.com>
Message-ID: <3558ACB7.678309E7@syndata.com>
MIME-Version: 1.0
Content-Type: text/plain

Ryan Anderson wrote:

> Note that any of the 2^n plaintexts cna be reconstructed from the
> following sequence of triples.  (Assuming no knowledge of the MAC.  The
> attacker has no idea which of each pair of triples related to each
> sequence is correct, so he must search every possibility, which turns  out
> to be each of the 2^n plaintexts.)

OK, but to be technically correct, you arent *transmitting* all 2^n
possibilities.  That would be like saying that when you blowfish encrypt a
64-bit block and send it, you are sending all 2^64 plaintext, because given
all 2^128 possible keys you will cover the entire "plaintext-space".  while
it is crucial to make sure that you leave the possible decryptions
exponential, you are not transmitting all possible plaintests. That would
be .... uhhh... bad.
o Mordy Ovits
o Programmer / Cryptographer
o SynData Technologies Inc.
o Download A Free Copy Of Our Software At:
o http://www.syncrypt.com