Re: Stream cipher against block cipher
From: AE (hidden_at_nospam.com)
Date: 06/29/03
- Next message: Mok-Kong Shen: "Re: Release 1.1 (beta) of my AES implementation"
- Previous message: Tom St Denis: "Hmm Test Vectors...."
- Maybe in reply to: azamruk: "Stream cipher against block cipher"
- Next in thread: Mok-Kong Shen: "Re: Stream cipher against block cipher"
- Reply: Mok-Kong Shen: "Re: Stream cipher against block cipher"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 29 Jun 2003 11:04:53 +0200
Douglas A. Gwyn wrote:
> AE wrote:
>
>> A block cipher is a codebook.
>
> The commonly used ones are not normally used in ECB mode,
> but in a feedback mode reminiscent of a good stream cipher.
> Yet they're still considered to be block ciphers *because
> they chunk the encryption in block buffers*, not for any
> other reason.
I didn't say anything about the mode used: The cipher itself is a codebook.
>> In addition I'd expect a block cipher to make sure that every
>> plaintext bit and every key bit effects every output bit with some
>> probability.
>
> That's a matter of (possible) quality, not of the nature
> of the beast. If a block cipher had only a forward-
> avalanche property, people might perhaps say it wasn't
> very good, but they wouldn't deny that it was a block cipher.
Yes - I was aware of that. Nevertheless it's important that your
suggestion delivers a broken cipher while the converstion of a block
cipher to a stream cipher preserves the strength of the cipher.
Exactly that was my initial point:
It is easy to convert a block cipher to a stream cipher (use an
appropriate mode of operation and you've got a cipher as strong as the
initial codebook) while it is hard to convert a stream cipher to a block
cipher (one can do it your way but dependent of the type of stream
cipher one is using the result is either severely flawed or completely
broken).
>> Interesting: Which one do you have in mind?
>
> See the Encyclopedia Britannica article for an example.
Well - I don't own the Encyclopedia Britannica, but surely you can give
me a hint where to find it in Der Große Brockhaus? :o)
Surely there have been few stream ciphers with plaintext- or
ciphertext-feedback, but these are the exceptions that prove the rule.
The only modern ciphers of that type I'd remember are WAKE and maybe
saphhire and panama.
Of course there are the message digest ciphers, but they are derived
from block algorithms so they don't count.
None of them is in sufficiently frequent use to call it a typical stream
cipher and that way to call ciphers like all the modern (RC4, SAFER, the
large family of LFSR-based generators) and all the historic ones (like
all rotor mashines I know) that did not use any feedback exceptions.
AE
- Next message: Mok-Kong Shen: "Re: Release 1.1 (beta) of my AES implementation"
- Previous message: Tom St Denis: "Hmm Test Vectors...."
- Maybe in reply to: azamruk: "Stream cipher against block cipher"
- Next in thread: Mok-Kong Shen: "Re: Stream cipher against block cipher"
- Reply: Mok-Kong Shen: "Re: Stream cipher against block cipher"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
