Re: Into the Fire
From: Nicol So (anonymous_at_no.spam.please)
Date: 07/31/03
- Next message: Peter Pearson: "Re: Filiol's Cryptanalysis of AES"
- Previous message: Joe Peschel: "Re: Surviving Einstein."
- In reply to: David Wagner: "Re: Into the Fire"
- Next in thread: David Wagner: "Re: Into the Fire"
- Reply: David Wagner: "Re: Into the Fire"
- Reply: Gregory G Rose: "Re: Into the Fire"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 30 Jul 2003 19:41:05 -0400
David Wagner wrote:
> Nicol So wrote:
>>
>>(Re)synchronization can be achieved easily by transmitting in the clear
>>an index to the key bits used.
>
> But: Look out for chosen-ciphertext attacks! You'll probably want to
> protect the integrity of the packet -- perhaps by using an unconditionally
> secure MAC, such as Carter-Wegman hashing.
I assumed it was understood that one-time pad does not by itself provide
message integrity protection. One-time pad is susceptible to simple
active attacks like bit twiddling, even if there's no synchronization error.
-- Nicol So Disclaimer: Views expressed here are casual comments and should not be relied upon as the basis for decisions of consequence.
- Next message: Peter Pearson: "Re: Filiol's Cryptanalysis of AES"
- Previous message: Joe Peschel: "Re: Surviving Einstein."
- In reply to: David Wagner: "Re: Into the Fire"
- Next in thread: David Wagner: "Re: Into the Fire"
- Reply: David Wagner: "Re: Into the Fire"
- Reply: Gregory G Rose: "Re: Into the Fire"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
