Re: Does Base64 encoding before encryption makes it easier to break?

From: Bill Unruh (unruh_at_string.physics.ubc.ca)
Date: 12/29/03 

Date: Mon, 29 Dec 2003 22:39:07 +0000 (UTC)

Mok-Kong Shen <mok-kong.shen@t-online.de> writes:

]"John E. Hadstate" wrote:
]>
]> "Mok-Kong Shen" <mok-kong.shen@t-online.de> wrote:

]> >
]> > "Goh, Yong Kwang" wrote:
]> > >
]> > [snip]
]> > > But to me it may reduce the security because base 64 encoding reduces
]> > > the number of symbols (characters) used to represent the plaintext. In
]> > > original binary mode, there would be 256 combinations for each byte.
]> > > Whereas in base 64 encoding, there would be only 65 combinations in
]> > > use for each byte, thus my rationale is that it may make it easier for
]> > > the attacker to do some statistical cryptanalysis.
]> >
]> > But this (reversible) conversion doesn't involve any
]> > encryption key. So the two forms are simply equivalent
]> > 'representations' of the same thing and thus shouldn't
]> > inherently affect the statistical properties in them.
]>
]> This may require a little more thought. First, a (reversible) keyed AES
]> encipherment of a block of 16 plaintext bytes is a "simply equivalent
]> representation of the same thing" and yet the statistical properties of the
]> ciphertext will differ wildly from those of the plaintext.
][snip]

]But here (as I called attention to) a key is involved
]and that key is kept unknown to the opponent. This is
]a secret transformation not a 'public' transformation.
]The opponent, if he is capable, will try all that is
]at his disposal. A transform that is 'known' to him,
]doesn't cause any trouble to him (we neglect some
]resources that would be needed e.g. to back-transform).
]Consider also this example: A 128-bit block can e.g. be
]represented as 4 integers in hex format or in decimal
]digits format. Does the one form contain more
]'information' than the other? (Note that the 'base' of
]the two are different.) Of course, the opponent, in doing
]his statistical analysis, may try certain different
]equivalent formats and some would be more appropriate
]or convenient than the others. Since he can anyways e.g.
]get back the binary form from the base64 encoding, there
]is nothing hindering his operating (also) on the original
]binary format. It follows trivially that the base64
]encoding (since it is 'known' to him) neither increases
]nor decreases the security. This is the essence of what
]I wanted to say.

Let me do this in a slighly different way. Lets look at the following
encoding. Each bit of the source is expanded that the value of each 1
bit is the 8 bytes 0x8000000000000000 and each 0 bit is the 8 bytes
0x00000000000000. Now the encoded text clearly has exactly the same
information as the original (it is only 64 times as long). But
cryptanalysis of this is trivial. There will only be two outputs for
each 64 bit block of the output. One of these is 1 and the other is 0.
This means after two tries the enemy will know what the message is.
ie, this base1 encoding is horribly weak, even though your argument
could be applied to it.

Relevant Pages

  • Re: Does Base64 encoding before encryption makes it easier to break?
    ... >> inherently affect the statistical properties in them. ... a secret transformation not a 'public' transformation. ... The opponent, if he is capable, will try all that is ... represented as 4 integers in hex format or in decimal ...
    (sci.crypt)
  • Re: Bin Hex file nightmare
    ... Dayo's probably right and it's an encoding issue. ... attachment was sent in the BinHex format? ... > Macintosh files differ from files created on other computers. ... > an encoding format that preserves all the data. ...
    (microsoft.public.mac.office.word)
  • Re: Bin Hex file nightmare
    ... Dayo's probably right and it's an encoding issue. ... attachment was sent in the BinHex format? ... > Macintosh files differ from files created on other computers. ... > an encoding format that preserves all the data. ...
    (microsoft.public.word.docmanagement)
  • Re: sending structure client server
    ... specific message format, including serialization and deserialzation ... the code to transform the internal representation of the program to ... 'all of XML' consists of at least six such documents). ... BER (basic encoding rules) is another ...
    (comp.unix.programmer)
  • Re: Saving data
    ... > The thing I'm curious about and have no knowledge on is saving data. ... Roll your own binary format. ... Be sure to pick a character encoding and stick ...
    (comp.lang.java.programmer)