Re: Countering chosen-plaintext attacks
From: Mok-Kong Shen (mok-kong.shen_at_t-online.de)
Date: 03/07/04
- Next message: Mok-Kong Shen: "Re: Propietary WAPI Wi-Fi protocol going to be mandated by China"
- Previous message: David Eather: "Re: Propietary WAPI Wi-Fi protocol going to be mandated by China"
- In reply to: AE: "Re: Countering chosen-plaintext attacks"
- Next in thread: AE: "Re: Countering chosen-plaintext attacks"
- Reply: AE: "Re: Countering chosen-plaintext attacks"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 07 Mar 2004 16:09:23 +0100
AE wrote:
> Mok-Kong Shen wrote:
>
>> AE wrote:
>>
>>> ...
>>> And to set P2' he has to set P2=P2'^C1 - which requires knowledge of C1.
>>
>>
>> Right. (One assumes the worst case condition for the communication
>> partners and hence the best optimal condition for the opponent.
>> O.k.?)
>
>
> In this case - as well P(N<x) and C(N<x) are known to the attacker - all
> unkeyed block-chaining methods are useless.
You are right, for CBC is only an example case of those not
having the property that one desires in our context. That's
the motivation of my suggestion of eventually considering
item (1) of my original post. For (using an IV in the manner
said in a previous follow-up of mine) the chaining-value of
the kind described there would be an 'unknown' for the
opponent, thus depriving him of the freedom of choice of
the 'input' to the given encryption algorithm.
M. K. Shen
- Next message: Mok-Kong Shen: "Re: Propietary WAPI Wi-Fi protocol going to be mandated by China"
- Previous message: David Eather: "Re: Propietary WAPI Wi-Fi protocol going to be mandated by China"
- In reply to: AE: "Re: Countering chosen-plaintext attacks"
- Next in thread: AE: "Re: Countering chosen-plaintext attacks"
- Reply: AE: "Re: Countering chosen-plaintext attacks"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
