Re: Modulo instead of XOR in CFB
From: Gregory G Rose (ggr_at_qualcomm.com)
Date: 10 Aug 2005 08:24:55 -0700
In article <firstname.lastname@example.org>,
Thomas <email@example.com> wrote:
>In CFB mode usually the plain text is XORed with the encrypted queue
>bit. However, I want encrypt only bytes below 0xFF and the cipher should
>not contain any 0xFF.
>Therefore I thought of replacing the XOR with (mod 255).
>Are there any security concerns I might hav overseen?
Assuming that the generator is good, you'll
introduce a bias by doing this. That's because
the generator will generate 0 and 255 with equal
probability, both of which will encrypt the
plaintext the same way (in fact, by not changing
it). That means that a ciphertext byte is twice
as likely to be the same as the plaintext as it
is to be any other byte. This is a staggeringly
large bias, by crypto standards.
-- Greg Rose 232B EC8F 44C6 C853 D68F E107 E6BF CD2F 1081 A37C Qualcomm Australia: http://www.qualcomm.com.au