Re: NSA and crypto
- From: daw@xxxxxxxxxxxxxxxxxxxxxxxx (David Wagner)
- Date: Sat, 20 May 2006 05:29:20 +0000 (UTC)
Paul Rubin wrote:
The information theoretic argument is sound, it's just that if it
makes any practical difference, then AES is so insecure that we're all
in big trouble.
And, to continue the thought, under those premises, even compressing
before you AES encrypt will still be insecure as well (because no
compressor is perfect; any compression algorithm will leave enough
redundancy in the plaintext that you will quickly reach the unicity
distance). So if you believe that all security must rest on purely
information-theoretic foundations, then neither AES encryption on its own,
nor compression followed by AES encryption, is adequate.
.
- Follow-Ups:
- Re: NSA and crypto
- From: daniel bleichenbacher
- Re: NSA and crypto
- From: David A. Scott
- Re: NSA and crypto
- From: Paul Rubin
- Re: NSA and crypto
- References:
- NSA and crypto
- From: David A. Scott
- Re: NSA and crypto
- From: Ed Weir \(ComCast\)
- Re: NSA and crypto
- From: tomstdenis
- Re: NSA and crypto
- From: Paul Rubin
- NSA and crypto
- Prev by Date: Re: Patent Portfolio Offer
- Next by Date: Re: NSA and crypto
- Previous by thread: Re: NSA and crypto
- Next by thread: Re: NSA and crypto
- Index(es):
Relevant Pages
|
