Re: Key entropy, stream entropy, block entropy, block population entropy AKA uniique stream length



On 8 Feb, 18:05, Kristian Gjøsteen <kristiag+n...@xxxxxxxxxxxx> wrote:
<j...@xxxxxxxx> wrote:
There can
only be one stream for any key just as you say, but given a chosen
plaintext attack i do not beleive you can assert that you have the
first block in the keystream can you?

Of course you have the first part of the keystream. In a chosen plaintext
attack, you have the _entire_ key stream. That's in theory. In practice,
you typically know the start of the key stream because the start of the
message typically contains known or guessable plaintext.

--
Kristian Gjøsteen

OK, i agree you have the first part you know this area.
But that doesn't mean i have to use the first blocks of the PRNG
OUTPUT.

Jonas Thörnvall

.



Relevant Pages

  • Re: Key entropy, stream entropy, block entropy, block population entropy AKA uniique stream length
    ... plaintext attack i do not beleive you can assert that you have the ... Of course you have the first part of the keystream. ... you have the _entire_ key stream. ...
    (sci.crypt)
  • Re: New mode for AES: "Packet Mode"
    ... carry significant data in the first block, the ECB-like first block, ... For protocols that carry no information in the first ... the attacker can try to guess any previous plaintext block Px. ...
    (sci.crypt)
  • Re: New mode for AES: "Packet Mode"
    ... carry significant data in the first block, the ECB-like first block, ... I have tried to figure out if using an IV of zero + CBC would be ... the attacker knows the IV ... the attacker can try to guess any previous plaintext block Px. ...
    (sci.crypt)
  • Re: Need secure block cipher for 96 bits of block size
    ... the last 32 bits of the encrypted first block, and append the other 32 bits ... the first block to give the overall 96 bits of ciphertext. ... then the first 32 bits of the ciphertext will match. ... plaintext space), this can leak information to an adversary. ...
    (sci.crypt)
  • Re: Hash functions and streaming
    ... :I have just heard that the SHA-1 ... :collision to occur, but only 2**69 hashes. ... Does this mean that they have reversed the hash back to plaintext? ... If the stream is very long and the compromised block is just 60 ...
    (comp.security.misc)