# Re: A cipher operates with more possible plaintexts than possible keys. What does this mean?

• From: Tom St Denis <tom@xxxxxxx>
• Date: Tue, 8 Mar 2011 06:36:48 -0800 (PST)

On Mar 8, 9:06 am, "ping pong" <mosescua...@xxxxxxxx> wrote:
Initial Des key string:
I looked up the table of 8 bit codes with odd number of ones.
I think this is  full table?:  http://telecom.tbi.net/ascii7o.html

So DES parity key rule means the starting key string must come from this
table?
It like an IBM typewriter!

As required if the whole table is used whenever you need a byte for the key
string
then there are indeed: (2^7). To choose from.

So that looks good tyo me?

------------------------------------
Now To the real Question:
-----------------------------------
1. Is the DES plaintext also to be restricted by this parity rule related to
keys?
So this table is also to be used for the plaintext.

No. The plaintext is 64-bits and they're all used.

2. If the DES plaintext is not also restricted by this parity rule:
a. The is looks as if it operates with 2^64 possible plaintexts and 2^56
possible keys.
set of possible keys = 0.00390625 x set of possible plaintexts?

Correct, so what?

b. Exactly what does it mean to operate a cipher such that
the number of possible plaintexts and possible keys are unequal in this way
and by this amount?

It means you can't use it as a hash construction.

3. Somehow I heard that ciphers were supposed to be:
- "balanced" mode?

Um, no. AES supports keys larger than the block size. The only
balanced I can think of is "balanced Feistel network" but that's a
whole other issue.

- or have more possible keys than possible plaintexts?

See AES.

Tom
.

• References:

## Relevant Pages

• Re: Bijective - an explanation please?
... :>: of all bitstrings of length n or less map to images that begin ... :> rejecting keys, though. ... If that's the case then a particular compressor might well be able to ... convert that knowledge into known plaintext. ...
(sci.crypt)
• Re: A basic cryptanalysis question
... >> appear out of his attack, he assumes he's recovered the plaintext. ... >include the keys in your construction. ... such a function look at my second order bijective compression of english ...
(sci.crypt)
• Re: =?iso-8859-15?Q?Verschl=FCsseltes?= Shared Secret?
... Keys getestet werden. ... denn diese sind eben genau /nicht/ voneinander Unabhaengig. ... Die Abhaengigkeit ist durch den identischen Plaintext gegeben! ... symmetrischen - um *Sicherheit* zu haben. ...
(de.comp.security.misc)
• Re: A basic cryptanalysis question
... he assumes he's recovered the plaintext. ... but only for what is known as a ciphertext-only attack. ... include the keys in your construction. ... decryption table for F and use a meet-in-the-middle strategy to recover the ...
(sci.crypt)
• Re: Double transposition cryptanalysis
... Stefan Krah wrote: ... >> I'll provide keys for other examples. ... the source of some of my non-original plaintext, ... really be obtained by treating it as a single transposition. ...
(sci.crypt)