[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Compressed data vulnerable to known-plaintext?

To: [email protected]
Subject: Re: Compressed data vulnerable to known-plaintext?
From: [email protected]
Date: Sat, 1 Jun 1996 19:13:39 -0700
Comments: This message is NOT from the person listed in the Fromline. It is from an automated software remailing service operating atthat address.THE PORTAL SYSTEM DOES NOT CONDONE OR APPROVE OF THE CONTENTS OF THISPOSTING. Please report problem mail to <[email protected]>.
Sender: [email protected]

Someone who claimed to be Mark M. said on Sat, 1 Jun 1996:

    (I said:)
> > Why not simply use two session keys, and encrypt the headers with one 
> > while encrypting the actual data with the other? That seems to solve both 
> > problems, except that more CPU cycles are required.
> 
> An easier solution would be to just strip of the headers.  If the header is
> always the same, then it is redundant.  If it varies, then it cannot be used
> as known-plaintext.

But then you still have the problem of identifying the contents.  If there
were no headers, one could not tell if the message was compressed using
ZIP, LHA, StuffIt, tar*, compress, gzip, Alice's Magical Supercompressor,
or even if it was left alone.  One could also not tell if the decryption
happened successfully.

( * Yes, I know tar is not compression. )

Follow-Ups:
- Re: Compressed data vulnerable to known-plaintext?
  - From: "Mark M." <[email protected]>

Prev by Date: Re: Saw this on CNN: Anonymous Stock tips over IRC as bad???
Next by Date: Reply to anonymous ping.
Prev by thread: Fwd: Re: Class III InfoWar
Next by thread: Re: Compressed data vulnerable to known-plaintext?
Index(es):
- Date
- Thread