[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

*To*: [email protected] (Vladimir Z. Nuri)*Subject*: Re: maximizing cryptographic return*From*: SINCLAIR DOUGLAS N <[email protected]>*Date*: Sun, 3 Sep 1995 23:15:58 -0400*Cc*: [email protected]*In-Reply-To*: <[email protected]>; from "Vladimir Z. Nuri" at Sep 3, 95 9:49 pm*Sender*: [email protected]

> I was wondering how secure the following algorithm would be for phone > calls: suppose that at the beginning of each session, the random > key is traded using RSA or some other very secure approach. the > key is a *random bit width*, say 100-6000 bits. now, my question is, > I wonder if some very cheap algorithms, in terms of computation time, > could be used for the "on the fly" encryption of the voice using those > bit. would XOR with the pad be totally out of line? > > the situation is such that trivial algorithms such as XOR with *unlimited > cyphertext* can be broken quite trivially. but it seems to me this > dogma that "XOR is WEAK" is based on the premise that you have a huge > amount of cyphertext to play with. take away this premise, that you > have a session key that is guaranteed to really give you very little > cyphertext, do these supposedly "weak" algorithms then become pretty > secure? No, XOR is weak if used even twice. If you XOR the two pieces of cyphertext with each other, you get the two plaintexts XORed. I'd be willing to bet that the human ear can understand two audio signals XORed. Certainly with practice people can understand audio that has been encrypted with frequency inversion. Pre-encryption compression would solve this, but XOR is still very weak.

**References**:**maximizing cryptographic return***From:*"Vladimir Z. Nuri" <[email protected]>

- Prev by Date:
**Re: Crypto '95: Robert Morris** - Next by Date:
**rump session papers** - Prev by thread:
**maximizing cryptographic return** - Next by thread:
**Re: maximizing cryptographic return** - Index(es):