[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Compressed data vulnerable to known-plaintext?



On  1 Jun 96 at 19:13, [email protected] wrote:

[..]
> But then you still have the problem of identifying the contents.  If there
> were no headers, one could not tell if the message was compressed using
> ZIP, LHA, StuffIt, tar*, compress, gzip, Alice's Magical Supercompressor,
> or even if it was left alone.  One could also not tell if the decryption
> happened successfully.

Actually you could, since the actual encoding isn't random. It means 
something to the compressor.  And if you know something about 
compression algorithms you could probably make some good estimates. 
(I've seen some arguments that bit-wise a compressed file is easier 
to make a known plaintext attack against than an uncompressed text 
file...)

Try taking various small (but compressable) text files that are 
different and run them through compressors.  Ignore the usual 
compressor header information and look at a hex dump of the 
compressed data... think about it in terms of bits.  Look at the 
algorithm that encoded the data.

A good way to avoid known plaintext is to use a feedback mode with a 
random IV (from a good RNG!).  Not perfect, of course...

Rob.


 
---
No-frills sig.
Befriend my mail filter by sending a message with the subject "send help"
Key-ID: 5D3F2E99 1996/04/22 [email protected] (root@magneto)
        AB1F4831 1993/05/10 Deranged Mutant <[email protected]>
Send a message with the subject "send pgp-key" for a copy of my key.