[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Quor's cipher

To: [email protected]
Subject: Re: Quor's cipher
From: Antonomasia <[email protected]>
Date: Sat, 4 Oct 1997 22:51:57 +0100
Sender: [email protected]

[email protected] (Matt Ghio) writes:

> What about this:

> If (a+b)^(a0+b0) == 0, then the plaintext is the same as the ciphertext.
> This happens for one out of every 256 bytes.  Ordinarilly this isn't a
> problem, but if the key is reused, and there is no IV, it can leak a byte
> of plaintext.

> So it seems that you would need to change the key for each message, or at
> least use a random initialization vector.

How are you planning to detect which bytes are passed in this way ?
Chosen plaintext attacks would do it, and show where (a+b)^(a0+b0) == 0.
Looks like you've just doubled our progress.

If the key is reused with a different message I don't think there's a
weakness.  An IV is a good idea, but aren't we _attacking_ this thing ?

I've grabbed a few search-engine hits and not read them yet.  I'll be
looking for clues there.

--
##############################################################
# Antonomasia   [email protected]                      #
# See http://www.notatla.demon.co.uk/                        #
##############################################################

Follow-Ups:
- Re: Quor's cipher
  - From: [email protected] (Matthew Ghio)

Prev by Date: Fucking Deadbeats!
Next by Date: Nice quote
Prev by thread: Re: Quor's cipher
Next by thread: Re: Quor's cipher
Index(es):
- Date
- Thread