Prev: My attempt to break Rijndael (SAT-attack)
Next: RSA-1024 verilog
From: Dane Smith on 8 Mar 2007 23:25
Kristian Gj�steen wrote:
> Dane Smith <dasmith6(a)cse.buffalo.edu> wrote:
>> What I am proposing is something where
>> each independent block encrypts to something different every time, even
>> in ECB mode where there is no IV.
>
> It is easy to see that the output must be bigger than the input for this
> to be possible. This means that you will be using more space for your
> randomness that you do in CBC mode (where the IV is the overhead).
>
This is true. The IV would have to be sent or stored, so there could be
some increase there though it would be constant while the other would be
proportional. Is that little bit of extra space necessarily bad though?

Dane
From: JR on 8 Mar 2007 23:36
One could insert a random byte every n bytes. So it is possible. Is it
useful?

JR

muCtvp/fr/lo

"Will Dickson" <wrd(a)NOSPAM.glaurung.demon.co.uk> ???
??????:pan.2007.03.08.22.32.14.838283(a)NOSPAM.glaurung.demon.co.uk...
> On Thu, 08 Mar 2007 16:36:23 -0500, Dane Smith wrote:
>
>> Just out of my own curiosity, how do people feel about a block cipher
>> which encrypts the same message using the same key to any one of many
>> possible ciphertexts. I'm not entirely sure this has ever been done to
>> any great length, though, it is quite possible I have missed something.
>> Does anyone believe that it is even necessarily possible?
>
> How would you decrypt it?
>
>
> Will.
>


From: arsonperbuilding on 9 Mar 2007 02:51
On Mar 8, 5:17 pm, Dane Smith <dasmi...(a)cse.buffalo.edu> wrote:

> But, assuming you have the same IV, then you still have the same output.
> IV's are normally associated with CBC mode in block ciphers, assuming Im
> not mistaken. What I am trying to describe is something that with the
> same exact input, key, IV, plaintext, would still be able to vary in output.
>
> Dane

Say you had an encryption function E(K,IV,m)=c and a decryption
function D(K,IV,c)=m.
If E(K,IV,m1)=c1 and E(K,IV,m1)=c2, where c1 != c2, how would your
decryption function know how to properly turn the ciphertext back into
proper plaintext?

From: Kristian Gj�steen on 9 Mar 2007 03:04
Dane Smith <dasmith6(a)cse.buffalo.edu> wrote:
>This is true. The IV would have to be sent or stored, so there could be
>some increase there though it would be constant while the other would be
>proportional. Is that little bit of extra space necessarily bad though?

Unless there is some benefit, it is bad.

--
Kristian Gj�steen
From: Amitabh on 9 Mar 2007 08:27
On Mar 9, 9:04 am, Kristian Gjøsteen <kristiag+n...(a)math.ntnu.no>
wrote:
> Dane Smith <dasmi...(a)cse.buffalo.edu> wrote:
>
> >This is true. The IV would have to be sent or stored, so there could be
> >some increase there though it would be constant while the other would be
> >proportional. Is that little bit of extra space necessarily bad though?
>
> Unless there is some benefit, it is bad.
>
> --
> Kristian Gjøsteen

Out of curiosity, can there exist a probabilistic symmetric encryption
scheme? (i.e. the IV need not be sent, some random number (IV) is used
for encryption but discarded after that.. only the key is used for
decryption.

First  |  Prev  |  Next  |  Last
Pages: 1 2 3 4 5
Prev: My attempt to break Rijndael (SAT-attack)
Next: RSA-1024 verilog