[119053] in cryptography@c2.net mail archive
Re: [p2p-hackers] convergent encryption reconsidered
daemon@ATHENA.MIT.EDU (=?UTF-8?Q?Ivan_Krsti=C4=87?=)
Sun Mar 30 11:06:50 2008
Cc: tahoe-dev@allmydata.org,
Cryptography <cryptography@metzdowd.com>
From: =?UTF-8?Q?Ivan_Krsti=C4=87?= <krstic@solarsail.hcs.harvard.edu>
To: theory and practice of decentralized computer networks <p2p-hackers@lists.zooko.com>
In-Reply-To: <2643EAE6-73D6-4B94-AC8A-B71FBD323F79@zooko.com>
Date: Sun, 30 Mar 2008 05:17:52 -0400
On Mar 20, 2008, at 3:42 PM, zooko wrote:
> They extended the confirmation-of-a-file attack into the
> learn-partial-information attack. In this new attack, the
> attacker learns some information from the file. This is done by
> trying possible values for unknown parts of a file and then
> checking whether the result matches the observed ciphertext.
How is this conceptually different from classic dictionary attacks, =20
and why does e.g. running the file through PBKDF2 and using the result =20=
for convergence not address your concern(s)?
--
Ivan Krsti=C4=87 <krstic@solarsail.hcs.harvard.edu> | http://radian.org
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
