[144446] in cryptography@c2.net mail archive
Re: Warning! New cryptographic modes!
daemon@ATHENA.MIT.EDU (Roland Dowdeswell)
Mon May 11 16:48:06 2009
To: Jerry Leichter <leichter@lrw.com>
Cc: Cryptography List <cryptography@metzdowd.com>
In-reply-to: Your message of "Sun, 10 May 2009 18:55:28 EDT."
<DFEEEC7B-08D8-4AE0-AC14-0F8E951745ED@lrw.com>
Date: Mon, 11 May 2009 14:16:45 -0400
From: Roland Dowdeswell <elric@imrryr.org>
On 1241996128 seconds since the Beginning of the UNIX epoch
Jerry Leichter wrote:
>
>So here we have it all: A new cryptographic mode, documented only in
>C code, being proposed for broad use with no analysis.
>
>In any case, there are obvious, well-understood solutions here: Use
>counter mode, which propagates changes by a single block of the
>cryptosystem. Or use any other stream cipher mode. (An interesting
>question is whether there's a mode that will recover from insertions
>or deletions. Perhaps something like: Use counter mode. If two
>consecutive ciphertext bytes are 0, fill the rest of the ciphertext
>block with 0's, jump the counter by 65536, and insert a special block
>containing the new counter value.)
I'm not convinced that a stream cipher is appropriate here because
if you change the data then you'll reveal the plaintext.
--
Roland Dowdeswell http://Imrryr.ORG/~elric/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
