Compression side channel
Ben Laurie
ben at algroup.co.uk
Sun Sep 9 15:37:01 EDT 2001
Peter Wayner wrote:
>
> >
> >
> >b. I'm hoping to find out if anyone else has seen similar work
> >anywhere. I've not been able to find any references to this kind of
> >attack, though once you've had the idea to try it, it's really pretty
> >straightforward. (And I know there are a couple of occasional posters
> >on this list who know a heck of a lot more about compression algorithms
> >than I do. Peter, are you listening?)
>
> These are all good ideas, but I don't know how often you'll get to
> try them, much less use them enough to extract enough information.
>
> I wrote a paper a long time ago that tweaked compression algorithms.
> It wasn't meant to be secure, only ensure that the compression
> algorithms constantly changed the set of bits assigned to each
> character. This meant that a Huffman algorithm encoding 'e' as '0010'
> at one point would use '1011' later. It was a simple remapping of the
> compression tree so it wouldn't cost much.
>
> But I don't think it had any security on its own.
It also wouldn't help at all in this context, since all that is used is
the length, not the bits (which, inherently, you don't know anyway).
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list