handling weak keys using random selection and CSPRNGs
Perry E. Metzger
perry at piermont.com
Fri Oct 13 09:25:16 EDT 2006
"Travis H." <solinym at gmail.com> writes:
> On 10/12/06, Leichter, Jerry <leichter_jerrold at emc.com> wrote:
>> Beyond that: Are weak keys even detectable using a ciphertext-only
>> attack (beyond simply trying them - but that can be done with *any* small
>> set of keys)?
>
> Yes, generally, that's the definition of a weak key.
No, that is not the definition of a weak key.
Look at DES weak keys, for example. They are simply keys for which the
encryption and decryption transform are identical -- encrypting twice
with the weak key returns you to the plaintext -- but they are not in
some way obviously detectable without trying them.
Might I suggest reading the literature on this before discussing it
further?
Perry
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list