[Cryptography] Impossible trapdoor systems (was Re: Opening Discussion: Speculation on "BULLRUN")

James A. Donald jamesd at echeque.com
Sun Sep 8 20:37:47 EDT 2013

On 2013-09-09 4:49 AM, Perry E. Metzger wrote:
> Your magic key must then take any block of N bits and magically
> produce the corresponding plaintext when any given ciphertext
> might correspond to many, many different plaintexts depending
> on the key. That's clearly not something you can do.

Suppose that the mappings from 2^N plaintexts to 2^N ciphertexts are not 
random, but rather orderly, so that given one element of the map, one 
can predict all the other elements of the map.

Suppose, for example the effect of encryption was to map a 128 bit block 
to a group, map the key to the group, add the key to the block, and map 
back.  To someone who knows the group and the mapping, merely a heavily 
obfuscated 128 bit Caesar cipher.

No magic key.

More information about the cryptography mailing list