[Cryptography] Dan Bernstein has a new blog entry on key breaking
Phillip Hallam-Baker
phill at hallambaker.com
Mon Nov 23 12:30:08 EST 2015
On Mon, Nov 23, 2015 at 11:17 AM, Perry E. Metzger <perry at piermont.com>
wrote:
> On Sat, 21 Nov 2015 22:05:05 -0500 Phillip Hallam-Baker
> <phill at hallambaker.com> wrote:
> > There are a couple of ways to defeat this type of attack. One would
> > be to effectively randomize the plaintext by pre-encrypting with
> > something like RC4. This would make it much harder to use the
> > 'guessable plaintext' attack.
>
> That vaguely reminds of DES-X
>
> https://en.wikipedia.org/wiki/DES-X
>
> The DES-X trick always struck me as cheesy -- it should not work,
> since what it does is incredibly lame. And yet it seemed to be very
> hard to attack.
>
Unless someone was to goof and leak the key by screwing up the XOR.
Problem is that you need to know the XOR value or the key for the other
en-whitener (e.g. RC4). If you don't have a separate key derivation
mechanism, you aren't actually getting the benefit. You have just invented
a new cipher with an extra round. Albeit an extra round of a very different
kind.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20151123/f8bde33b/attachment.html>
More information about the cryptography
mailing list