[Cryptography] "Zoom's end-to-end encryption isn't
Bill Frantz
frantz at pwpconsult.com
Tue Apr 7 22:50:28 EDT 2020
On 4/7/20 at 10:20 AM, leichter at lrw.com (Jerry Leichter) wrote:
>4. They apparently do use AES in ECB mode. In practical
>terms, when you are encrypting a compressed video stream ...
>how much does this really matter?
I think this might allow an attacker to find out what parts of
the image and what parts are not. My understanding of compressed
video is that the entire image is sent fairly frequently to
allow newcomers to start displaying the image, and to recover
from dropped packets. It sounds like it would be straight
forward to pull out the entire image packets based on timing
and/or size and then see where the differences are in the cypher text.
It may not be easy, but it seems possible enough to cause me to worry.
Cheers - Bill
-----------------------------------------------------------------------
Bill Frantz |Security, like correctness, is| Periwinkle
(408)348-7900 |not an add-on feature. - Attr-| 150
Rivermead Rd #235
www.pwpconsult.com |ibuted to Andrew Tanenbaum |
Peterborough, NH 03458
More information about the cryptography
mailing list