[Cryptography] Low grade randomness for padding.
Richard Outerbridge
outer at interlog.com
Wed Feb 10 00:44:00 EST 2021
> On 2021-02-09 (40), at 20:22:23, Donald Eastlake <d3e3e3 at gmail.com> wrote:
>
> On Tue, Feb 9, 2021 at 4:15 PM Phillip Hallam-Baker
> <phill at hallambaker.com> wrote:
> ...
>> The ciphertext uses a more flexible tag-length-value encoding. The basic layout will be:
Of course, the old fashioned method was to pad with zeroes to a boundary, with the last byte
containing 0x01. Unfortunately, for eg AES this implies an additional known plaintext block
of some { 0x0000 0000 0000 0000 0000 0000 0000 0001 } bytes when no padding (1/16 or
1 : 15 odds) is required.
__outer
More information about the cryptography
mailing list