epostma at nl.tue.win
Thu Feb 19 00:37:02 PST 2004
Hi all, been lurking for a _long_ while but couldn't resist jumping in
On Wed, 18 Feb 2004 12:19:38 -0600, Dagmar d'Surreal
<dagmar.wants at nospam.com> wrote:
> On Wed, 2004-02-18 at 06:01, Christopher James Coleman wrote:
> > As a side note, encrypted logs tend to be inherently weaker than
> > normal encrypted data. This is because they consist of a standard
> > output format. This makes cryptanalysis much easier. For example, if a
> > user can trigger a logging event by some action it is not that
> > difficult to work out what they have done -- repeat the event ad
> > nauseum, and you have a lot of predictable plain-text underneath that
> > encrpytion.
> This is _very_ true. Chosen/known plaintext attacks, especially with a
> sizeable volume of data, severely weaken the strength of the cipher.
No. In a public key cryptosystems you give the opponent _by definition_ an
encrypting oracle, enabling chosen plaintext attacks. If this would give
him or her any information on the private key, the encryption scheme could
not be used for _any_ useful work. Think about it for yourself: would you
publish your openPGP key if that would lessen the security of your private
key? What's keeping an opponent from encrypting any plaintext they want,
even without you knowing?
For those less versed in crypto jargon: a chosen plaintext attack is
the situation where the attacker could encrypt _any_
plaintext of their choosing and then tries to find information about the
private key used, or alternatively, tries to decrypt a given piece of
encrypted date. In a private key cryptosystem, this is exactly the
situation which we are in, so an encoding scheme that is not resistant to
this is completely useless.
Erik Postma (Email: reverse the order of nl, tue and win.)
GPG key: http://www.win.tue.nl/~epostma/gpg.key
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
More information about the hlfs-dev