... darkrealms ...

Forums before death by AOL, social media and spammers... "We can't have nice things"

comp.os.linux.misc

Linux-specific topics not covered by oth

135,536 messages

[ << oldest | < older | list | newer > | newest >> ]

Message 134,219 of 135,536

Richard Kettlewell to John Levine

Re: one time pads, not Python

02 Jan 26 09:15:11

   XPost: alt.folklore.computers   
   From: invalid@invalid.invalid   

   John Levine  writes:   
   > According to c186282  :   
   >>   If you know something ABOUT 'the pad' - like how   
   >>   many letters/numbers and how it's used - that may   
   >>   offer some attack options, at least narrow things   
   >>   down at bit.   
   >   
   > No, a real OTP is unbreakable.  The problem is that for every byte of   
   > message you need a byte of key, so distributing the keys and using   
   > them correctly is a logistical nightmare.   

   OTPs are broken in the sense that they are malleable. It’s easy for an   
   attacker to modify the encrypted message, if they know anything about   
   its expected structure.   

   For example, an encrypted financial transaction is likely to have the   
   amount of money to be sent at a predictable offset, so all the attacker   
   needs to do is flip one of the higher bits in that field and the victim   
   spends a great deal more money than they intended. If the pad is applied   
   using XOR (a natural approach today) then they can achieve that by   
   flipping the corresponding bit in the ciphertext.   

   The need for symmetric encryption systems to include a MAC to prevent   
   this kind of issue has been understood for a long time.   

   --   
   https://www.greenend.org.uk/rjk/   

   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)

[ << oldest | < older | list | newer > | newest >> ]