[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: compression before encryption

To: "'Helger Lipmaa'" <helger@cyber.ee>
Subject: RE: compression before encryption
From: Jerome Etienne <jerome@psti.com>
Date: Fri, 11 Dec 1998 10:11:24 -0500
Cc: "'ipsec@tis.com'" <ipsec@tis.com>
Sender: owner-ipsec@ex.tis.com

i didnt find the paper, but you say it is applied only to differentially
weak cyphers.

Anyway being vulnerable to cyphertext-only attacks and less vulnerable
to known 
plain texts attacks is safer than being "fully" vulnerable to
cypher-text-only and known
plan texts attacks. no ?

On Thursday, December 10, 1998 7:40 PM, Helger Lipmaa
[SMTP:helger@cyber.ee] wrote:
> Note that there is actually very few known about the usage of
> cryptanalysis of the today's block ciphers with moderately reduntant
> sources. [BK98] does provide an evidence, that when using
differentially
> weak ciphers, having only lot of ciphertexts is enough to find the
key.
> Examples were provided for 8-round DES and RC5. (I don't have the
paper
> atm so I may be wrong).
> 
> [BK98] Alex Biryukov, Eyal Kushilevitz, "From Differential
Cryptanalysis
>        to Ciphertext-Only Attacks", Proceedings of CRYPTO '98.
> 
> Helger
> http://home.cyber.ee/helger

Follow-Ups:

RE: compression before encryption

From: Helger Lipmaa <helger@cyber.ee>

Prev by Date: No Subject
Next by Date: Hi
Prev by thread: Re: compression before encryption
Next by thread: RE: compression before encryption
Index(es):
- Main
- Thread