Re: frequency analysis
"Steven M. Bellovin" <smb@research.att.com> Sat, 31 August 2002 16:26 UTC
Received: from loki.ietf.org (loki [10.27.2.29]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id MAA06823; Sat, 31 Aug 2002 12:26:52 -0400 (EDT)
Received: (from adm@localhost) by loki.ietf.org (8.9.1b+Sun/8.9.1) id MAA14689 for ietf-outbound.10@loki.ietf.org; Sat, 31 Aug 2002 12:24:01 -0400 (EDT)
Received: from ietf.org (odin.ietf.org [10.27.2.28]) by loki.ietf.org (8.9.1b+Sun/8.9.1) with ESMTP id MAA14657 for <ietf-mainout@loki.ietf.org>; Sat, 31 Aug 2002 12:22:26 -0400 (EDT)
Received: by ietf.org (8.9.1a/8.9.1a) id MAA06721 for ietf-mainout@loki.ietf.org; Sat, 31 Aug 2002 12:20:53 -0400 (EDT)
X-Authentication-Warning: ietf.org: majordom set sender to owner-ietf@ietf.org using -f
Received: from mail-green.research.att.com (mail-green.research.att.com [135.207.30.103]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id MAA06669 for <ietf@ietf.org>; Sat, 31 Aug 2002 12:20:29 -0400 (EDT)
Received: from postal.research.att.com (postal.research.att.com [135.207.23.30]) by mail-green.research.att.com (Postfix) with ESMTP id 1EB321E049; Sat, 31 Aug 2002 12:21:31 -0400 (EDT)
Received: from berkshire.research.att.com (postal.research.att.com [135.207.23.30]) by postal.research.att.com (8.8.7/8.8.7) with ESMTP id MAA07923; Sat, 31 Aug 2002 12:21:30 -0400 (EDT)
Received: from research.att.com (localhost [127.0.0.1]) by berkshire.research.att.com (Postfix) with ESMTP id 72FC77B4C; Sat, 31 Aug 2002 12:21:29 -0400 (EDT)
X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4
From: "Steven M. Bellovin" <smb@research.att.com>
To: "David J. Aronson" <dja2001@att.net>
Cc: ietf@ietf.org
Subject: Re: frequency analysis
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Date: Sat, 31 Aug 2002 12:21:29 -0400
Message-Id: <20020831162129.72FC77B4C@berkshire.research.att.com>
Sender: owner-ietf@ietf.org
Precedence: bulk
X-Loop: ietf@ietf.org
In message <3D70E0AC.230D6250@att.net>, "David J. Aronson" writes: >John Stracke wrote: >> >> David J. Aronson wrote: >> >> >Now, suppose you salt the plaintext with rarer characters, so as to >> >flatten out the distribution. >> >> I believe compression has the same effect, actually--compression uses >> fewer bits for common characters, and the result is that the >> distribution of bytes is flatter, and harder to attack. > >Come to think of it, that's even better than the salting I was >proposing, as it (usually) isn't restricted to printable chars. So, >let's go with that approach. Say you take the plaintext, zip it, then >encrypt it. The question remains, given that the frequency distribution >is fairly even, how does a cryptanalysis program know when it's got it >right? (If "they" know you've used a specific publicly available >compression program, they can look for its "signature" at the start, but >let's ignore that for now....) > This is not a question for the IETF list. But elementary cryptographic theory says that you can't assume that the algorithm is secret. Even if it is, you can often make progress by looking for patterns. See, for example, the discussion of two-packet attacks in http://www.research.att.com/~smb/papers/probtxt.ps (or .pdf) for one possible approach. --Steve Bellovin, http://www.research.att.com/~smb (me) http://www.wilyhacker.com ("Firewalls" book)
- Re: frequency analysis Steven M. Bellovin
- Re: frequency analysis David J. Aronson