Register article on using non-randomness of encrypted file content to reduce time needed to decrypt by brute force
Tony Naggs
tonynaggs at gmail.com
Thu Aug 15 17:28:10 BST 2013
I cannot see what is news in the Register or MIT descriptions, though I
have not yet read the referenced PDF.
Where the range of valid plaintexts is relatively small there are
opportunities for an attacker with access to the ciphertext to improve
their strategy for guessing the decryption key.
In classic character by character encryption most encryption schemes are
vulnerable to techniques such as frequency analysis.
Mitigations for modern (mostly block) ciphers increase the entropy in the
plaintext, e.g. compression before encryption (as practiced by PGP),
padding with random nonces, using chained encryption modes instead of
Electronic Code Book, (NIST make specific suggestions for the best modes to
use with DES and AES).
Ttfn, Tony
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.chiark.greenend.org.uk/pipermail/ukcrypto/attachments/20130815/9b5f1d19/attachment.html>
More information about the ukcrypto
mailing list