[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

proposed solution to known plain text vulnerability

To: linux-crypto@xxxxxxxxxxxx
Subject: proposed solution to known plain text vulnerability
From: "N. E. Johnson" <NEJohnson@xxxxxxxxxxx>
Date: Mon, 05 Apr 2004 08:14:29 +0000
List-archive: <http://mail.nl.linux.org/linux-crypto/>
List-help: <mailto:ecartis@nl.linux.org?Subject=help>
List-id: <linux-crypto.nl.linux.org>
List-owner: <mailto:riel@nl.linux.org>
List-post: <mailto:linux-crypto@nl.linux.org>
List-software: Ecartis version 1.0.0
List-subscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=subscribe>
List-unsubscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=unsubscribe>
Sender: linux-crypto-bounce@xxxxxxxxxxxx
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7b) Gecko/20040402

Here is a proposed solution to known plain text vulnerability.

Create and store a segment of random data equal in size to the data being encrypted.

XOR the user data with stored random data.

Encrypt both the random segment and the user data with conventional block cipher methods.

Since the user data was XORed with randomness, reminiscent of OTP. This would prevent usage of a precomputed dictionary against known plain text.

Obviously, users of this solution double their storage requirements.

Attachment: signature.asc
Description: OpenPGP digital signature

Follow-Ups:
- Re: proposed solution to known plain text vulnerability
  - From: Pavel Minev Penev

Prev by Date: Mail Delivery System (linux-crypto@nl.linux.org)
Next by Date: Re: proposed solution to known plain text vulnerability
Previous by thread: Mail Delivery System (linux-crypto@nl.linux.org)
Next by thread: Re: proposed solution to known plain text vulnerability
Index(es):
- Date
- Thread