Compressed data vulnerable to known-plaintext?
anonymous-remailer at shell.portal.com
anonymous-remailer at shell.portal.com
Sat Jun 1 22:15:58 PDT 1996
Someone who claimed to be Mark M. said on Sat, 1 Jun 1996:
(I said:)
> > Why not simply use two session keys, and encrypt the headers with one
> > while encrypting the actual data with the other? That seems to solve both
> > problems, except that more CPU cycles are required.
>
> An easier solution would be to just strip of the headers. If the header is
> always the same, then it is redundant. If it varies, then it cannot be used
> as known-plaintext.
But then you still have the problem of identifying the contents. If there
were no headers, one could not tell if the message was compressed using
ZIP, LHA, StuffIt, tar*, compress, gzip, Alice's Magical Supercompressor,
or even if it was left alone. One could also not tell if the decryption
happened successfully.
( * Yes, I know tar is not compression. )
More information about the cypherpunks-legacy
mailing list