W3C home > Mailing lists > Public > xml-encryption@w3.org > November 2000

Plaintext inference

From: <aaron.j.ferguson@us.pwcglobal.com>
Date: Mon, 13 Nov 2000 08:25:28 -0500
To: hal@finney.org
Cc: xml-encryption@w3.org
Message-id: <85256996.0049AAA9.00@intlnamsmtp20.us.pw.com>


Hal,

Wow! This is an interesting comment (see below). Until now, I was unaware that
there were ways to infer the length of plaintext from the length of ciphertext.
It is my understanding that the initialization and/or synchronization vector
used in encryption would mitigate the potential for plaintext length inference.
Can you
give me some examples of algorithms that do this because this has me really
curious.

"Most encryption algorithms roughly preserve the length of the plaintext.
They may pad it up to be a multiple of the the block size, usually 8 or
16 bytes.  Therefore the length of the plaintext can be inferred from
the length of the ciphertext, to within 8-16 bytes."

-Aaron

Regards,

Aaron J. Ferguson, Ph.D.
PricewaterhouseCoopers LLP
1306 Concourse Drive, Suite 100
Linthicum, MD 21090
Voice: 410.412.7993
Fax: 410.412.7997
Email: aaron.j.ferguson@us.pwcglobal.com

ABAS/TRS -- Balancing the need to connect with the need to protect
----------------------------------------------------------------
The information transmitted is intended only for the person or entity to which
it is addressed and may contain confidential and/or privileged material.  Any
review, retransmission, dissemination or other use of, or taking of any action
in reliance upon, this information by persons or entities other than the
intended recipient is prohibited.   If you received this in error, please
contact the sender and delete the material from any computer.
Received on Monday, 13 November 2000 08:25:52 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:42:18 GMT