W3C home > Mailing lists > Public > xml-encryption@w3.org > November 2000

RE: Encryption padding

From: Steve Wiley <steve@myProof.com>
Date: Wed, 15 Nov 2000 10:16:53 -0800
Message-Id: <4.3.2.7.2.20001115101223.00bb12b0@myProof.com>
To: "'hal@finney.org'" <hal@finney.org>, xml-encryption@w3.org

>
>-----Original Message-----
>From: hal@finney.org [mailto:hal@finney.org]
>Most encryption algorithms roughly preserve the length of the plaintext.
>They may pad it up to be a multiple of the the block size, usually 8 or
>16 bytes.  Therefore the length of the plaintext can be inferred from
>the length of the ciphertext, to within 8-16 bytes.
>
>This would be especially dangerous if you were encrypting enumerated
>attributes.  If they happened to have very different lengths then the
>leakage based on plaintext length could completely defeat the encryption.

Hal,

I am not sure I understand what you mean by "enumerated attributes".
Could you elaborate or give an example.

Thanks,
Steve Wiley <steve@myproof.com>
Received on Wednesday, 15 November 2000 13:16:17 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:42:18 GMT