- From: <aaron.j.ferguson@us.pwcglobal.com>
- Date: Mon, 13 Nov 2000 08:25:28 -0500
- To: hal@finney.org
- Cc: xml-encryption@w3.org
Hal, Wow! This is an interesting comment (see below). Until now, I was unaware that there were ways to infer the length of plaintext from the length of ciphertext. It is my understanding that the initialization and/or synchronization vector used in encryption would mitigate the potential for plaintext length inference. Can you give me some examples of algorithms that do this because this has me really curious. "Most encryption algorithms roughly preserve the length of the plaintext. They may pad it up to be a multiple of the the block size, usually 8 or 16 bytes. Therefore the length of the plaintext can be inferred from the length of the ciphertext, to within 8-16 bytes." -Aaron Regards, Aaron J. Ferguson, Ph.D. PricewaterhouseCoopers LLP 1306 Concourse Drive, Suite 100 Linthicum, MD 21090 Voice: 410.412.7993 Fax: 410.412.7997 Email: aaron.j.ferguson@us.pwcglobal.com ABAS/TRS -- Balancing the need to connect with the need to protect ---------------------------------------------------------------- The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer.
Received on Monday, 13 November 2000 08:25:52 UTC