- From: Joseph M. Reagle Jr. <reagle@w3.org>
- Date: Thu, 01 Feb 2001 13:21:27 -0500
- To: hal@finney.org
- Cc: IMAMU@jp.ibm.com, hal@finney.org, kotok@w3.org, xml-encryption@w3.org
At 10:01 2/1/2001 -0800, hal@finney.org wrote: >The second leak, more practical, is that someone could verify a guess at >the contents of the encrypted-and-signed material. Particularly if the >data is relatively small, or it is of some standard form (a boilerplate >contract with only a few fields having variation), this may be practical >in some circumstances. In this case the strength of the encryption is >completely defeated by having the hash available. Is this because the search over messages yielding the hash of the plaintext is faster than the search over the messages yielding the ciphertext? __ Joseph Reagle Jr. http://www.w3.org/People/Reagle/ W3C Policy Analyst mailto:reagle@w3.org IETF/W3C XML-Signature Co-Chair http://www.w3.org/Signature W3C XML Encryption Chair http://www.w3.org/Encryption/2001/
Received on Thursday, 1 February 2001 13:21:45 UTC