[RC5] My contribution to RC5

gindrup at okway.okstate.edu gindrup at okway.okstate.edu
Tue Apr 7 11:30:02 EDT 1998

     Arithmetic encoding is a stream encoding, so it can be successively 
     reconstructed from successive blocks.
     If I am allowed to know how you're compressing, then I'm allowed to 
     know how you're encoding.  The assumptions are about a dedicated 
     attack, not a casual attack like DCTI's.
     Arithmetic encoding still requires a header to indicate the length 
     of the bitstream (if nothing else).  Regardless of where this header 
     is (it could be implemented as a trailer), decrypt that block first 
     and check its sanity.  If the decoded bitstream would be (much) 
     shorter than the compressed file, then the header is insane.  If the 
     decoded bitstream would be more than (say) 5 times larger than the 
     compressed file, then the header is insane.  Since such a value 
     would be stored in 32 or 64 bits (in a real implementation) it will 
     almost always be insane.
     Data without metadata is almost always useless.  In practice, 
     headers are critical to data transmission and handling.
     Encoding the data only requires a linear speedup (in most sane 
     implementations).  Decoding similarly requires linear speedup.  A 
     dedicated attack can make this a constant-time issue by throwing 
     more FPGAs at the problem.  This is not an effective mechanism of 
     blinding a message.
            -- Eric Gindrup ! gindrup at Okway.okstate.edu

______________________________ Reply Separator _________________________________
Subject: Re: Re[2]: [RC5] My contribution to RC5  
Author:  <rc5 at llamas.net> at SMTP
Date:    4/5/98 11:44 PM

> > If I wanted to send something secret, then as the final stage before encrypt
> > it, I would compress it into some format with no header information whatsoev
To unsubscribe, send 'unsubscribe rc5' to majordomo at lists.distributed.net
rc5-digest subscribers replace rc5 with rc5-digest

More information about the rc5 mailing list