Re: DEK-Info with multiple parameters

Carl,

        If one were to include the "To:" field at the beginning of an
ENCRYPTED PEM message, as might occur if one used a PEM-filter rather
than an integrated PEM module, then the string of predictable text
will most likely extend into the 9-16th bytes, which obviates the
utility of encrypting the IV.  There are lots of circumstances where
there will be predictable text later in the message, e.g., at the end.
whihc will suffice to provide a know plaintext attack with a mode such
as CBC, that's why I cannot get too concerned by the suggestion that
the IV should be encrypted.

        One should have sufficient confidence in the underlying
algorithm so as not to worry about this level of incremental
vulnerability.  I agree that a case can me made for instances where
the plaintext is more predictable in the first 8 bytes, but in the
grand scheme of things, it really strikes me as in the noise.

Steve

<Prev in Thread]	Current Thread	[Next in Thread>
DEK-Info with multiple parameters, Jeff Thompson Re: DEK-Info with multiple parameters, David M. Balenson Re: DEK-Info with multiple parameters, Carl Ellison Re: DEK-Info with multiple parameters, Steve Kent Re: DEK-Info with multiple parameters, gnu Re: DEK-Info with multiple parameters, Steve Kent Re: DEK-Info with multiple parameters, Raymond Lau Re: DEK-Info with multiple parameters, Carl Ellison Re: DEK-Info with multiple parameters, Steve Kent <= Re: DEK-Info with multiple parameters, Carl Ellison Re: DEK-Info with multiple parameters, Raymond Lau

Previous by Date:	Encrypted IV's, TCJones(_at_)dockmaster(_dot_)ncsc(_dot_)mil
Next by Date:	Re: Encrypted IV's, Steve Kent
Previous by Thread:	Re: DEK-Info with multiple parameters, Carl Ellison
Next by Thread:	Re: DEK-Info with multiple parameters, Carl Ellison
Indexes:	[Date] [Thread] [Top] [All Lists]