block-cipher weakness? - was: Re: twofish keysize
Per Tunedal Casual
pt at radvis.nu
Wed Apr 28 21:48:41 CEST 2004
At 18:54 2004-04-26, you wrote:
>On Thu, 22 Apr 2004, Per Tunedal Casual wrote:
>> On average 32 GB is the limit i.e. the probability is 50 % that an
>> adversary finds two identical blocks. But you might have bad luck and
>> he might find two identical blocks in somewhat smaller files.
>can someone explain to me why/how it's a vulnerability if an attacker
>finds more than one block of cipher text that are the same?
I am not a cryptographer, but I suppose it gives a hint to find the key.
That's why certain encryption modes like ECB (electronic code book
encryption) should not be used. With ECB all similar blocks will get the
>would there be a benefit of using a stream cipher for large files?
I don't think it matters, se below.
>is there a reason why OpenPGP doesn't specify any stream ciphers?
OpenPGP uses the encryption mode CFB , Werner Koch wrote recently. CFB is
an encryption mode that turns a block cipher into a stream cipher ...
More information about the Gnupg-users