block-cipher weakness? - was: Re: twofish keysize

Per Tunedal Casual pt at
Wed Apr 28 21:48:41 CEST 2004

At 18:54 2004-04-26, you wrote:

 >On Thu, 22 Apr 2004, Per Tunedal Casual wrote:
 >> On average 32 GB is the limit i.e. the probability is 50 % that an
 >> adversary finds two identical blocks. But you might have bad luck and
 >> he might find two identical blocks in somewhat smaller files.
 >can someone explain to me why/how it's a vulnerability if an attacker
 >finds more than one block of cipher text that are the same?

I am not a cryptographer, but I suppose it gives a hint to find the key. 
That's why certain encryption modes like ECB (electronic code book 
encryption) should not be used. With ECB all similar blocks will get the 
same encryption.

 >would there be a benefit of using a stream cipher for large files?

I don't think it matters, se below.
 >is there a reason why OpenPGP doesn't specify any stream ciphers?
OpenPGP uses the encryption mode CFB , Werner Koch wrote recently. CFB is 
an encryption mode that turns a block cipher into a stream cipher ...

Per Tunedal

More information about the Gnupg-users mailing list