small security glitches

Peter Lebbing peter at
Sat Mar 3 10:59:00 CET 2012

On 03/03/12 01:25, brian m. carlson wrote:
> It is not true that encryption amounts to XORing the message text
> against the secret key.
> [snip]
>  Also, CFB mode, what is XORed is the output of a block cipher
> encryption of the previous ciphertext.

And the paper exploits exactly this fact by interleaving original ciphertext and
chosen ciphertext so they can XOR to get the original keystream for a block of
original ciphertext.

The paper is only 12 pages, so if the summaries Post Cartner or Tom McCune give
are unclear, it won't take forever to read the actual paper to clear it up.


I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at

More information about the Gnupg-users mailing list