On 09/25/2013 03:51 PM, Jonathan Katz wrote:

On Wed, Sep 25, 2013 at 1:30 PM, Greg Rose <ggr@seer-grog.net <mailto:ggr@seer-grog.net>> wrote:

On Sep 25, 2013, at 9:40 , Jonathan Katz <jkatz@cs.umd.edu <mailto:jkatz@cs.umd.edu>> wrote: > "Every cipher is breakable, given enough traffic": in principle, yes, as long as the traffic (formally, the entropy of the traffic) is larger than the key length.

You misstated this. It's breakable if the *redundancy* of the traffic is larger than the key length.

Not so; this is most easily seen by taking the uniform distribution over n-bit messages, in which case the entropy is n and the redundancy is 0.

regards, Greg.

_______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography

If the message is chosen from a uniform distribution over n bits (and assuming that the message is not used for something else after it is deciphered), the adversary will not be able to distinguish a correctly deciphered message from an incorrectly deciphered message, no matter how short the key is in comparison to the data. Now, you could easily argue that there is absolutely no reason to send a message with those properties, but that isn't really the point. -- KmNJcjeUDRXMu6riH0KAK9Og8WAaAT8oXcbnFIij5djCP4v+6GTFxnHoHzvW NTL+4ZPiGUqerypkfsDfEOcO+i6ZlY59G79tEMwR0fsKO9w9MLbv6Odz5RxY JZgUsZJ8lZWx/zBsL4oqU60k+EFbV14fSUVoaRpazy1ozgQFdi2SdfHTB41y 7SsMX/JlevnnBj/GhUyFlXPr2kwechOSy5W74iVbUaOpeYMqNIx3jCmZfjez Gi+sS8ghQB8y5b9NgYTlR7HBh+leObqQX/R5bAkyPyh2oDOlFbD2HQiCsiB9 Uj/qLtG3CaZQVtkCSC1s3NschLBgWHfQ9xkb3Peqzg==