An idle thought on CBC and block lengths
osborne at gateway.grumman.com
Wed Sep 25 09:16:41 PDT 1996
So I was sitting bored at home and thinking to myself: CBC is cool.
Without the key, you're screwed because a single bit error propagates
throughout the entire message. But then I was thinking, yeah, but you can
still eventually get the ONE key. So I began to wonder what the difference
in security is between encrypting an entire M with just one K in CBC, or
encrypting M with permutations of K over specific block lengths.
On the one hand you've got just one key, which makes it that much harder to
find in the keyspace. On the other hand, If evil interloper Eve gets her
hands it, she has to find all of the keys to get all of M. (Assuming she
is using brute force and can't necessarily find the master K to permute
into the subkeys.)
The downsides are of course that on the one side you've got just one key,
and once you get it, you get M. But on the other hand, you can get any one
part of the message with less difficulty because of the higher number of
keys. And, of course, if your master K is easy to brute force, then it's
actually worse than the first option.
Does anyone have opinions / knowledge of which is better?
Rick Osborne osborne at gateway.grumman.com
"The universe doesn't give you any points for doing things that are easy."
More information about the cypherpunks-legacy