On Sep 10, 2013, at 6:43 PM, Nemo <n...@self-evident.org> wrote: > > "GET / HTTP/1.1\r\n" is exactly 16 bytes, or one AES block. If the IV is > sent in the clear -- which it is -- that is one plaintext-ciphertext > pair right there for every HTTPS connection. > > In fact, _any_ aligned 16 bytes of plaintext in the conversation that > are known, or that are in a guessable range, represent a > plaintext/ciphertext pair if either of the following are true: > > 1) You sent the IV in the clear > 2) You used CBC mode > > Of the modes I know (CBC, CTR, GCM, et. al.), the only one that does not > freely give up such plaintext/ciphertext pairs is OCB.
according to http://en.wikipedia.org/wiki/Padding_(cryptography) , most protocols only talk about padding at the end of the cleartext before encryption. now, how about adding some random at the beginning of the cleartext, say, 2.5 times the block size, that is 40 bytes for the example above, of random stuff before the interesting text appears ? - Raphael
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography
