Rob/Garry, > The cryptographic transform must therefore provide protection against > meaningful ciphertext manipulation by an attacker.
The problem I already mentioned still remains: the sentence could imply that LRW-AES does provide protection against meaningful ciphertext manipulations. Changing the ciphertext gives one bit information in the corresponding plaintext (equal / not equal). It is fully predictable and easily exploitable. Therefore, I should like to change the sentence to something like: The cryptographic transform must therefore provide *some* protection against ciphertext manipulation by an attacker. Or The cryptographic transform must not allow more than one bit information carried over to the deciphered plaintext from ciphertext manipulation by an attacker. Laszlo > -------- Original Message -------- > Subject: Glossary term for 1619: shared media (wordsmithed) > From: "Rob Ewan" <[EMAIL PROTECTED]> > Date: Wed, May 24, 2006 12:36 pm > To: <[EMAIL PROTECTED]> > Cc: "Rob Ewan" <[EMAIL PROTECTED]> > > Here are some wordsmithing changes to the definition, based on my > earlier message. > > "Shared storage media:storage media that could potentially be accessed > in plaintext by multiple mutually-untrusted agents with authorized > access to different zones of the media, and may be accessed in > ciphertext by an attacker. " > > This covers the idea that the attacker may be a legitimate co-user of > (different portions of) the media, but may have malicious intentions > towards other users. The word-smithing on the other section proposed by > Shai (to expand the definition of attacker, and to think beyond the idea > of simply Denial-Of-Service attacks) would be something like: > > "A shared media can potentially be accessed in plaintext by multiple > agents, one of whom may also have unrestricted ciphertext access, > thereby rasing the possibility that an attacker can usefully manipulate > the encrypted storage. The cryptographic transform must therefore > provide protection against meaningful ciphertext manipulation by an > attacker." > > > -------- > ..Rob/Garry
