In message <3D70E0AC.230D6250@att.net>, "David J. Aronson" writes: >John Stracke wrote: >> >> David J. Aronson wrote: >> >> >Now, suppose you salt the plaintext with rarer characters, so as to >> >flatten out the distribution. >> >> I believe compression has the same effect, actually--compression uses >> fewer bits for common characters, and the result is that the >> distribution of bytes is flatter, and harder to attack. > >Come to think of it, that's even better than the salting I was >proposing, as it (usually) isn't restricted to printable chars. So, >let's go with that approach. Say you take the plaintext, zip it, then >encrypt it. The question remains, given that the frequency distribution >is fairly even, how does a cryptanalysis program know when it's got it >right? (If "they" know you've used a specific publicly available >compression program, they can look for its "signature" at the start, but >let's ignore that for now....) > This is not a question for the IETF list. But elementary cryptographic theory says that you can't assume that the algorithm is secret. Even if it is, you can often make progress by looking for patterns. See, for example, the discussion of two-packet attacks in http://www.research.att.com/~smb/papers/probtxt.ps (or .pdf) for one possible approach. --Steve Bellovin, http://www.research.att.com/~smb (me) http://www.wilyhacker.com ("Firewalls" book)