[cryptography] non-decryptable encryption

Jon Callas jon at callas.org
Tue Jun 19 03:09:46 EDT 2012

Hash: SHA1

I am reminded of an article my dear old friend, Martin Minow, did in Cryptologia ages ago. He wrote the article I think for the April 1984 issue. It might not have been 1984, but it was definitely April.

In it, he described a cryptosystem in which you set the key to be the same as the plaintext and then XOR them together. There is a two-fold beauty to this. 

First that you have full information-theoretic security on the scheme. It is every bit as secure as a one-time pad without the restrictions of a one-time pad as to randomness of the keys and so on. 

The second wonderful property is that the ciphertext is compressible. Usually cipher text is not compressible, but in this case it is. Moreover, it is *maximally* compressible. The ciphertext can be compressed to a single bit and the ciphertext length recovered after key distribution.

I think that non-decryptable encryption really needs to cite Minow's pioneering work.


Version: PGP Universal 3.2.0 (Build 1672)
Charset: us-ascii


More information about the cryptography mailing list