[cryptography] Isn't it odd that...

ianG iang at iang.org
Wed Jan 30 04:32:38 EST 2013

On 30/01/13 06:40 AM, Thor Lancelot Simon wrote:
> ...despite all the attacks we've seen on compresion-before-encryption, and all the timing
> atatacks we've seen on encryption, and the highly data-dependent computational effort
> associated with compression (including in widespread, hardware-accelerated, and valuable
> applications like lossy video compression, where the complexity of the input, even in
> applications where hardware escrow of some kind hides a session key, is exposed by the
> encoding of the output)...
> ..we haven't really seen any known-plaintext key recovery attacks facilitated by timing
> analysis of compressors applied prior to encryption?

My immediate reaction is that if you can do a chosen plaintext key 
recovery attack, you don't need the assistance of compression timing?

And, if you're trying to just resort to a plaintext recovery, this is a 
very high burden because you have to work with one message worth of 
data, and all you get is .. one message worth of plaintext.

But it's a nice puzzle.


More information about the cryptography mailing list