Peter Wayner (pcw@access.digex.net)
Mon, 6 Apr 1998 16:10:42 -0400
>> Here's my question: For what crypto systems is this impossible
>> to do without a copy of the key? We know that a one-time pad can
>> yield any message given the right key. So the kid couldn't pull
>> the right message out of thin air. But how likely is it that two
>> plausible messages will be emerge from the same DES encrypted
>> message.
>
>Depends on the plaintext and the length of the message. For
>English
>and a message of more than 30 characters or so, it's very unlikely
>that it can be done with any DES-like cipher. If the plaintext
>looks random, then of course any decryption becomes plausible.
Okay, let's try to look at this more logically. There are 2^{64}
possible inputs to DES and 2^{64} possible outputs. There are
only 2^{55} keys so we know from the beginning that given input
A and output B, the odds are pretty long that there exists a key
K to convert A into B.
But let S_B be the set of inputs to DES for which there exists
some key that will convert it into B. How big is this set? Is
this set the same size for all B? Is this set 2^{55} units big?
Does the insight that DES is probably not a group give us any
help here? The crypto-complete autistic person must be able to
pluck the right A out of this sea.
I would contend that if S_B is really close to 2^{55} units big,
then there should be plenty of neat messages in S_B. It's only
1/512 of all possible 8 byte messages.
If this is true, then I contend that any arbitrarily powerful
crypto-complete autistic wouldn't be able to decode one 8 byte
block message. However, I think two 8 byte blocks encrypted with
the same key is ANOTHER story.
Any insight?
-Peter
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:16:52 ADT