Cryptology from the Romans to World War II - Cryptology Unlocked

Cryptography Reference

In-Depth Information

•

Second, the algorithm is extremely vulnerable to the most important

cryptanalytic approach, the plaintext attack (see above). Even if an

attacker knows nothing but the original (i.e., the plaintext) of an encrypted

message, he can recover at least large parts of the key — the remainder

results from 'idiomatic experiment', as described above in connection

with the Gold Bug example. Of course, this holds true for all substitution

methods. We will see later in this chapter that a piece of plaintext is

normally known in practice. A good encryption algorithm must resist

such attacks under reasonable assumptions.

Homophone substitution makes poor use of a language's inner rules. With

today's computer technologies, it would surely allow an adversary to mount

attacks even without knowing anything about the plaintext and about the key

creation. But I think this kind of stuff doesn't interest anybody anymore. The

weaknesses of this method are too serious, or are they ... ?

2.2.3 What If I First Compressed the Text?

... you might ask. Software or hardware compression is matter-of-factly in the

computer age, because it cuts down file sizes considerably (e.g., by a factor of 3

or even 10) without losing any of their contents. The files can be decompressed

and their contents restored at any time.

Compressed files are distributed pretty much equally, i.e., all characters are

more or less equally frequent (that much for a jump into the computer age,

talking of the 256 values a byte can have rather than of 26 letters). Frequency

analysis doesn't do the trick any more. Does that mean more security? No, for

two reasons:

•

First, reconstructing the key during a plaintext attack remains as simple

as if the beginning of the message were known. You just have to first

compress the known beginning of the message and then compare the

compressed product with the ciphertext.

•

Second, though the compressed product appears to be equally distributed,

it is by no means random. To exploit the careless use of combined sub-

stitution and compression, I recommend proceeding as follows:

Every compression method places special information — so-called magic num-

bers — at the beginning to identify the method. A poor method would already

disclose the first elements of the key.

Search WWH ::

Custom Search

Home