Timeline for Understanding the impact of partitioning oracle attacks on stream ciphers
Current License: CC BY-SA 4.0
16 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Mar 9, 2021 at 13:53 | history | edited | kelalaka | CC BY-SA 4.0 | small correction to test the Illuminator. |
| Mar 9, 2021 at 12:38 | vote | accept | Woodstock | ||
| Mar 9, 2021 at 11:43 | answer | added | kelalaka | timeline score: 5 | |
| Mar 9, 2021 at 8:44 | comment | added | Woodstock | @kelalaka thanks for your view and time here, so I guess chacha/salsa-poly with a strong key is still good. Do you want to add an answer addressing my questions and I'll mark as correct? | |
| Mar 9, 2021 at 0:46 | comment | added | kelalaka | A short answer: It is not about the key, It is about the password space. If one uses dicewire then all attacks are infeasible. Still, the non-commitment of GCM and Poly1305 can be a problem around. One doesn't reduce the keyspace, one just uses effective search on the known password set. Since we cannot control each user perfectly, they talk about 800K password set, switching HMAC is a good action. | |
| Mar 9, 2021 at 0:00 | history | tweeted | twitter.com/StackCrypto/status/1369075477885894656 | ||
| Mar 8, 2021 at 21:35 | comment | added | kelalaka | huh: known password partitioning with Oracle? If an attacker wishes to compromise the password of a particular user whose password has never been breached, the attack would fail | |
| Mar 8, 2021 at 21:30 | comment | added | kelalaka | I don't agree on this part: page 3: The adversary has some way of inferring when an encrypted message is successfully received (e.g., due to a reply message or lack thereof). Anonymous boxes are sealed_box'es and you cannot send a message bak. Therefore no partitiion oracle | |
| Mar 8, 2021 at 16:18 | comment | added | Woodstock | Yep that's my take. | |
| Mar 8, 2021 at 16:17 | history | edited | Woodstock | CC BY-SA 4.0 | added 41 characters in body |
| Mar 8, 2021 at 16:15 | comment | added | kelalaka | I've started to read, however, I need more time. But it seems PAKE is dead? | |
| Mar 8, 2021 at 16:08 | comment | added | Woodstock | @kelalaka, any thoughts on this one? :) | |
| Mar 8, 2021 at 15:03 | history | edited | kelalaka | CC BY-SA 4.0 | removed thanks and some Latex |
| Mar 8, 2021 at 14:22 | history | edited | Woodstock | CC BY-SA 4.0 | added 4 characters in body |
| Mar 8, 2021 at 10:30 | history | edited | Woodstock | CC BY-SA 4.0 | added 138 characters in body |
| Mar 8, 2021 at 10:23 | history | asked | Woodstock | CC BY-SA 4.0 |