Timeline for Are there any systems out there that use a one-time pad?
Current License: CC BY-SA 3.0
10 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Mar 27, 2014 at 23:28 | comment | added | Johnny | Then you should take out the whole section about the network, since there are a lot more ways to corrupt a message than sending it across a network (which already computes a checksum of the data, usually at multiple levels in the stack). There's no reason to add a hash of the plaintext outside of the encrypted payload, since as you say, it leaks data about the plaintext. The plaintext hash can be included within the encrypted payload, or a hash of the encrypted data can be added to allow validation of the encrypted data. | |
| Mar 27, 2014 at 23:19 | comment | added | LB2 | @Johnny We are talking about hashing by encryption algorithm/software and not network. The only network reference is in context that network is not perfect and can cause a bit flip... | |
| Mar 27, 2014 at 23:12 | comment | added | Johnny | The network doesn't hash or checksum the original plaintext message - under normal circumstances, the network never sees or knows about the plaintext (all it sees is data, it has no idea if it's encrypted data). If hashing of the plaintext is desirable to ensure integrity of the decrypted message, that can be done by the encryption software (and included as a part of the encrypted payload so no attacker can see it). | |
| Mar 27, 2014 at 20:18 | comment | added | LB2 | @Michelle Oh, after I finished typing I think I now see what you mean: apply hashing over encrypted text to validate transmission, not over the original message. Yeah, I think that would solve the imperfect transmission problem without compromising perfect security. | |
| Mar 27, 2014 at 20:15 | comment | added | LB2 | @Michelle I just added an example to the post... | |
| Mar 27, 2014 at 20:13 | history | edited | LB2 | CC BY-SA 3.0 | added example and explanation. |
| Mar 27, 2014 at 19:54 | comment | added | Michelle | All I'm seeing in the article is that hashing methods don't provide 100% security against forgeries. A hash of the ciphertext wouldn't give an attacker an additional vector to retrieve the original plaintext. | |
| Mar 27, 2014 at 19:37 | comment | added | LB2 | @Michelle I think it will. If you read the article, it stresses that brute forcing is not possible because you can come up with any key to produce any desired text, making it perfectly secure. If you include verification hash, then you can brute force the key until verification hash matches, thus revealing and confirming the key and the original message. | |
| Mar 27, 2014 at 19:29 | comment | added | Michelle | You could verify the message by including a hash of the ciphertext, couldn't you? Then it wouldn't expose any additional information. | |
| Mar 27, 2014 at 17:00 | history | answered | LB2 | CC BY-SA 3.0 |