[JDEV] Jabber and encryption (was: stunnell)
Colin Madere
colin at vedalabs.com
Thu Dec 21 14:30:44 CST 2000
> On Wed, Dec 20, 2000 at 03:39:40PM -0600, Colin Madere wrote:
> > If you just want to prevent joe-user from reading messages
> on his network,
> > that's fine, but encrypting the XML tags gives a real
> attacker huge clues
> > since he will _know_ what large pieces of the encrypted
> message are and
> > where they are in the message.
>
> Known-Plain-Text Attacks are not an issue if you use secure crypto
> algortihms. And you can also start the block with some random
> data. Just
> think of PGP, it's the same issue here, since all Mails
> starts with "Hello,"
> :)
Ok.. I do not wish to start a cryto discussion, so I will simply have to say
I disagree and refer you to what my crypto colleague provided me:
""Differential and Linear Cryptanalysis" Dr. Dobbs Journal, Jan 96. This
article provides good examples of known-plaintext attacks against good
ciphers."
Colin Madere
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/jdev/attachments/20001221/eff761d4/attachment-0002.htm>
More information about the JDev
mailing list