[JDEV] Jabber and encryption (was: stunnell)
Charles Forsythe
forsythe at netvoice.net
Thu Dec 21 14:55:44 CST 2000
> Colin Madere wrote:
> ""Differential and Linear Cryptanalysis" Dr. Dobbs Journal, Jan 96.
> This article provides good examples of known-plaintext attacks against
> good ciphers."
Known plaintext is a component of many cipher attacks, but a "good
cipher" is resistant to linear and differential cryptoanalysis. Also,
because the XML tags are limited in number, the know plaintext space is
very, very small (cryptographically).
Encrypting the message payload is:
1. More practicle, because untrusted servers can route
the secret message.
2. The text in the message is the most unknown portion.
If known plaintext were a problem, then SSL would be the worst security
system in the world. Consider that most of the content you load from a
secure web page consists of static graphics and plenty of it.
-- Charles
More information about the JDev
mailing list