Re: New types for transparent encryption

gsstark@mit.edu (Greg Stark) writes:
> However I have a different concern which hasn't been raised yet.
> Encrypting lots of small chunks of data with the same key is a very
> dangerous thing to do and it's very tricky to get right. 

Yeah, that's exactly the sort of thing that would be Most Useful for
someone trying to do differential cryptanalysis.
  http://en.wikipedia.org/wiki/Differential_cryptanalysis

It would provide an *exact* vector for differential attack if the
attacker has the ability to add in a series of bits of data of their
choosing before capturing the thus-encrypted dump.

If you add some more-or-less-randomish salt, ala SSHA, that could be
of some tiny help, maybe, arguably, but I doubt that's usable :-(.  http://www.openldap.org/faq/data/cache/347.html
-- 
let name="cbbrowne" and tld="acm.org" in String.concat "@" [name;tld];;
http://linuxfinances.info/info/sap.html
Why do scientists call it research when looking for something new?