Path: cactus.org!milano!cs.utexas.edu!sdd.hp.com!usc!snorkelwacker.mit.edu! + thunder.mcrcim.mcgill.edu!sobeco!ozrout!elevia!alain From: alain@elevia.UUCP (W.A.Simon) Newsgroups: sci.crypt Subject: Re: Braid Crumbs Message-ID: <1991Jul21.235637.22040@elevia.UUCP> Date: 21 Jul 91 23:56:37 GMT References: <1991Jul2.105754.11804@elevia.UUCP> + <1991Jul15.110725.8635@elevia.UUCP> + <1991Jul21.133354.9428@elevia.UUCP> + <1991Jun15.21342 Organization: The Electronic Path - Global Village Lines: 41 In <1991Jul18.025542.12334@elevia.UUCP> I said: > [ ... Braid Crumbs... ] > more useless the statistical analysis. I also suspect that it could be > proven that ANY arbitrary plaintext, at most HALF as long as the > ciphertext, can be extracted (!flames expected!), and quite a large > number of longer ones as well (the closer we get to the length of C the > harder it becomes to find the desired P), therefore it is profitable to Hmmm... I must have been sleeping at the keyboard. I thank Huuskonen for waking me up (don't blame him for the errors). Let's consider an EXTREME situation: I have an arbitrary "known" plaintext consisting of only 1's, but the opposition has two-stream braided together a plaintext of 0's only, with a random noise bit stream, using a random key bit stream. The resulting traffic is therefore half made of 0's, and the other half is, on average, equally divided between 0's and 1's. For every bit of traffic I intercept, it is either from the real plaintext, or from the noise. Let's suppose we know how to discard the 0's from the real plaintext. We now have the remaining random stream which we know to be more or less equally made of 0's and 1's. In order to "find" my desired plaintext (all 1's) in the remaining string, the string must be at least twice as long as my target text. We can conclude from this that in order to be able to find ANY plaintext at all, with close to a CERTITUDE, in any two-stream braid, the traffic must be at least FOUR times as long as the desired plaintext. But that was for the worst possible (and very unlikely) case. Anyone cares to expose the maths or the logic to analyse another extreme case: we want to find a random string in the intercepted traffic? And why not have a quick look at the obviously boring and overly optimistic case of panning for all 0's? -- William "Alain" Simon alain@elevia.UUCP