Path: cactus.org!milano!cs.utexas.edu!sdd.hp.com!usc!snorkelwacker.mit.edu!
+     thunder.mcrcim.mcgill.edu!sobeco!ozrout!elevia!alain
From: alain@elevia.UUCP (W.A.Simon)
Newsgroups: sci.crypt

Subject: Re: Braid Crumbs
Message-ID: <1991Jul21.235637.22040@elevia.UUCP>
Date: 21 Jul 91 23:56:37 GMT
References: <1991Jul2.105754.11804@elevia.UUCP>
+           <1991Jul15.110725.8635@elevia.UUCP>
+           <1991Jul21.133354.9428@elevia.UUCP>
+           <1991Jun15.21342
Organization: The Electronic Path - Global Village
Lines: 41

In <1991Jul18.025542.12334@elevia.UUCP> I said:
> [ ... Braid Crumbs... ]
> more useless the statistical analysis.  I also suspect that it could be
> proven that ANY arbitrary plaintext, at most HALF as long as the
> ciphertext, can be extracted (!flames expected!), and quite a large
> number of longer ones as well (the closer we get to the length of C the
> harder it becomes to find the desired P), therefore it is profitable to

Hmmm...  I must have been sleeping at the keyboard.  I thank Huuskonen
for waking me up (don't blame him for the errors).

Let's consider an EXTREME situation:

	I have an arbitrary "known" plaintext consisting of only 1's,
	but the opposition has two-stream braided together a plaintext
	of 0's only, with a random noise bit stream, using a random key
	bit stream.  The resulting traffic is therefore half made of
	0's, and the other half is, on average, equally divided between
	0's and 1's.

	For every bit of traffic I intercept, it is either from the real
	plaintext, or from the noise.  Let's suppose we know how to discard
	the 0's from the real plaintext.  We now have the remaining random
	stream which we know to be more or less equally made of 0's and 1's.
	In order to "find" my desired plaintext (all 1's) in the remaining
	string, the string must be at least twice as long as my target text.

	We can conclude from this that in order to be able to find ANY
	plaintext at all, with close to a CERTITUDE, in any two-stream
	braid, the traffic must be at least FOUR times as long as the
	desired plaintext.  But that was for the worst possible (and
	very unlikely) case.

	Anyone cares to expose the maths or the logic to analyse another
	extreme case: we want to find a random string in the intercepted
	traffic?  And why not have a quick look at the obviously boring
	and overly optimistic case of panning for all 0's?


-- 
William "Alain" Simon                                         alain@elevia.UUCP