Cryptography Asked by Kyb3r on October 24, 2021
Should you pad messages encrypted with stream ciphers?
The obvious answer seems to be yes, right? It obviously leaks the exact length of the plaintext.
Consider a situation where an adversary knows a user will send either $m_0$ or $m_1$. Suppose further that the adversary observes the decryption of $m_0$ and $m_1$— namely, now they know the length of each message. It is now trivial to see how the adversary could differentiate $Enc(m_0)$ from $Enc(m_1)$
From what I have seen though, padding messages encrypted with stream ciphers doesn’t seem super common/ isn’t done automatically in libraries like monocypher.
Get help from others!
Recent Answers
Recent Questions
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP