Let ENC and DEC be cipher encryption and decryption steps, not necessarily respectively. Consider the operation
c=ENC(k,p) c'=c XOR mask p'=DEC(k,c')
or the operation
c=ENC(k,p) k'=k XOR mask p'=DEC(k',c)
where c, p, c', p',
and mask are all known. Can k be
recovered with enough examples?
This is named after many Rubik's cube operations are of the form AXA-1; that is, first do a preparation, then do something, then undo the preparation.
No comments :
Post a Comment