This sounded so familiar, I had to go searching my external memory to make sure my internal wasn't failing. It wasn't; I described this attack three and a half years ago:
BTW, the cryptography @ metzdowd list was mentioned elsewhere as a decent source. It kinda goes in spurts, and Perry has pretty high standards for what is of sufficient quality and refuses to read more than one email a day from anyone; the @ randombit.net list is unmoderated.