Hacker News new | ask | show | jobs
by djacobs 4595 days ago
From what I understand, it's hard to known when brute-forced decryption is "done" (i.e., the decryption yielded plain text data that is the original data). As far as I know, machines look for patterns in the potentially decrypted data that look like common formats (or for data that correspond to real letters/words in a certain language). Does visual cryptography make decryption "done-ness" harder to detect?
2 comments
tel 4595 days ago
A properly decrypted message should have sharply less entropy than any improperly decrypted one.
link
djacobs 4595 days ago
Thanks for that insight, I was missing the entropy lens.
link
codeflo 4595 days ago
The image is not very random because it only uses a few possible patterns per 2x2 pixel block. If anything, that should give an attacker more information about the plaintext, not less.
link
filearts 4595 days ago
I don't think that is correct. The encoding transforms each pixel (1 bit) into one of 4 possible patterns, each of which having an equal chance of being chosen for a given on or off pixel.

Perhaps the information that would leak is the maximum amount of data that could be encoded in a human readable-format. Someone could then make guesses as to the content on that basis. I do not think, however, that the limited choices per 2x2 block leaks information.

link
codeflo 4595 days ago
In theory, any redundancy in the plaintext helps the attacker. I'll give a contrived example.

Say I encrypt a series of coin flips, tightly packed as bits "0" and "1". If you guess the wrong key (assuming certain encryption schemes), you'll decrypt something that looks very much like a series of random coin flips -- just not the ones I originally encrypted. So you can't "know" if you guessed the key correctly.

HOWEVER, if I encode the same series of coin flips as an UTF-16 string saying "HEADS TAILS HEADS HEADS ...", it's extremely unlikely that a wrong key will decrypt to a correct looking message. So if the decryption result looks good, you know that you've guessed the correct key.

link
russellsprouts 4594 days ago
But, if you use one-time pad correctly, then your string "HEADS TAILS HEADS HEADS" will be just as likely as any other string of the same length. "TAILS HEADS TAILS TAILS" would be just as likely, as would "MEETING AT MIDNIGHT. -E". This is because a one-time pad key has just as much entropy as the plaintext.
link
codeflo 4594 days ago
Yes, there were some unstated assumptions in my argument, like the key being smaller than the plaintext. (For example, a typical symmetric key is 32 bytes long, and a typical plaintext at least several kilobytes.)
link