Talk:Meet-in-the-middle attack

From Citizendium, the Citizens' Compendium
Jump to: navigation, search
This article is developing and not approved.
Main Article
Related Articles  [?]
Bibliography  [?]
External Links  [?]
Citable Version  [?]
To learn how to fill out this checklist, please see CZ:The Article Checklist. To update this checklist edit the metadata template.
 Definition An attack on a block cipher in which the attacker can calculate possible values of the same intermediate variable (the middle) in two independent ways, starting either from the input of the cipher (plaintext) or from the output ( ciphertext); he calculates some possible values each way and compares the results. [d] [e]

Start with definition, work out concept, before going into deep examples

While I learned the principle as a "man-in-the-middle attack", perhaps that is too sexist. I am aware of a wide range of specific attacks based on my understanding of the principle, which is now in the lead. Unless the principle in question is something totally different than what I believe it to be, I honestly could not infer it from the previous definition that I replaced.

Again assuming we are discussing the same problem, which, since Diffie-Hellman perfect forward secrecy approaches are one countermeasure to it, I don't follow the leap from the definition directly into specific strengths of triple vs. dual DES.

Further, the example of attacking multiple DES seems to assume a good deal of knowledge of cryptanalytic strategies.

The beautiful snow-capped mountain peaks may indeed be here, but the novice is not going to be able to leap from one to the next. Howard C. Berkowitz 00:50, 9 August 2008 (CDT)

The two attacks are utterly different. My definition here was correct; yours would be a goud start for man-in-the-middle attack. I do not have time to fix this. Sandy Harris 02:19, 9 August 2008 (CDT)
OK, they are different. The fact remains that I could not see where you were going, starting with exactly which intermediate variables were being supplied. It then seemed to jump into a DES discussion, with a side discussion of Diffie-Helman and others.
You may not have time to work with these, which I accept. Unfortunately, there are now several cryptographic articles, where I felt there was a problem with clarity, and I am not a complete novice at this. I'm now faced with several articles where there seems to be jump from concept to concept, but without the transition. My guess is this transition was perfectly obvious to the members of a mailing list accustomed to working together. Unfortunately, this is a different environment without the shared context that may have taken some time to work out.
"Sandy, I really don't want to get rid of potentially valuable material. At the same time, if, as in this case, I had to take an educated guess what you meant, and was wrong, how can the Computers Workgroup and one or more Computers Editors progress this if we don't follow the derivation. I confess that hindsight is wonderful, and perhaps I should have made more of an issue of mutual understanding before you wrote multiple articles. I didn't. Is there someone you can suggest that can take over trying to get these into a CZ format? I'd really appreciate not being told about how it is done at Wikipedia; that's simply not relevant.
I am open to suggestions, but right now, I can't, in good conscience, support an article where I do not follow the presentation. Howard C. Berkowitz 03:48, 9 August 2008 (CDT)

OK, the introduction is much clearer, although it definitely needs context, such as an article that covers known plaintext as opposed to other methods. As you said, you are thinking "bottom up", as there is no article on block cipher, yet this is an attack against it. It would help others develop the subject if, perhaps, you'd put a note on the mailing list and/or forum (preferably Computers) that you are doing an article that assumes a list of prequisites X, and you've checked and found no articles for subject(s) x in X. Others might be able to start on those articles.
In this case, I don't yet understand the jump to double vs. triple DES. Why DES specifically? If you're using it because there are published numbers on its strength and attacks on it, it would help if you'd say that, and that the attack applies to any block cipher? block and stream cipher? polyalphabetic autokey? Any cipher that uses a sentence or two of assumptions? Or is the issue cryptographic strength?
Howard C. Berkowitz 11:56, 9 August 2008 (CDT)

I have expanded it quite a bit since the above comments were written. Does it now make sense? Sandy Harris 04:13, 22 August 2009 (UTC)