upvote

points

by fluoridation1 hours ago |
comments
upvoteby 20198459 minutes ago|
[-]
>EDIT: What I mean is you can do cypher = truncate(plain ^ AES(zero_extend(plain))).

How would you decrypt that though? You truncated 3/4ths of the AES output needed to decrypt it.

I thought you were suggesting this:

  ciphertext = truncate(AES(key) ^ plaintext)
And in this case, since AES(key) does not depend on the plaintext, it would just be XOR by a constant.
reply
upvoteby fluoridation40 minutes ago|
parent|
[-]
You're right, my bad. I guess if you have strict size requirements it does make sense to use small block sizes.
reply