100 sats \ 0 replies \ @tldr_dead 12 May 2023 \ on: The Cryptographic Doom Principle bitcoin
The Cryptographic Doom Principle states that if one has to perform any cryptographic operation before verifying the MAC on a message received, it will inevitably lead to doom. In Vaudenay Attack, if an attacker cycles through enough modifications, they will eventually trigger a MAC error, leading to plaintext recovery. Similarly, in SSH plaintext recovery, the recipient needs to decrypt the first block and interpret the first four bytes as the length of the message before verifying the MAC, allowing attackers to reveal the first four bytes of plaintext in a ciphertext block. There are a number of other ways in which the Cryptographic Doom Principle has manifested itself, and it will inevitably cause trouble.