[messaging] Modern anti-spam and E2E crypto
bascule at gmail.com
Tue Sep 9 22:03:42 PDT 2014
On Tue, Sep 9, 2014 at 9:56 PM, Brendan McMillion <
brendanmcmillion at gmail.com> wrote:
> You can post the index and the encrypted corpus on your Twitter, if you
> please. It doesn't matter.
That's all and good, but exactly *how* are the contents of the index hidden
from the attacker?
As a counterexample, let's say we're masking the contents of the index
using a deterministic encryption scheme like SIV. An attacker can send you
a message containing the word "target" 1000 times, then observe when one of
the index's counters changes by ~1000. The ciphertext associated with the
counter that increments is likely to be our target word.
How are these sorts of attacks prevented?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Messaging