1 comment

[ 3.1 ms ] story [ 17.0 ms ] thread
Aside from the silly claim that log(0) = 1, this has a fundamental flaw: if the attacker knows a sufficiently long chunk of the plaintext (standard headers, for instance), then it's nearly trivial to deduce the key (using gaussian elimination) and from there to get all the rest of the plaintext. Even without known plaintext, they can use statistical regularities of the English language to reverse engineer the key with high probability.

Modern cryptography assumes the attacker has gigabytes worth of known plaintext-ciphertext pairs (even chosen plaintext) to play with, and tries to make it hard for them to recover the key regardless. This assumption basically forces you to think about computational complexity.