Q
Manage Learn to apply best practices and optimize your operations.

# Cracking smaller messages

## Learn whether or not a smaller message is easier to crack and how encryption makes plaintext plausible. Also learn how to encrypt a message and why you should consider using a smaller key.

If a message is smaller, is it easier to decrypt?

A smaller message does in fact take less time to decrypt than a longer one, however, I think you meant crack, as...

in recover the plaintext of a message without the encryption key, and the answer is basically no. This is because good encryption makes any plaintext derived from a given ciphertext as plausible as any other.

One advantage of a small message is that it is easier to encrypt it by creating a random key that is the same size as the message. Matching the key and message lengths creates what's called a one-time pad. This uses character-by-character encryption, or stream ciphering. This type of cryptosystem is unbreakable, if used correctly. Let me give you an example. Suppose you encrypt your eight-digit bank account number. The length of this message may give an attacker a clue as to its content, but they won't know if they've cracked the message, since any of the 10^8 permutations of an eight-digit number could be correct. This is true for text-based messages as well. If I encrypted the message "Defuse bomb mission off," which is 23 characters long, with a one-time pad, an attacker wouldn't be able to determine whether "Detonate bombs at three" -- also 23 characters -- was the message I sent.

The problem with one-time pads is that you have to generate a new random key each time you send a message. This means creating, delivering, and securing large keys, which is very complex. Imagine if you wanted to encrypt a 2Mb computer file with a one-time pad. You would need a key that is also 2Mb or 2^20 characters long. This limits true one-time pad systems to very specific uses so other encryption systems are more generally used. In block ciphers for example, the key length is much less than the length of the message, but the plaintext message is broken up into small pieces called blocks, and the key encrypts each block. A variety of block ciphers operate in different ways, but as a rule, the smaller the key the less secure any message encrypted with that key will be. Therefore, you need to ensure that you use an adequate length of key and that your key or keys are adequately protected and genuinely random.

• Learn tactics for securing your e-mail systems

• This was last published in September 2005

## Content

Find more PRO+ content and other member only offers, here.

#### Have a question for an expert?

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

#### Start the conversation

Send me notifications when other members comment.

## SearchCloudSecurity

• ### How to make a cloud risk assessment easier with frameworks, standards

A cloud risk assessment can often fall by the wayside in an enterprise, but using a standard or framework can simplify it. Expert...

• ### Tenable launches cloud-based vulnerability management platform

At RSA Conference 2017, Tenable Network Security introduced a cloud-based vulnerability management platform called Tenable.io ...

• ### Skyhigh expands CASB model to IaaS platform protection, custom apps

At RSA Conference 2017, Skyhigh Networks explained how it expanded its cloud access security broker model to include IaaS ...

## SearchNetworking

• ### Arista Networks' revenue rises, while rival Cisco stumbles

Arista Networks' revenue rose more than 33% on strong sales of switches and routers. Arista released results a day after Cisco ...

• ### Cisco revenue continues to fall from weak sales in switches, routers

Cisco revenue dropped for the fifth consecutive quarter due to declining sales of switches and routers. The company is expected ...

• ### Will automation define the future of network technology?

This week, bloggers look at automation as the future of network technology, weigh in on Cumulus' EVPN features and examine ...

## SearchCIO

• ### OpenStack in the enterprise: Are you up for the challenge?

OpenStack is popular with the Fortune 100. PayPal is a fan. And experts say its technical shortcomings are long gone. But there ...

• ### Want OpenStack benefits? Put your private cloud plan in place first

The open source software promises hard-to-come-by cloud standards and no vendor lock-in, says Forrester's Lauren Nelson. But ...

• ### How to monetize data

CIOs are increasingly being tasked with capitalizing on company information. Learn how to monetize data in this report from ...

## SearchConsumerization

• ### Android, Windows tablets from HP take aim at business users

HP released a new line of tablets targeting business users. The HP Pro Slate 8 and Pro Slate 12 run Android and cost \$449 and ...

• ### Microsoft to lay off 18,000, Nokia X moves to Windows Phone

Microsoft will lay off 18,000 people over the next year while the Nokia X line of Android smartphones, which was unveiled earlier...

• ### Microsoft Surface Pro 3 vs. Microsoft Surface Pro 2

Surface Pro 2 and Surface Pro 3 are different enough that Microsoft is keeping both on the market as competing products. Which ...

## SearchEnterpriseDesktop

• ### How to create an ideal Windows 10 security setup

As with any OS, security in Windows 10 is crucial. IT must emphasize third-party software patching, malware protection and more ...

• ### Three basic Windows 10 security tips to keep in mind

There is so much to keep in mind with Windows 10 security it's easy to overlook the essentials. Get back to basics and remember ...

• ### Windows Store for Business now open to ease app delivery

The Windows Store for Business offers IT flexibility with Windows 10 application deployment, licensing and user management.

## SearchCloudComputing

• ### Compare offline data migration services from AWS, Azure and Google

Sending a storage disk to a cloud provider seems like an antiquated data-migration method, but it's a common choice. Here's how ...

• ### Questions loom over Amazon-VMware cloud deal

The recent AWS-VMware cloud deal has IT pros wondering about price, feature set and much more. Laz Vekiarides, CTO of ClearSky ...

• ### Beyond shadow IT risks, opportunity awaits

Enterprises have a love/hate relationship with shadow IT. When it comes with risks, its presence also drives technological ...

## ComputerWeekly

• ### Security Think Tank: Risk of DNS attacks goes beyond websites

What are the main security risks associated with DNS and how are these best mitigated?

• ### Multi-cloud management: Making it work for the enterprise

As the hype surrounding multi-cloud infrastructure continues to grow, what do enterprises need to do to make the model work for ...

• ### Accenture to add thousands of US jobs as Trump effect spreads to IT

Accenture has promised to create more jobs in the US and invest \$1.4bn in skills development

Close