Q
Manage Learn to apply best practices and optimize your operations.

# Cracking smaller messages

## Learn whether or not a smaller message is easier to crack and how encryption makes plaintext plausible. Also learn how to encrypt a message and why you should consider using a smaller key.

If a message is smaller, is it easier to decrypt?

A smaller message does in fact take less time to decrypt than a longer one, however, I think you meant crack, as...

in recover the plaintext of a message without the encryption key, and the answer is basically no. This is because good encryption makes any plaintext derived from a given ciphertext as plausible as any other.

One advantage of a small message is that it is easier to encrypt it by creating a random key that is the same size as the message. Matching the key and message lengths creates what's called a one-time pad. This uses character-by-character encryption, or stream ciphering. This type of cryptosystem is unbreakable, if used correctly. Let me give you an example. Suppose you encrypt your eight-digit bank account number. The length of this message may give an attacker a clue as to its content, but they won't know if they've cracked the message, since any of the 10^8 permutations of an eight-digit number could be correct. This is true for text-based messages as well. If I encrypted the message "Defuse bomb mission off," which is 23 characters long, with a one-time pad, an attacker wouldn't be able to determine whether "Detonate bombs at three" -- also 23 characters -- was the message I sent.

The problem with one-time pads is that you have to generate a new random key each time you send a message. This means creating, delivering, and securing large keys, which is very complex. Imagine if you wanted to encrypt a 2Mb computer file with a one-time pad. You would need a key that is also 2Mb or 2^20 characters long. This limits true one-time pad systems to very specific uses so other encryption systems are more generally used. In block ciphers for example, the key length is much less than the length of the message, but the plaintext message is broken up into small pieces called blocks, and the key encrypts each block. A variety of block ciphers operate in different ways, but as a rule, the smaller the key the less secure any message encrypted with that key will be. Therefore, you need to ensure that you use an adequate length of key and that your key or keys are adequately protected and genuinely random.

• Learn tactics for securing your e-mail systems

• Visit our encryption resource center for news, tips and expert advice.

• This was last published in September 2005

## Content

Find more PRO+ content and other member only offers, here.

#### Have a question for an expert?

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

#### Start the conversation

Send me notifications when other members comment.

## SearchCloudSecurity

• ### SQL injection attacks: How to defend your enterprise

SQL injection attacks threaten enterprise database security, but the use of cloud services can reduce the risk. Here's a look at ...

• ### Cloud security lessons to learn from the Uber data breach

Any organization that uses cloud services can learn something from the 2016 Uber data breach. Expert Ed Moyle explains the main ...

• ### Challenges in cloud data security lead to a lack of confidence

A new study on cloud data security provides insights into the shaken confidence in the cloud. Despite its increased use, payment ...

## SearchNetworking

• ### Cisco revenue turns positive, as software, security sales up

Cisco revenue grew last quarter for the first time in more than two years, due, in part, to rising software sales. But analysts ...

• ### Making the most of incident detection and response

This week, bloggers look into incident detection strategies, a new anomaly detection tool from ExtraHop and how Ethernet VPN ...

• ### Latest Juniper switches up throughput for cloud applications

The latest Juniper switches target companies that want a network infrastructure with the throughput and management software to ...

## SearchCIO

• ### CISOs, give your cybersecurity program a sense of purpose

'Vanquish the enemy you can see … then prepare for the next engagement.' Brooks Brothers' Phillip Miller gives fellow CISOs new ...

• ### Who's talking? Conversational agent vs. chatbot vs. virtual assistant

Think a conversational agent, chatbot and virtual assistant are the same? Think again. IBM Watson VP and CTO Rob High explains ...

• ### Neurala claims 'lifelong deep neural nets' don't forget

Boston startup Neurala says it has developed deep neural networks that can learn on the fly. Neurala's COO Heather Ames explains.

## SearchEnterpriseDesktop

• ### VMware Workspace One helps Western Digital organize 3,000 apps

The application portal in VMware Workspace One allowed IT to streamline app delivery, and the product's cloud-based model proved ...

• ### Three PC lifecycle management options IT should consider

IT pros can use PCs and laptops until they stop working, or they can set up a lifecycle management plan that retires them after a...

• ### Microsoft Office 2019 release will force IT to migrate to Windows 10

If you're not yet on Windows 10, news about the upcoming Microsoft Office 2019 release may force your hand. Plus, the company ...

## SearchCloudComputing

• ### How to blend the advantages of cloud computing with containers

Containers and cloud sound like a perfect match. But how well does containerization help boost application portability? And will ...

• ### Containerized applications and the portability dream

To make containers work within a cloud strategy, you're going to need to carefully consider the complexities of porting an ...

• ### VMware acquisition continues move toward cloud security

VMware cloud security tools will get a boost from the company's acquisition of CloudCoreo, a security and management startup ...

## ComputerWeekly.com

• ### Prepare for Y2K style Meltdown strategy

The days of fixing the date bug in legacy systems may be long gone, but IT now has as much of an effort mitigating the Spectre/...

• ### Getting a handle on mobile security in your enterprise

Everyone now has a mobile device at work, so how can enterprises ensure they are secure?

• ### Church spires to become mobile coverage hotspots

Following successful trials in East Anglia, DCMS and Defra plan to encourage rural vicars to host broadband connectivity hotspots...

Close