```Path: cactus.org!milano!cs.utexas.edu!sdd.hp.com!usc!snorkelwacker.mit.edu!
+     thunder.mcrcim.mcgill.edu!sobeco!ozrout!elevia!alain
From: alain@elevia.UUCP (W.A.Simon)
Newsgroups: sci.crypt

Subject: Re: Braid Crumbs
Message-ID: <1991Jul21.235637.22040@elevia.UUCP>
Date: 21 Jul 91 23:56:37 GMT
References: <1991Jul2.105754.11804@elevia.UUCP>
+           <1991Jul15.110725.8635@elevia.UUCP>
+           <1991Jul21.133354.9428@elevia.UUCP>
+           <1991Jun15.21342
Organization: The Electronic Path - Global Village
Lines: 41

In <1991Jul18.025542.12334@elevia.UUCP> I said:
> [ ... Braid Crumbs... ]
> more useless the statistical analysis.  I also suspect that it could be
> proven that ANY arbitrary plaintext, at most HALF as long as the
> ciphertext, can be extracted (!flames expected!), and quite a large
> number of longer ones as well (the closer we get to the length of C the
> harder it becomes to find the desired P), therefore it is profitable to

Hmmm...  I must have been sleeping at the keyboard.  I thank Huuskonen
for waking me up (don't blame him for the errors).

Let's consider an EXTREME situation:

I have an arbitrary "known" plaintext consisting of only 1's,
but the opposition has two-stream braided together a plaintext
of 0's only, with a random noise bit stream, using a random key
bit stream.  The resulting traffic is therefore half made of
0's, and the other half is, on average, equally divided between
0's and 1's.

For every bit of traffic I intercept, it is either from the real
plaintext, or from the noise.  Let's suppose we know how to discard
the 0's from the real plaintext.  We now have the remaining random
stream which we know to be more or less equally made of 0's and 1's.
In order to "find" my desired plaintext (all 1's) in the remaining
string, the string must be at least twice as long as my target text.

We can conclude from this that in order to be able to find ANY
plaintext at all, with close to a CERTITUDE, in any two-stream
braid, the traffic must be at least FOUR times as long as the
desired plaintext.  But that was for the worst possible (and
very unlikely) case.

Anyone cares to expose the maths or the logic to analyse another
extreme case: we want to find a random string in the intercepted
traffic?  And why not have a quick look at the obviously boring
and overly optimistic case of panning for all 0's?

--
William "Alain" Simon                                         alain@elevia.UUCP
```