[149100] in cryptography@c2.net mail archive
Re: [Cryptography] [cryptography] Boing Boing pushing an RSA
daemon@ATHENA.MIT.EDU (Bill Frantz)
Sat Jan 18 00:47:58 2014
X-Original-To: cryptography@metzdowd.com
Date: Fri, 17 Jan 2014 17:06:56 -0800
From: Bill Frantz <frantz@pwpconsult.com>
To: cryptography@metzdowd.com
In-Reply-To: <CAMm+Lwj857nzRC8kSh9MYmTbkc+4iMfBtvS5jpdh_cszaEdHLA@mail.gmail.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On 1/17/14 at 4:57 AM, hallam@gmail.com (Phillip Hallam-Baker) wrote:
>The criteria for a one time pad is that the entropy in matches the
>ciphertext length so there is an equal probability of any possible
>plaintext mapping to any possible ciphertext.
>
>Since every physical implementation of a random number generator has bias,
>it is necessary to perform conditioning of the random seed before use and
>this may be either a hash or a PRNG.
>
>
>So using a OTP in practice does involve a PRNG which in turn means that the
>practical system is not theoretically secure. Not using a PRNG makes the
>system theoretically secure but insecure in practice.
>
>Theoretically secure but insecure in practice also applies to quantum
>cryptography.
You could XOR enough physical streams together to overcome the
bias in the physical process.
And, of course, you could use several approaches, some with
PRNGS, but at least one without, XORed together and still call
it a OTP.
Still it's a pain to distribute the keying material,
particularly if you use Verner Vinge's technique of XORing the
keys carried by 3 independent messengers to avoid compromise of
the key in transit.
Cheers - Bill
-----------------------------------------------------------------------
Bill Frantz |The nice thing about standards| Periwinkle
(408)356-8506 |is there are so many to choose| 16345
Englewood Ave
www.pwpconsult.com |from. - Andrew Tanenbaum | Los Gatos,
CA 95032
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
