[rc5] key security question

Henry W Miller mill0440 at gold.tc.umn.edu
Fri Jun 6 13:07:40 EDT 1997



On Fri, 6 Jun 1997, Fedor Kouranov wrote:

> On 06/06/97 Henry W Miller <mill0440 at gold.tc.umn.edu> said:
> 
> >With XOR systems the key is not reused EVER.  you print up two identical 
> >pads of paper with the key on it.  You take one pad with you, and leave 
> >the other pad with your trusted friend.  If someone steals you pad they 
> >can send fake messages form you only until the pad runs out.  The beauty 
> 
> OK, this way of encryption is 100% secure for the price of unconvenient
> keys. A zip drive 'pad' will allow two people to send each other about 5K
> medium-sized (20Kb) letters. Not too bad. It will make sense if you give it
> to a spy (OK, just to your lover) before s/he goes for a mission (home).
> But if you talk Internet... no way. Also, the key will eventually run out
> (Well, we can have a Gbyte of true randomness ;). 

This is the one time pads you read about in spy books, everywhere.  I 
suspect that they are really used that often.  The difficulity of 
transfering them far outweighs the danger of the message being 
compromised.  ZIP disk BTW are out, you need something that is read 
ONCE.  A ZIP disk can be carried out of an office, copied, and carried 
back in.  (a cleaning person for instance)  Generally this encryption is 
done by hand, there are several ways to gather data from a comptuer that 
is on.  It is trivial (given money) for any electrical engineer to sit in 
a van across the street and read EXACTLY what is on your monitor.  

Remember things are only as secure as the weakest link.  We are workign 
on a relativly strong link, and it isn't that strong, we will break it in 
5 years.
----
To unsubscribe, send email to majordomo at llamas.net with 'unsubscribe rc5' in the body.



More information about the rc5 mailing list