[rc5] Re: One Time Pad

Ray Vanlandingham jamesrv at awod.com
Tue Oct 28 06:45:48 EST 1997


At 01:19 PM 10/27/97 -0600, you wrote:
>> >May I ask why, if a secure transport method has been found, that the
>> >message itself cannot simply be sent?  (If a message was so ultra-secret
>> >that a OTP was needed, I'd be much more worried about the human factor
>of
>> >data  security than the possibility of the key being brute-forced.)
>> 
>> Think of it this way. Before you go off to be ambassador to Bosnia, we
>sit
>> down and make up 1000 keys for your use over there. You carry those by
>> hand. You now have a way of passing 1000 secure messages back to me,
>> subject of course to the security issues involved in keeping the keys
>> hidden from others.
>> 
>> So while ALL the keys could be delivered at once, they can be used up
>over
>> time.
>>
>I guess that would be a workable situation.  I still believe that in such a
>case it would still be VERY possible for someone to steal the book, copy it
>down, and then have access to ALL correspondence for the next three years. 
>A RC5-128 bit key that was switched (with the new key sent using the old
>encryption) every week or so would still be much better, IMHO.  (I can't
>imagine a situation where personal security was BETTER than data security.)

There's no way to prevent that, but you can certainly make it extremely
difficult. Encrypt the recipients copy of the key, split it in half, and
give each half to a seperate trusted person to lock in a high security
safe. Transmit the key to decode the recipient's key along with the
message. (include a plaintext 'header' on the OTP keys so you know they
decrypted right) Or, enclose a special chip in a computer than must decrypt
the transmission before it can be decrypted with the OTP key. Once you're
using a mathmatically secure key, the rest of the security is on the level
of 'How do we keep someone from stealing the Crown Jewels?'

Ray Vanlandingham

----
To unsubscribe, send email to majordomo at llamas.net with 'unsubscribe rc5' in the body.



More information about the rc5 mailing list