[Cryptography] Crypto Books, 2017
Ray Dillinger
bear at sonic.net
Wed Jun 14 14:02:08 EDT 2017
On 06/11/2017 01:02 PM, Ray Dillinger wrote:
> I see a source-forge / Google code project named "Palimpsest" which
> seems to be implementing .... uh, as near as I can tell an insecure
> and easily broken use of a one-time pad for a combination of several
> messages. D'oh! Somebody misinterpreted a description and rolled
> his own algorithm.....
I need to correct that statement.
I got that impression from my expectation that something named
"Palimpsest" would in fact be implementing a cryptographic
palimpsest, and reading a description of a stream-cipher. (yes,
that description used the words "one time pad" adding to the
confusion - but that happens with a lot of stream ciphers).
On a closer inspection however, what this program implements is
neither a cryptographic palimpsest nor a one-time pad. It is a
stream cipher disk encryption utility. It appears to be okay;
at least Ubuntu has deployed it, using LUKS for key management.
There was also a "Palimpsest" intended for network communications,
which may or may not be what eventually grew into the disk utility
I mentioned above; but it never had a working secure key exchange.
Like the above, it's a stream cipher based on PGP in counter mode
and uses the words "one time pad" to describe itself. The non-
working key exchange code looks like it wanted to use Rijndael (in
some variant other than AES) to encrypt keys. I can't tell whether
development moved on to the disk encryption app, or just stopped.
And, confusingly again, there was a DIFFERENT utility also named
Palimpsest, which also did not create cryptographic palimpsests.
It was presented in a 2003 paper by Timothy Roscoe and Steven Hand.
Instead, it implements ephemeral distributed storage with a
built-in bandwidth-charging system and encrypts fragments using
AES (in ECB mode!) for security. It's highly experimental and
as far as I can see there are no significant deployments.
Bear
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20170614/16380e03/attachment.sig>
More information about the cryptography
mailing list