[coderman at gmail.com: Re: [dave at farber.net: [IP] more on AP Story Justice Dept. Probing Domestic Spyin]
John Kelsey
kelsey.j at ix.netcom.com
Tue Jan 3 14:14:41 EST 2006
...
>From: Eugen Leitl <eugen at leitl.org>
>Sent: Jan 1, 2006 6:18 AM
>To: Cryptography List <cryptography at metzdowd.com>
>Subject: [coderman at gmail.com: Re: [dave at farber.net: [IP] more on AP
> Story Justice Dept. Probing Domestic Spyin]
...
>as long as your OTP's are truly random and never compromised, the key
>exchange will be secure and the only way to attack your traffic
>remotely will be brute force of AES256.
I'm coming late to this discussion, but if you're already trusting
AES256 for security, why not just exchange a single long-term AES256
key between mutually-trusting sites? Then, you can generate today's
piece of the one-time-pad using a shared counter or a timestamp or
something. Further, this lets you store the secret that derives your
keys inside a tamper-resistant crypto module.
>Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
--John Kelsey, NIST
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list