thoughts on one time pads
Jonathan Thornburg
jthorn at aei.mpg.de
Fri Jan 27 05:13:43 EST 2006
Two other problems with using a CD for OTP key material:
1. How to insure physical security for the N years between when you
exchange CDs and the use of a given chunk of keying material? The
"single CD" system is "brittle" -- a single black-bag burglary to
copy the CD, and poof, the adversary has all your keys for the next
N years.
2. How to securely destroy it after use, to prevent retrospective
dumpster-diving? Nothing short of physical destruction will stop a
determined adversary... and physical destruction is *hard*:
Smashing the CD with a hammer leaves individual fragments which can
still be read with a microscope. (That would yield "some" key bits;
a serious adversary could "drag" these across archived encrypted-traffic
to find the position which decrypts to something that's statistically
plaintext.)
Melting the CD should work... but in practice that takes a specialized
"oven" (I seriously doubt my home oven gets hot enough), and is likely
to produce toxic fumes, and leave behind a sticky mess (stuck to the
surface of the specialized oven).
ciao,
--
-- Jonathan Thornburg <jthorn at aei.mpg.de>
Max-Planck-Institut fuer Gravitationsphysik (Albert-Einstein-Institut),
Golm, Germany, "Old Europe" http://www.aei.mpg.de/~jthorn/home.html
"Washing one's hands of the conflict between the powerful and the
powerless means to side with the powerful, not to be neutral."
-- quote by Freire / poster by Oxfam
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list