thoughts on one time pads
Dave Howe
DaveHowe at gmx.co.uk
Sat Jan 28 12:38:31 EST 2006
Anne & Lynn Wheeler wrote:
> is there any more reason to destroy a daily key after it as been used
> than before it has been used?
<snip precopy attack on store cards>
Yeah. tbh for good security, you should move your OTP keys into a secure
storage device (asssuming you have one more secure than the cd-r) as soon as
possible then destroy the entire disk. I can envisage a tamper-proof storage
device that accepts an upload of raw key data, and stores 1gb of it in battery
backed dynamic ram, which will blank reasonably effectively if the power is removed.
But for most people, I imagine a CD-R is probably much, much easier to arrange
physical security for than any other storage they may have access to, and both
cheaper and easier to destroy after one use (easiest way to ensure data can't be
retrieved) than say a USB storage dongle.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list