thoughts on one time pads

[Anne & Lynn Wheeler]

John Denker wrote:
> It is worth your time to read _Between Silk and Cyanide_.
> That contains an example of somebody who thought really
> hard about what his threat was, and came up with a system
> to deal with the threat ... a system that ran counter to
> the previous conventional wisdom.  It involved protecting
> keys before use and destroying them after use.

if you have a scores or hundreds of one-time pads (or any other static
secrets) on a cd .... and the vulnerability is skimming ... then if the
already used pads are destroyed as countermeasure to skimming ... the
unused pads that are also on the same cd are also vulnerable to the same
skimming. say the cd was skimmed before any pads were used ... then
there hasn't yet been any destroyed pads. supposedly if you provide
protection sufficient for the unused pads ... then that should be
protection for the used pads also (although there always is the school
of thot that more security is always better).

destroying just the one time pads on a cd is countermeasure to theft ...
since the theft of the cd hopefully prevents the unused pads from being
used (at least by you), there potentially is vulnerability that the
thief might be able to use the unused pads in some sort of attack.

the issue is that having both used and unused pads on the same CD
creates a potential common vulnerability of everything on the same CD
(which are in different states). once all pads have been used ... then
the whole CD represents a common vulnerability state ... and the whole
CD can either be destroyed.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com