[Cryptography] [cryptography] Boing Boing pushing an RSA Conference boycott
Phillip Hallam-Baker
hallam at gmail.com
Fri Jan 17 07:57:37 EST 2014
On Thu, Jan 16, 2014 at 7:18 PM, Bear <bear at sonic.net> wrote:
> On Wed, 2014-01-15 at 10:38 -0500, Steve Furlong wrote:
> > On Wed, Jan 15, 2014 at 9:15 AM, Kent Borg <kentborg at borg.org> wrote:
> > > Huh? How can this be?
> > > one-time-pads themselves are compromised??
> >
> > Compromised PRNGs.
> >
>
> PRNG's have nothing to do with one-time pads. Compromised PRNG's
> affect stream ciphers, but one time pads do not use PRNG's.
>
The criteria for a one time pad is that the entropy in matches the
ciphertext length so there is an equal probability of any possible
plaintext mapping to any possible ciphertext.
Since every physical implementation of a random number generator has bias,
it is necessary to perform conditioning of the random seed before use and
this may be either a hash or a PRNG.
So using a OTP in practice does involve a PRNG which in turn means that the
practical system is not theoretically secure. Not using a PRNG makes the
system theoretically secure but insecure in practice.
Theoretically secure but insecure in practice also applies to quantum
cryptography.
--
Website: http://hallambaker.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140117/91e31e6e/attachment.html>
More information about the cryptography
mailing list