[Cryptography] [cryptography] Boing Boing pushing an RSA Conference boycott
Bill Frantz
frantz at pwpconsult.com
Fri Jan 17 20:06:56 EST 2014
On 1/17/14 at 4:57 AM, hallam at gmail.com (Phillip Hallam-Baker) wrote:
>The criteria for a one time pad is that the entropy in matches the
>ciphertext length so there is an equal probability of any possible
>plaintext mapping to any possible ciphertext.
>
>Since every physical implementation of a random number generator has bias,
>it is necessary to perform conditioning of the random seed before use and
>this may be either a hash or a PRNG.
>
>
>So using a OTP in practice does involve a PRNG which in turn means that the
>practical system is not theoretically secure. Not using a PRNG makes the
>system theoretically secure but insecure in practice.
>
>Theoretically secure but insecure in practice also applies to quantum
>cryptography.
You could XOR enough physical streams together to overcome the
bias in the physical process.
And, of course, you could use several approaches, some with
PRNGS, but at least one without, XORed together and still call
it a OTP.
Still it's a pain to distribute the keying material,
particularly if you use Verner Vinge's technique of XORing the
keys carried by 3 independent messengers to avoid compromise of
the key in transit.
Cheers - Bill
-----------------------------------------------------------------------
Bill Frantz |The nice thing about standards| Periwinkle
(408)356-8506 |is there are so many to choose| 16345
Englewood Ave
www.pwpconsult.com |from. - Andrew Tanenbaum | Los Gatos,
CA 95032
More information about the cryptography
mailing list