[Cryptography] Brainstorming for encrypted text messaging ideas...with a twist
Thierry Moreau
thierry.moreau at connotech.com
Mon Jun 19 23:24:23 EDT 2017
On 19/06/17 04:20 PM, Ray Dillinger wrote:
>
> If someone wants to make it, it should probably be packaged with some
> mechanical entropy device (30-sided dice 26 sides of which are marked
> with letters, or whatever) to help generate one-time pads that are
> actually random.
>
> Bear
>
> PS: Did you know that the classic "30-sided dice shape" is technically
> called a rhombic triacontahedron?
>
I actually created a set of six cubic dice for random password
generation (an alphabet of 72 characters) plus a one-time pad, with
instructions and work sheets for modulo 72 arithmetic.
It can be used for password generation and storage as dual components.
Dual component storage should use money bags (a currency handling
accessory) sealed with seal serial number control for data integrity.
(Tamper evident bags may do the job as well, but an NSA employee patent
application explains that cryognenic techniques are effective to
surreptitiously defeat the tamper-evident glue on most envelope models.)
The password dice set works but it is very cumbersome. It effectively
shows how unrealistic it is to expect users to manage passwords securely
when a different password is recommended for each application or
service. (It also shows the one-time pad.)
So, my recommendation is to implement client-side private signature keys
and have fewer passwords to back up.
Regards,
- Thierry
More information about the cryptography
mailing list