[Cryptography] One-time pads in modern crypto software?

Phillip Hallam-Baker phill at hallambaker.com
Tue Feb 16 10:01:30 EST 2021


On Sun, Feb 14, 2021 at 7:48 PM John Gilmore <gnu at toad.com> wrote:

> Henry Baker wrote:
> > 1. One-time pads can't be broken by quantum computation,
> > but require incredibly long keys which are hard to manage.
>
> We could certainly automate a bunch of the management of one-time pads
> with some free crypto software that supported them.  And maybe some
> cheap USB OTP hardware could then bring them to the masses.
>
> I continue to be surprised that nobody has put support for one-time pads
> into TLS.  For the small subset of people who want higher reliability
> security, it would be straightforward to run standard protocols for web
> and email and DNS and such, but with OTP keying rather than depending on
> possibly breakable mathematics or quantum theory.


TLS would seem like a poor choice, a messaging layer approach like S/MIME
would be a better fit. And who knows if it hasn't happened already.

The big problem technically would be conserving your supply of one time
material. You have to exchange that out of band if there is going to be
security.

The big problem marketing wise would be 'Power One Time Pad' and its
thousand copies. For most of us, 'one time pad' is a sure fire sign of
crypto snakeoil. Instead of a one time pad it is invariably an untested
stream cipher.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20210216/18ed0509/attachment.htm>


More information about the cryptography mailing list