[Cryptography] New White Paper: GhostLine - Information-Theoretically Secure Multi-Party Chat
Patrick Chkoreff
pc at fexl.com
Mon Sep 8 09:21:54 EDT 2025
On 9/7/25 2:46 AM, Pierre Abbat wrote:
> ... How do you get truly random numbers for the OTP?
(I say the following tongue-in-cheek so please don't throw anything at
me, yet.)
What you do is roll 64 of those 16-sided dice to produce an initial 256
bit seed. Then you run that seed through SHA256 to produce the next 256
bit seed, and continue that chain indefinitely.
The first 256 bit block is "truly" random; the subsequent blocks are
"pseuo" random but nevertheless "random enough." There's your OTP. You
could probably extend it for many terabytes. Maybe even petabytes.
> How do you distribute the OTP?
You scribble down the initial 256 bit seed onto a small slip of paper in
hex notation, meet with your counterparty, and give her the paper.
====> OK, now for one serious question: in the hash chain sequence I
describe above, in what way is that NOT suitable for use as an OTP?
I understand the higher risk of key compromise: namely, that if you
know any one of the 256 bit blocks in the OTP sequence, you therefore
know all the subsequent blocks to infinity. There are ways to mitigate
that. I'm just asking about the "randomness" quality of the OTP
material itself.
-- Patrick
More information about the cryptography
mailing list