[Cryptography] OTP as WKBI, New White Paper: GhostLine - Information-Theoretically Secure Multi-Party Chat

Mon Sep 8 23:39:33 EDT 2025

On Monday, September 8th, 2025 at 13:32, John Levine <johnl at iecc.com> wrote:

> imagine a scenario where before a trip to Intrusivestan, your office has a shelf
> of pairs of DVD-R recorded from a physical white noise source, and you put a few
> of them in your bag. Your crypto protocol could be little more than "start at
> disk 34735, track 14" followed by the encrypted data, ideally with some way to
> physically mark the track so you can't use it again. But that's a pretty narrow
> use case.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi John,

You're absolutely right that OTP has been a "Well Known Bad Idea" 
in many contexts due to the key distribution problem. 

What makes GhostLine different is that it explicitly acknowledges this 
limitation in section 3.1 and targets the specific niche where secure 
out-of-band distribution is feasible. The contribution isn't in solving 
key distribution (which is known to require special channels) but in 
solving the previously unsolved multi-party state synchronization 
problem for OTP consumption.

The system makes no claims about being suitable for general Internet 
communication, but rather for scenarios where participants can establish 
initial key material physically and value information-theoretic guarantees 
over operational convenience.

Your DVD-R example is actually quite close to the use case GhostLine 
envisions - just with modern cryptographic protocols instead of physical media.

The personal motivation behind GhostLine actually aligns with your example. 
I created it for a group of friends who meet monthly for barbecues ("asados" 
here in Argentina) and wanted truly private communications between meetings. 
I distribute the same OTP to all participants during our gatherings, 
and they use GhostLine for sensitive discussions until the next meeting.

Interestingly, the operational constraints naturally discouraged frivolous 
use - they quickly learned to reserve their limited OTP bytes for important 
conversations rather than offensive jokes, which created unexpected positive 
behavioral change.

This real-world use case demonstrates exactly the niche where OTP shines: 
small groups with periodic physical contact who value privacy over convenience.

Thanks for raising this important perspective.

Best,
Hitokiri
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOPhOn65N+XbUXMpWZ3IkUdCGxpUFAmi/njIACgkQZ3IkUdCG
xpXTqQ/9G0NoUEJWDM6Cd1fifdRR/o9MfN/Nzo4sHEGAnH4DwXwvJaqeubICYQLt
sf9ARI0sCyavZA87SK5UxF2WUTbPx79uyj3PqLF7ErLz6+z6Ql1wz7pdGrrWhuIn
snEyxTuGAypynIoC2WGhSu0XSoH3+E707M1XDHN0FJhMErIliwHxkKGA2rl77m/L
KcQIl17JVfMIPhSwlKyaTjF82ye4Y+OOclEPFINrsmQ0KHso0URqhwRtTGvhqePS
Exoh1sXkbArY4+FnYoDw5r+4siovApFNlDKG9NFmD7gHgOLB2AP53QyPUilEKTQo
rf+i1SyaqBnSLdkFgVXWG8lfE0nFTk6K5YIWK8mDtZ3+IAfnnaJbRA84cXFPjMoe
+4T81A236wAQn0tRkJTVKLMqOZnM6Nt+141FKX/IfMYTUFnh0HL1nDpqB6fqhqGx
07Xu+plaE7GgUy4fd7UuRn7IPj1D7JhmoE0cZoIc1g44G/aCmqsDioP699wC6qxZ
wKr1iLmnTQ2yA1QrdRJDCwNIoCuneCisg0qsgt2h5jnx51J/HIdR6Jjwd9/8pJv9
mBTFrpW/oiEQ5LJyLqtmflp2UKpqWU1RfaHunKSDU1atyFRLEcPOdlJLz8xN7K5y
VgFrJ6/xi644fDRIBrCfBWiuA4ihGa6aqSoOVi4rcbcqaZZYKpM=
=Vb/e
-----END PGP SIGNATURE-----