[Cryptography] New White Paper: GhostLine - Information-Theoretically Secure Multi-Party Chat

[Ron Garret]

> On Sep 7, 2025, at 7:36 PM, Ferecides de Siros <filosofarte at protonmail.com> wrote:
> 
> This is not an oversight but a fundamental characteristic acknowledged **ab initio** in the paper. 
> The academic value lies in exploring the theoretical limits of security, **ipso facto**, not in 
> claiming practical convenience.

The very first sentence of the abstract says:

"We present GhostLine, the first PRACTICAL multi-participant chat system achieving both perfect secrecy via one-time pad (OTP) encryption and information-theoretic authentication..."

(Emphasis added.)

Furthermore, section 1.1 explicitly claims as one of the contributions:

"Complete open-source implementation demonstrating PRACTICAL feasibility"

(Again, emphasis added.)

If you were not the author I would be questioning whether you had actually read the paper.

> If we reject 
> systems requiring secure initial channels, we must also reject quantum key distribution and most 
> PKI implementations, which ultimately rely on similar trust assumptions.

You can't be serious.  The *whole point* of quantum key distribution and PKI is to eliminate the need for out-of-band communications to distribute keys.  You might argue that these systems don't actually work (though the fact that the world economy has not collapsed is pretty strong evidence to the contrary) but it is absolutely false that QKD and PKI *require* out of band key distribution.  They absolutely do not.

Also, as long as I'm getting sucked into this silly rabbit hole, I will also point out that many respondents appear to have missed this disclaimer that I included in my original reply:

> (This is not quite true.  There is one use case for an OTP, which is that you have a secure way to distribute it at one time, and you want to send a secure message using that OTP at a later time.  But this is an extremely rare circumstance, and it never applies to the stated use case for Ghostline.)

So I stand by my assessment that this paper has no merit because it has swept the hard part of the problem under the out-of-band-key-distribution rug.

rg