At 8:28 PM 10/16/96 -0500, IPG Sales wrote (original at excessive length):
... IPG has produced a system to generate software OTPs, albeit it within limited but but more than ample entropy, not software random numbers.
We stipulate the obvious fact that the encryptor stream generated by EUREKA is a PRNG stream, though we do consider it gross denigration to castigate it as ONLY a PRNG stream. It is a PRNG issue that also happens to be an extremely well behaved OTP sequence, with limited but ample entropy, as well.
The problem is you are misusing the term One Time Pad.
It meets each and every criteria rationally established for an OTP in all reasonable aspects.
One of the criteria for a OTP is that you can credibly claim that ANY plain text (of the correct length) is a valid decryption of a cyphertext encrypted with a OTP. Since your PRNG has less entropy than the message, there are output sequences that can not occur. Therefore there are plaintext messages which have no possible key. These messages are not credible decryptions and the PRNG is not a OTP. This criterion is directly related to the provable security of the OTP. As such it is certainly a rationally established criterion. Now your PRNG may be a reasonably secure cypher system. (I haven't looked at it.) However it isn't an OTP and should not be advertised as such. Doing so makes people familar with the field think you don't know what you are talking about. ------------------------------------------------------------------------- Bill Frantz | Tired of Dole/Clinton? | Periwinkle -- Consulting (408)356-8506 | Vote 3rd party. I'm | 16345 Englewood Ave. frantz@netcom.com | Voting for Harry Browne | Los Gatos, CA 95032, USA