-----BEGIN PGP SIGNED MESSAGE----- To: cypherpunks@toad.com Date: Mon Sep 16 12:05:17 1996
(First off, I'd like to thank Matt for doing this.)
The key length stuff is good, but a common component of snake oil is that it claims to have very long key sizes.
| Some ciphers, while currently secure against most attacks, are not | considered viable in the next few years because of relatively small keysizes | and increasing processor speeds (making a brute-force attacks feasible). The | tables below should give some general guidelines for making intelligent | decisions about the key length you need. If the key is too short, the system | will be easily broken, even if the cipher is a good one. | | In [1] and [2], we're presented with some guidelines for deciding | appropriate key length. (It is important to note that this is based on the | ability to predict computing power 40, 65, and 100 years from now. Major | breakthroughs in computing power 30 years from now might render everything | on this chart kiddieplay.)
| * One-Time-Pads | | A vendor might claim the system uses a one-time-pad (OTP), which is | theoretically unbreakable. That is, snake-oil sellers will try to | capitalize on the known strength of a OTP. It is important to | understand that any variation in the implementation means that it is | not an OTP, and has nowhere near the security of an OTP. | | A OTP system is not an algorithm. It works by having a "pad" of random | bits in the possession of both the sender and recipient. The message is | encrypted using the next n bits in the pad as they key, where n is the | number of bits in the message. After the bits are used from the pad, | they're destroyed, and can never again be used. The bits in the pad | must be truly random, generated using a real random source, such as | specialized hardware, radioactive decay timings, etc., and not from an | algorithm or cipher. Anything else is not a one-time-pad.
The phrase easy-to-use should not appear in proximity to one time pad, except in the context 'Easier key management than a one time pad!"
I would also suggest that the generation of OTP 'pads' for users is *highly* questionable. Who else is getting a copy of them, assuming they're even valid? Dave Merriman - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- PGP Email welcome, encouraged, and PREFERRED. Visit my web site at http://www.shellback.com/p/merriman for my PGP key and fingerprint "What is the sound of one hand clapping in a forest with no one there to hear it?" I use Pronto Secure (tm) PGP-fluent Email software for Windows -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMjzSBMVrTvyYOzAZAQGVwQP+N6vjyniDH0ad3G8dWu1cPHi5yfvksbS7 EJmgpSVTlaLf1Kp7rX2zBULxKvd2bqN3z3tAhj6reeG8la+P3Skw9gPJS8ggYvOn cXwdRsCyRICgHYMcbaEB/91YsJMweYyzWLe2JZazs3NfsafxdNKerGR7kvoQF0bG oBNR169sGlo= =WqlN -----END PGP SIGNATURE-----