Doug Hughes <Doug.Hughes@Eng.Auburn.EDU> writes: It seems to be a OTP/stream cipher of some kind.. subsequent number depending on previous numbers. I don't know if its possible to prove that the sequence will never repeat, having not seen the algorithm. But if it did not, it would seem to be strong enough. Too many questions, too few answers.
It does seem to be a stream cipher of some kind. Subsequent numbers depending on previous numbers means that it's an autokey cipher. That most assuredly does <not> make it a one time pad, no matter whether it ever repeats or not (which it presumably wouldn't). Here's an easy way to demonstrate that the strength of this system is less than a one time pad. Let's give the attacker all the breaks: he knows the initial secret key, he has watched the key exchange from both sides by monitoring all keystrokes, and has access to all the keying information and plaintext and ciphertext that has happened from day 0 until now, day 30, but none of the plaintext or other keying information thereafter. Case one: the system you're flogging. He can keep reading the mail. Case two: a true one time pad. He immediately loses touch with the system as soon as they go to the first unknown byte of the one time pad. I sympathize with their desire to call it a one time pad, since that has obvious marketing cachet. But it isn't -- can't they simply say they think it's a nice strong cipher? Jim Gillogly Sterday, 8 Winterfilth S.R. 1995, 22:21