Hi, I am taking part in an engineering design course, where we will be designing and building something of our choice, with an emphasis on electronics... What i proposed to do was basically a one time pad, with a true random number generator to generate the pad. We want to do it on 8 bit xt plug in cards, with the initial transfer of the random pad between the sender and receiver being done over a cable (with the terminals side by side). Then, an arbitrary amount of time later, the two terminals can be separated, and a promiscuous method of transmission can be used to transmit encrypted data. The encrypted data is to be generated by simply XORing the bits of the pad, and the bits of the plaintext, with decryption occuring at the receiving end by XORing the bits of the pad and the bits of the encrypted message, to extract the plaintext bits. Talking to the instructor today, he didn't understand why I wished to use a truly random number generator, since he believed that any pseudorandom number generator, or even something periodic would be just as secure, in practical terms. Is this true? I did not wish to use a pseudorandom number generator (and after all, it's an electronics design course, not software design) or any period function, because i believed that it would be susceptible to brute force attacts by statistical analysis of the encrypted data (are there other ways of attacking it?). Wouldn't this also apply to any textual input as the pad? (eg, verse n of chapter m of book o of the bible) I would like to be able to back up my assertion that using pseudorandom number generators, periodic functions or english texts would not be secure (to what degree?), and that the use of a true random number generator (probably using circuit noise) is theoretically the most secure method available (assuming real randomness and not taking into account the transfer of the pad). Can anyone suggest any references? I was also wondering how difficult it would be to implement DES into this, using random bits for keys, in hardware or software. I'm afraid that we may have to use basic, if we are to talk with the plug-in-card, as i'm not confident of my C abilities, and am not aware of any libraries out there. Any help would be greatly appreciated. I am not on the cypherpunks mailing list yet, however, and would appreciate a Cc: to my email address, in addition to the list itself. Junya ______________________________________________________________________________ "Merci, merci, merci." -La Femme Nikita | hojunya@ecf.toronto.edu ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~