17 Dec
2003
17 Dec
'03
11:17 p.m.
PGP output is not random enough to be used for a one time pad. The security of a OTP is *entirely* based on the quality of the random numbers; they should come from some strong generator. Building good one time pads is tough, and usually not worth the effort.
No, however the output of "pgp +makerandom=XXX filename.dat" _IS_ random enough for an OTP. The problem then becomes distributing this data. -derek