At 4:37 PM 7/20/96 +0000, Deranged Mutant wrote:
The vendor may confuse random session keys or initialization vectors with OTPs.
"Random session keys" and "initialization vectors" probably need definition. Perhaps a very high level description of an existing "good" encryption system would do. Certainly a pointer to such a description would be valuable. Here is a start at some definitions: Random session keys - The practice of generating a new, random key for each message/communication session etc. This key needs to be communicated to the receivers of the message. This communication can be performed using public key cryptography or protocols such as Diffie Hellman. Initialization Vectors - The practice of including some random data at the start of an encrypted message to make it more secure against certain forms of cryptanalysis. A good idea and a good first pass - Bill ------------------------------------------------------------------------- Bill Frantz | The Internet may fairly be | Periwinkle -- Consulting (408)356-8506 | regarded as a never-ending | 16345 Englewood Ave. frantz@netcom.com | worldwide conversation. | Los Gatos, CA 95032, USA