A company in Israel named Elementrix has just announce at Interop an entirely new paradigm in secure transactions. They have a secure one time pad that allows people to exchange mail and ftp files back in forth in complete security without the worries of key management or storage or secure random number generation or synchronization. In the words of Winn Schwartau: "This really fucks with your brain" Both he and David Kahn have gotten information out of non-disclosure, as well as several other un-named experts in cryptography about the nature of this new development. They were astounded and have provided assurances as to its authenticity and ability to work as advertised. So far they have no released the complete protocol, but plan to do so as soon as the Patent issues pending in several countries have been resolved. The protocol will be completely published and subject to scrutiny by everybody. To me it looks like it would be trivial for them to integrate it into any and all kinds of browsers, clients and applications. Of course, I do not have a complete knowledge of the entire protocol, but the brief overview was simple enough to understand in concept. If it can work in FTP, it can surely work in telnet as well, it's just a different front end over a TCP/IP connection. I realize that there will be those out there on this list who will immediately dismiss this as a hoax, as would have I had I not seen it operate with my own eyes, and sat through the conference. It was a case of serendipity for me, showing up at the booth and getting an invite to the press conference on the one day I decided to attend Networld/Interop. It works something like this: (I may not have it completely right, but this is what I understood of the broken English of the man without the microphone) A third party generates random numbers, or one of the two communicating parties. The numbers do not have to be secret. There is also a published table of mappings.. Something like, a number, and an operation.. 1 -> add 23 2 -> add 21 3 -> add 40 4 -> add 57 90 -> sub 23 One initial connection is all that is needed to have a secure connection for the lifetime of the two communicating parties. This initial connection can be accomplished via any number of ways. It does involve an initial one time only shared secret. This is much different than the many shared secrets and key management issues of private and public key systems. For the initial connection you can stick the machines back to back if you are really worried about security. This initial transaction serves as a seed for subsequent transactions. All subsequent transactions depend on preceding transactions. A degree of randomness comes from the randomness of the messages. Each next word in the message is random. (the argument goes like this: If you already know what the next word in the message is, there is no point in sending the message in the first place, because you know what all the words in the message are.) This imparts some degree of randomness, as no two beings will have an entire conversation over their lives the same as their conversation with anybody else: similar arguments can be applied to file transfers. After the initial exchange every message sent subsequently gets randomized from the previous randomness of the messages plus something in the table. If somebody else makes an exact copy of your machine, and sends a message as you, then you can no longer send messages to the other party as you are out of sync, and an Intruder alert is flagged if you do try to send a message. Then you and the foreign party can resynchronize. This new state is the basis for new messages. Argument: "That's fine, but how to I communicate securely with someone over the Internet with email that I'm not able to setup a secure channel with." Apparently each distribution disk is encoded with a unique ID and some kind of unique (and as yet undisclosed table and algorithm). This table allows the two parties to somehow setup a secure session and send mail. This does not solve authentication problems. If somebody steals your disk and sends mail to someone, they can appear to be you (or anybody). However, the minute you try to send mail to that same person, there is state on the remote machine with the imposter that you do not possess that flags an intruder problem, and new negotiations can begin. However, snoopers of the original message will still be unable to decode the one time pad. Winn Schwartau and Dr. David Karn have both signed non-disclosure and both made announcements to the affect that it does work as advertised. Also, it is not strictly random numbers in the traditional sense. It relies on the fact that the message is composed of a random series of words to create the one time pad. However, the one time pad does not repeat itself due to the continuing diversity of subsequent messages. They have reviewed the math and the algorithms and stated that it's a completely new way to think about cryptography, and the math is valid. Usability: point and click.. Click on the little lock button and the message is encrypted on the fly. The mail browser decrypts the message on the fly. After it is decrypted it is stored on the hard drive in plain text. (As it would have to be, unless you encrypt it with some conventional secret-key algorithm like DES or IDEA). This is fine as they say you have to have some degree of physical security anyway, and this is only to protect you on the networks in between the two machines. I'm inclined to agree. Notes: It's fast!! I'm just telling you what I heard. I have no idea how or what is stored as state information if anything. (part of the currently undisclosed algorithm). I was very skeptical at first, but have affected cautious optimism at this point. (until it is published). I just have a couple things to add. If it's true and works as advertised, we're in for a real treat, and the NSA and FBI are going to be really upset. :) Those drug smugglers and kiddie porn pushers are going to be immune to network wire taps. Next step: illegal algorithms, illegal XOR. ;)