Dale Thorn writes:
Is the concept here that: Whereas conventional crypto generates/hashes a *key* with which to encode the text, IPG generates a *pad* from a key, more or less the length of the text, with which to encode the text??
A cryptosystem is given a key by the user. A block cipher uses it to encrypt chunks of plaintext, perhaps 8 bytes long. (This is an oversimplification.) A stream cipher uses it to generate a pseudorandom sequence that is combined with the plaintext. IPG's product is a stream cipher.
It seems to me they're putting an additional layer of stuff ("OTP") between the key generation and the actual encoding, so what's the problem with that, as a concept?
The first problem is the name "OTP". A one-time pad is a well-defined thing, and this isn't it; they'd like to be associated with the term because the one-time pad is in fact provably secure. So they have a stream cipher. Is it a good stream cipher? Well, nobody knows, because no cryptanalysts have taken the time to attack it. There aren't all that many who publish in the open literature, and there are thousands of amateur proprietary schemes out there -- who has the time? If it were designed by someone known to be competent (RC4), or if it were widely used (pkzip), somebody might think it worth looking at. If you're not a cryptanalyst yourself (and I'm not, but at least I know it!), all you have to go on is the history of similar schemes. This is not encouraging; there are outfits which for a moderate fee will crack the proprietary encryption offered by dozens of popular products. IPG's history is even less encouraging Maybe this one's different from all of those. How valuable a secret would you like to wager on that? If IPG wants credibility, they should retain a respected cryptographer, or several, to attack their scheme. (Or just publish Don's proof of unbreakability. Since the scheme is provably _not_ information-theoretically secure, this must be a proof of computational security, presumably a superpolynomial lower bound. And as the scheme is trivially breakable in NP time, Mr. Wood is sitting on a _major_ result, a resolution to the central problem in computational complexity theory: a proof that P != NP. Do publish, sir.) -- Eli Brandt eli+@cs.cmu.edu