Ray Dillinger wrote:
essentially, a one-time-pad with a central source of randomness, the key being the point in the random-number-stream that you start with.
Not quite. The point which you start with in the random number stream is one of the keys, but the system he describes also includes another, which is used to encrypt the random number stream prior to the OTP's XOR operation.
good point, but IMHO it actually makes the system WEAKER yet, because it gives more feeling of security to alice and bob, which may be highly betraying because it also adds key-exchange trouble and we all know that is the real weakness of many systems.
What if it was just a few dozen Blum-Blum-Shub generators up there spewing all those bits? We'd never see the difference, but a data thief who was "in the know" about how they were keyed could recreate any sequence at any time.
my point exactly. one way or the other you can't TRUST the stream, therefore it is worthless.
The basic problem is the problem you always get with systems that have a "trusted server" sitting in the middle -- can you really trust that server? Can you inspect it, and inspect the code it's running, personally? Can you verify that the thing you were allowed to inspect is the same as the thing that you're trusting?
especially when it's sitting in orbit, where even if you wanted to and were allowed to you simply CAN'T get at it. and it's pretty obvious that examining it while it's still down on earth does nothing. any stage magician worth his money can switch things right under your nose, and any of the major TLAs would surely be capable to switch a satellite even with dozens of people believing they've been watching it continuously.
I don't see any government, or for that matter any criminal organization, with a significant investment in SigInt allowing such a launch to go up untampered if they could possibly prevent it.
s/prevent/subvert/
Finally, this system doesn't protect storage. It protects communications, and communications only. Think about it. If you protect storage, you have to have the bits from the OTP around somewhere to decrypt it. If you have the bits from the OTP around somewhere, you no longer have an unbreakable cipher.
didn't think of that. yet another nail in the coffin. so, what do we have? a scientist (or is he? anyone checked the credentials?) who is much better at generating media hype than at cryptography. :)