amp writes:
i want a source of data for use as a otp. i don't want to have to hook up any external devices to my pc to do it. (although some of the methods mentioned in the past few days are quite interesting.)
i'd like to know if there was a reason not to use the output of pgp to do it.
Yes. What you have then is just an elaborate cipher that is not a one time pad. For it to be a one time pad, the numbers must be truly random and generated only once, period.
i would think that the output of pgp should be pretty darn random.
If PGP is good enough for use as a source for cipher keying material, then you needn't use it as a one time pad -- just use PGP directly. If PGP isn't good enough, it certainly isn't good enough for use as cipher keying material. In either case, it is NOT NOT NOT a one time pad if it isn't truly random numbers -- that means physically random. Perry