I wrote: # Gee, why are we all so worried about key management ? It's just a load and # go installation at each of the user sites ! ;) ("That was sarcasm, son") IPG Sales writes:
That is precisely why PCX Nvelopes is such an extraordinary system. That is the beauty of PCX Nvelopes, it lifts that burden from the user, eliminates it entirely. You may have worried about key management, but with our system, you will not have to do so in the future. The system itself, manages all the OTPs, you do not have to do anything but use the system. Key management is the problem with all existing systems, but it is no problem at all with the PCX Nvelopes system,
What protects each user's one time pads ("PCX Nvelopes", or whatever) ? Are they protected by an eight-character Unix account password ? (This would be harder for implementations on traditionally single-user platforms like the Macintosh and most of the Microsoft OSes, presumably.) Are they protected by a policy that says all users must lock away their IPG disks or CDs when not in use ? Also, how are they protected from the people who generate the one-time pads at IPG (and their friends and families) ?
as you would see if you looked at the system, instead, of talking about something when you have no idea at all of what it is about.
As I said earlier, I read all your material and still had almost no idea at all about what it is. If you don't tell people about the system, it's extremely hard for them to do more than speculate.
The first set of keys must be sent by a secure source, US mail, FED EX, or whatever, but thereafter, all updates can be accomodated over Internet.
Keys ? Wait a minute, #2 of the "Dozen Reasons why PCX Nvelopes is absolutely the finest Communication Security and Privacy system available", according to http://www.netprivacy.com/ipg/dozbest.html, is: "2. No Messy, Intrusive Passwords/Encryption Keys to get in your way and worry about, forget about those troublemakers" [...]
all hardware generation of OTP's are irregular, otherwise they are not random.
I'm not sure what you mean by "irregular" in this context.
Thus at times, a hardware source, such as ADC LOB system, can generate nonrandom data, unless this is checked, it can destroyed the integrity of your system.
This doesn't quite jibe with my understanding of the typical use of a hardware RNG. From what I have read, one starts with an unpredictable bit source with some known bias, so that each original bit has somewhat less than one bit of real entropy. The bias is "corrected" by combining the original bits to get fewer bits with enough real entropy, and then repeating the process enough to get enough final bits of real entropy. Could you explain what the acronyms "ADC" and "LOB" mean here ? I just tried a web search for the two together, and all I got was a page of UFO acronyms, and some astronomical acronyms (LOB = Lick Observatory Bulletin). Schneier discusses hardware RNG at length in Applied Cryptography, but he doesn't mention either acronym. I might guess that LOB = Low Order Bits. -Lewis "You're always disappointed, nothing seems to keep you high -- drive your bargains, push your papers, win your medals, fuck your strangers; don't it leave you on the empty side ?" (Joni Mitchell, 1972)