Re: Snake Oil FAQ 0.4 [comments appreciated]
-----BEGIN PGP SIGNED MESSAGE----- To: cypherpunks@toad.com Date: Mon Sep 16 12:05:17 1996
(First off, I'd like to thank Matt for doing this.)
The key length stuff is good, but a common component of snake oil is that it claims to have very long key sizes.
| Some ciphers, while currently secure against most attacks, are not | considered viable in the next few years because of relatively small keysizes | and increasing processor speeds (making a brute-force attacks feasible). The | tables below should give some general guidelines for making intelligent | decisions about the key length you need. If the key is too short, the system | will be easily broken, even if the cipher is a good one. | | In [1] and [2], we're presented with some guidelines for deciding | appropriate key length. (It is important to note that this is based on the | ability to predict computing power 40, 65, and 100 years from now. Major | breakthroughs in computing power 30 years from now might render everything | on this chart kiddieplay.)
| * One-Time-Pads | | A vendor might claim the system uses a one-time-pad (OTP), which is | theoretically unbreakable. That is, snake-oil sellers will try to | capitalize on the known strength of a OTP. It is important to | understand that any variation in the implementation means that it is | not an OTP, and has nowhere near the security of an OTP. | | A OTP system is not an algorithm. It works by having a "pad" of random | bits in the possession of both the sender and recipient. The message is | encrypted using the next n bits in the pad as they key, where n is the | number of bits in the message. After the bits are used from the pad, | they're destroyed, and can never again be used. The bits in the pad | must be truly random, generated using a real random source, such as | specialized hardware, radioactive decay timings, etc., and not from an | algorithm or cipher. Anything else is not a one-time-pad.
The phrase easy-to-use should not appear in proximity to one time pad, except in the context 'Easier key management than a one time pad!"
I would also suggest that the generation of OTP 'pads' for users is *highly* questionable. Who else is getting a copy of them, assuming they're even valid? Dave Merriman - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- PGP Email welcome, encouraged, and PREFERRED. Visit my web site at http://www.shellback.com/p/merriman for my PGP key and fingerprint "What is the sound of one hand clapping in a forest with no one there to hear it?" I use Pronto Secure (tm) PGP-fluent Email software for Windows -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMjzSBMVrTvyYOzAZAQGVwQP+N6vjyniDH0ad3G8dWu1cPHi5yfvksbS7 EJmgpSVTlaLf1Kp7rX2zBULxKvd2bqN3z3tAhj6reeG8la+P3Skw9gPJS8ggYvOn cXwdRsCyRICgHYMcbaEB/91YsJMweYyzWLe2JZazs3NfsafxdNKerGR7kvoQF0bG oBNR169sGlo= =WqlN -----END PGP SIGNATURE-----
On Mon, 16 Sep 1996, David K. Merriman wrote:
Date: Mon, 16 Sep 1996 10:05:27 -0700 (PDT) From: "David K. Merriman"
To: cypherpunks@toad.com Subject: Re: Snake Oil FAQ 0.4 [comments appreciated] To: cypherpunks@toad.com Date: Mon Sep 16 12:05:17 1996
[usefull stuff rm'd]
The phrase easy-to-use should not appear in proximity to one time pad, except in the context 'Easier key management than a one time pad!"
I would also suggest that the generation of OTP 'pads' for users is *highly* questionable. Who else is getting a copy of them, assuming they're even valid?
Not to mention, the basic flaw of OTP.. if you have the only copy of the key, and the key is non-repetitive, how do you send the key to another person without being just as insecure as not encrypting it in the first place... almost any OTP claims are gonna be snake oil. --Deviant "I understand by 'freedom of Spirit' something quite definite - the unconditional will to say No, where it is dangerous to say No. Friedrich Nietzsche
participants (2)
-
David K. Merriman
-
The Deviant