I can suggest a way to "distribute" a one time pad, even though the people never meet. Just agree over the phone on which CD ROM to use, and some forumula for an offset into the CD ROM. You might want to throw away some of the data to make the bit stream less regular, but with 600 meg, who cares? Keith Henson
Keith's CD-for-a-pad idea is a variant of a book code. In a book code, parts of the key are in various standard books, often the bible. Advantages: easier key distribution. Disadvantages: key material is public. Should an internal spy learn the few bits of addressing information (which CD, where), the cipher is compromised. Eric
From: hkhenson@cup.portal.com
I can suggest a way to "distribute" a one time pad, even though the people never meet. Just agree over the phone on which CD ROM to use, and some forumula for an offset into the CD ROM. You might want to throw away some of the data to make the bit stream less regular, but with 600 meg, who cares? Keith Henson
This seems equivalent to the old "dictionary" or "book" cyphers that people sometimes used. Good cryptanalysts broke them routinely. I'll leave it to your imagination how one might do it, but I'll just note that if you picked a few arbitrary bytes, say bytes 30-40, of all the CDs in the record store, you would find that those few bytes likely distinguish all but prehaps a token number of CDs. Perry
From: Eric Hughes <hughes@soda.berkeley.edu>
Keith's CD-for-a-pad idea is a variant of a book code. In a book code, parts of the key are in various standard books, often the bible.
Advantages: easier key distribution.
Disadvantages: key material is public. Should an internal spy learn the few bits of addressing information (which CD, where), the cipher is compromised.
Actually, in practice internal spies were almost never needed to break book cyphers. They in fact provide only laughable security. Traditional ones didn't even require that the cryptanalyst ever determine what book was being used! Perry
participants (3)
-
Eric Hughes -
hkhenson@cup.portal.com -
pmetzger@shearson.com