I think the IPG system is great! Percy, my pet python, has never been slicker or better lubricated! IPG Sales <ipgsales@cyberstation.net> wrote:

Perhaps so, but our system does employ a true hardware generated OTP, and operates similiar to what you describe - however, the important differernce is that we use a smal;l OTP to generate a larger OTP, like stringing the cable across the Golden Gate narrows.

What you have, as far as I can tell, with your "random-number-rotor-large- random-prime-number-rotor-wheels", is a proprietary encryption algorithm that uses a 5600-bit random number as a key. There are two points on which you are to be commended. 5600 bits is plenty large as a key (excessive, even), and you claim to generate the key with a true hardware RNG. Unfortunately, you are undone by two points which go against your scheme. First, your algorithm is proprietary, and as such is probably not worth a hill of beans. Second, the keys to your system are known to three parties: the sender of a message, the recipient of that message, and your company! This means that your company can intercept and decrypt any message that uses your system. All that is required is to keep a record of all keys generated and who they were distributed to, and to know the identities of the people communicating. You've already indicated, when you claimed "790 gigabytes" of data generated for testing with "multiple backups", that your company has the capability to store and access multiple terabytes of information. I'm sure you will protest your honesty; you may even *be* honest, but the security of your system will rely not only on the security of the algorithms and their correct implementation, but also on the honesty of your company and every employee who ever works for it. I don't need to trust R, S, and A whenever I use RSA, so long as the algorithm is secure, and correctly implemented.

Just becuase we convert over from a full OTP to a prime number wheel system configured from the OTP doers not mnean that the result is not an OTP

Of course it does. Which part of "One" don't you understand? -- David R. Conrad, conrad@detroit.freenet.org PGP key on GDFN Hardware and http://detroit.freenet.org/staff/conrad home page Software Committee "If you can't say 'fuck', you can't say 'fuck the government'." --Lenny Bruce