More product announcements at SnakeOilCon, Las Vegas

Tim May tcmay at got.net
Wed Jan 9 10:21:38 PST 2002 

On Wednesday, January 9, 2002, at 08:12 AM, Declan McCullagh wrote:

>> From: "MacGregor K. Phillips" <mkp at ns2.piol.net>
>> To: "Top Secret Crypto Admin" <admin at topsecretcrypto.com>
>> Subject: Top Secret Crypto
>> Date: Wed, 9 Jan 2002 23:48:58 +0800
>> ===========================================
>> Press Release by TAN$TAAFL Software Company
>> ===========================================
>> Contact Information:
>> MacGregor K. Phillips
>> President
>> TAN$TAAFL Software Company
>> 14 Foster St., Banicain
>> Olongapo City, Philippines 2200
>>
--familiar variants of the famed "virtual one time pad" elided---


Between the "can compress any file by 100:1" and the "virtual one time 
pads," it looks like OSEC (Organization of Snakeoil Exporting Countries) 
have struck snakeoil in many places.

(In case anyone asks "How do you know virtual one time pads can't 
work?," a true one time pad a la Shannon uses shared sets of numbers 
which have no known algorithmic generator. If the pads can be generated 
from an algorithm, e.g., a seeded pseudorandom number generator, then an 
adversary could of course learn the algorithm and seed.

With a true one time pad ("true" in the procedural sense, as no set of 
numbers can ever be proved to be random), any decryption is as good as 
any other. Meaning, the adversary can do no better than simply guessing 
at a solution. All of the bits in the message are XORed with bits 
determined by the procedural equivalent of a flip of a coin (maybe 
Johnson noise in a diode, maybe radioactive decay, maybe swings of a 
complex pendulum, maybe LSBs of a microphone listening to the wind, 
etc.).

For Alice and Bob to share the often-large pads is of course the main 
limitation of one time pads. Military and diplomatic users can justify 
the housekeeping effort to share such pads. Even so, sometimes people 
start reusing pads, which means they are no longer "one time."

And schemers think they can get the theoretical advantages of OTPs by 
generating the "virtual" OTP from an algorithm and a shared seed/key. 
Hence the production of snakeoil by OSEC.

--Tim May
--Tim May, Citizen-unit of of the once free United States
" The tree of liberty must be refreshed from time to time with the blood 
of patriots & tyrants. "--Thomas Jefferson, 1787

More information about the cypherpunks-legacy mailing list