The countries that trusted bugged Swiss encryption devices
grarpamp
grarpamp at gmail.com
Fri Aug 13 03:06:14 PDT 2021
> I heard people recently talking about using _multiple_ OTP's.
> Not sure how that helps anything but it sounds nice and paranoid.
That's probably describing "multiple encryption",
cascade, or composition.
https://en.wikipedia.org/wiki/Multiple_encryption
In the case of properly used OTP's with TRNG's,
multiple doesn't help anything since the info theoretic security
of that system has been proven.
But for all other classes of algos such as the common
asym/symm/hash, multiple can be used as a safety
backup in case a sole use algo might be broken,
but is no good if they all are fail...
ie: md5 + sha1 != good
or if use of all N of them was poor, thus = fail too.
PS: Now for the more interesting thing in this note...
Notice how GoldBug et al happened to sneak
themselves onto that page too.
Someone really needs to start a formal project to
publicly investigate and debunk or clear their
software claims and fishy methods once and
for all, for any user's sake since they can get hurt.
https://en.wikipedia.org/wiki/Special:Contributions/Fuchshuber
https://en.wikipedia.org/w/index.php?fulltext=1&search=goldbug+messenger
Is GoldBug yet another example like the bugged
"Swiss encryption devices", an exploit that should not
be trusted? Journalists, activists, human rights work,
etc would probably want to know.
More information about the cypherpunks
mailing list