Unbreakable code using XOR for one time pad?
in [Cryptography]
|
Prev: Cipher challenge
Next: Rolex Oyster Perpetual Cosmograph Daytona Mens Watch 116523-WDO Collection
From: rossum on 11 Nov 2008 13:36 On Tue, 11 Nov 2008 18:20:26 +0000, Guy Macon <http://www.GuyMacon.com/> wrote: >The difficulty of sending a single keyfile is overblown. If the keyfile is larger than the plaintext, and you can transmit the keyfile securely then why do you need a keyfile at all? Just transmit the plaintext using the same secure method. rossum
From: Gordon Burditt on 11 Nov 2008 15:37 >>The difficulty of sending a single keyfile is overblown. >If the keyfile is larger than the plaintext, and you can transmit the >keyfile securely then why do you need a keyfile at all? Just transmit >the plaintext using the same secure method. The same secure method (e.g. monthly code update sent to an embassy) is often TOO SLOW. Or it requires methods that are impractical for a secret agent to use while under cover. Starting a mission with a flash disk in your pocket is easy. Dropping one off at Spy HQ when you're spying on Al Queda and learn of a plot to nuke Washington by FedEx in 4 hours without giving yourself away may be a problem.
From: Unruh on 11 Nov 2008 17:05 Guy Macon <http://www.GuyMacon.com/> writes: >Unruh wrote: >>Had you [Bill B] looked up "One Time Pad' you would have found >>a description equivalent to what you state. And a proof of its >>security essentially the same as yours.s. You would also have >>found out why it is problematic-- that key can NEVER EVER be >>reused for anything which means that you have to somehow securely >>exchange a key larger than any message or set of messages you >>will ever transmit. >Other than the difficulty of exchanging any key of any size, >the days when exchanging a key larger than any message or set >of messages you will ever transmit was extra-difficult are >long gone. An 8GB micro-SD card is 11mm x 15mm x 1mm, >(0.43" X 0.59" X 0.039") and costs about $20 USD. >I also don't consider it to be all that difficult to exchange >the keys. Here is one way: >Prepare six 256GB random keys using different kinds of HRNGs >running on seperate PCs. Store 3 of them on USB thumb drives. >Send the three thumb drives by Fedex, UPS, and US Mail using >different names and addresses at the source city and destination >city. >Send the other three files over the internet from different >computers and different ISPs using email, FTP and BitTorrent. >At both ends, XOR the six files together to create matching >265GB keys. >Not very difficult, and it would very very hard to intercept >all six files; miss one and you have zero chance of breaking >the OTP. >If you are the CIA or DOD or a bank that will be using the keys >for billion-dollar transactions, send another 3 files by seperate >trusted couriers. >The difficulty of sending a single keyfile is overblown. I do >agree, however, that trying to send a different keyfile to >each of a couple of hundred people would be difficult to manage, >and doing so in advance of knowing who the recipients are is >impossible. And then you have to keep track of where in the key you are ( or have to go through the same palaver with each and every message you want to send). >That being said, I don't see any real need to upgrade from >"takes longer than the age of the universe using a computer >the size of the universe to break" to "cannot be broken even >with infinite time and infinite computer resources." >-- >Guy Macon ><http://www.GuyMacon.com/>
From: Unruh on 11 Nov 2008 17:09 rossum <rossum48(a)coldmail.com> writes: >On Tue, 11 Nov 2008 18:20:26 +0000, Guy Macon ><http://www.GuyMacon.com/> wrote: >>The difficulty of sending a single keyfile is overblown. >If the keyfile is larger than the plaintext, and you can transmit the >keyfile securely then why do you need a keyfile at all? Just transmit >the plaintext using the same secure method. He argues that the xor of two keys is a key. But then you could go through his process to send the message as well. (send 5 messages, with message i being K1^K2^K3^K4^K5^M^Ki. Then xor all five messages together at the other end and you have the message, while the message is unrecoverable from anything less than all 5 of the transmissions. So, yes, if you can send the key safely by his procedure, you cansend the message safely by his procedure. >rossum
From: rossum on 11 Nov 2008 17:46
On Tue, 11 Nov 2008 14:37:58 -0600, gordon(a)hammy.burditt.org (Gordon Burditt) wrote: >>>The difficulty of sending a single keyfile is overblown. >>If the keyfile is larger than the plaintext, and you can transmit the >>keyfile securely then why do you need a keyfile at all? Just transmit >>the plaintext using the same secure method. > >The same secure method (e.g. monthly code update sent to an embassy) >is often TOO SLOW. Or it requires methods that are impractical for >a secret agent to use while under cover. > >Starting a mission with a flash disk in your pocket is easy. Dropping >one off at Spy HQ when you're spying on Al Queda and learn of a >plot to nuke Washington by FedEx in 4 hours without giving yourself >away may be a problem. There are indeed some situation where a OTP is useful, and espionage is often one of them. In the majority of situations, if you have a transmission channel secure enough for the key, then sending the plaintext through the same channel is easier. rossum |