[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: OTP server..
-----BEGIN PGP SIGNED MESSAGE-----
>How about WWW one time pad servers? You browse to your
>favorite OTP server, which has a random number generator
>running in the background. You tell it to give you a block
>of X bytes, and mail it to persons 1, 2, 3, ... N.
>
>These people then use this OTP for encrypting a document.
>It wouldn't be illegal because you aren't encoding any data
>and distributing it.. You're generating raw data. You wouldn't
>have to distribute any crypto software, you just xor your
>data file with the number of bytes that you were sent
>in the mail from the OTP server.. Enough of these things
>would be REALLY tough to monitor.. Plus, you could connect
>8 different times and just pick one of the sets.. Or you
>could just use a portion of the set that you and the receiving
>party agreed upon.
>
>Or, instead of using email, you could have a application/x-otp
>browser that would collect the OTP that the server sent out
>to you over HTTP. (this would be really hard to differentiate
>from other data if the server was doing other things at the
>same time).
>
>Thoughts?
>
I think you're trusting the server a GREAT deal.
> Doug Hughes Engineering Network Services
> [email protected] Auburn University
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQEVAwUBMAcXby1onm9OaF05AQEUpggApWiVdcA4UAsVIXKEor3JnM6PkEZleO6b
CpbyXYVZNRmUuePTuUMf9KQkI0accFm/sjnc7t12Hujs60utILWYM2F71GSrHZ0/
POx/oExL5TgcR9m6e0cYM58k9xZT2golXXHukTXnU6FlCNSNMfWnBziTgsSwCj1q
mZO8xQnbSWteWL50g7cFBMvGbyDSygOZu9MPqzRRvUVoF/kL78G0SAwT8HzGadfk
yIV40wDicBfuPH1GcaPlbGW+0Adips0WHAETBSRmUXSBdu+uQcs6LhEhddvbKmzF
Rh4qpIR0FYKcnyax0kqk6eBBWqo7oVCdm9nYMHc2yg6I9dQLGWnQIA==
=b9lf
-----END PGP SIGNATURE-----