[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: using pgp to make an otp

To: [email protected] (amp)
Subject: Re: using pgp to make an otp
From: Adam Shostack <[email protected]>
Date: Sat, 4 Nov 1995 10:55:36 -0500 (EST)
Cc: [email protected]
In-Reply-To: <[email protected]> from "amp" at Nov 5, 95 09:58:39 am
Sender: [email protected]


| i may have posted this at some time in the past, as i have asked it
| elsewhere and gotten different responses. i'm interested in that the
| folx here think about it though, so here it is...

I think you should read Marcus Ranum's OTP faq, on www.iwi.com:/pubs/

| i want a source of data for use as a otp. i don't want to have to
| hook up any external devices to my pc to do it. (although some of the
| methods mentioned in the past few days are quite interesting.)

Can't be done.  If you use a cipher to generate the pad, you have less
than full, honest to nature entropy, and you might as well use PGP.
Badly generated, or reused OTPs are very poor ciphers.

| i'd like to know if there was a reason not to use the output of pgp
| to do it. i've been playing with the following method. i take a file

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume

References:
- using pgp to make an otp
  - From: amp <[email protected]>

Prev by Date: using pgp to make an otp
Next by Date: Re: video as a source of public randomness
Prev by thread: using pgp to make an otp
Next by thread: Re: using pgp to make an otp
Index(es):
- Date
- Thread