[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: using pgp to make an otp

To: "Perry E. Metzger" <[email protected]>
Subject: Re: using pgp to make an otp
From: Simon Spero <[email protected]>
Date: Sat, 4 Nov 1995 21:36:33 -0800 (PST)
Cc: amp <[email protected]>, cypherpunks <[email protected]>
In-Reply-To: <[email protected]>
Sender: [email protected]


On the subject of reused one-time-pads: What are the attacks that become 
available if a pad is used two times. The ones I can think of are:

known plaintext- if any parts of one message can be obtained or guessed, 
	the corresponding parts of the other message are automatically 
	obtained. 

statistics- (m1^C)^(m2^C) == m1 ^ m2. If the message is english, then 
certain combinations of letters are more frequent than others. Try more 
probably cominations first. 

Guess phrases - pick a common word - slide it down the m1^m2 text and 
see if the result looks like english - if it does, you've got a word in 
one, and a bunch of known text in another. 

The latter attack looks like it could be automated pretty well, and could 
run pretty fast, but I get the feeling I'm missing an obvious, better 
method. What's the standard way of attacking TTPs?

What's the most secure way to reuse a OTP if (say) an emergency happens 
when you're on the road, and you're out of pad? Could you build a 
sequence of keys for something like DES from widely separated bits of the 
pad, and use each key for one block, or is this likely to expose the 
original OTPed message, as well as the successor messages?

Simon

Follow-Ups:
- Re: using pgp to make an otp
  - From: "Perry E. Metzger" <[email protected]>

References:
- Re: using pgp to make an otp
  - From: "Perry E. Metzger" <[email protected]>

Prev by Date: Re: Credentials Without Identity
Next by Date: Re: Telephone switch capacity -Reply
Prev by thread: Re: using pgp to make an otp
Next by thread: Re: using pgp to make an otp
Index(es):
- Date
- Thread