[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPG OTM expansion

To: SINCLAIR DOUGLAS N <[email protected]>
Subject: Re: IPG OTM expansion
From: "Perry E. Metzger" <[email protected]>
Date: Wed, 21 Feb 1996 18:07:26 -0500
Cc: [email protected], IPG Sales <[email protected]>
In-Reply-To: Your message of "Wed, 21 Feb 1996 17:31:03 EST." <[email protected]>
Reply-To: [email protected]
Sender: [email protected]


SINCLAIR DOUGLAS N writes:
> I have a guess as to IPG's "OTP" expansion algorithm.  The clue is the
> prime wheels.  It reminded me of something I read in Kahn that was originally
> done with paper tape.
> 
> Take two random streams, A and B.  Their lengths are relatively prime.  Let's
> use 1000 and 999.  An expanded stream C is computed thus:
> 
> C[i] = A[i % 1000] ^ B[i % 999]
> 
> C thus does not repeat until 999000 values have gone past.  Using more than
> two relatively prime wheels will produce very large streams.  The key,
> of course, is that *the entropy does not increase*.  I am sure that this
> sort of expansion is vulnerable to attack.

Indeed it is. It is fairly straightforward to crack this. If you read
the same chapter of "The Codebreakers" you will note that, in fact,
this same method was tried and broken way, way back.

> Am I close, Ralph?

References:
- IPG OTM expansion
  - From: SINCLAIR DOUGLAS N <[email protected]>

Prev by Date: IPG OTM expansion
Next by Date: Re: Internet Privacy Guaranteed ad (POTP Jr.)
Prev by thread: IPG OTM expansion
Next by thread: Big Java security hole
Index(es):
- Date
- Thread