[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Snake Oil FAQ 0.4 [comments appreciated]
-----BEGIN PGP SIGNED MESSAGE-----
To: [email protected]
Date: Mon Sep 16 12:05:17 1996
> (First off, I'd like to thank Matt for doing this.)
>
> The key length stuff is good, but a common component of snake oil is
> that it claims to have very long key sizes.
>
> | Some ciphers, while currently secure against most attacks, are not
> | considered viable in the next few years because of relatively small
> keysizes
> | and increasing processor speeds (making a brute-force attacks
> feasible). The
> | tables below should give some general guidelines for making intelligent
> | decisions about the key length you need. If the key is too short, the
> system
> | will be easily broken, even if the cipher is a good one.
> |
> | In [1] and [2], we're presented with some guidelines for deciding
> | appropriate key length. (It is important to note that this is based on
> the
> | ability to predict computing power 40, 65, and 100 years from now.
> Major
> | breakthroughs in computing power 30 years from now might render
> everything
> | on this chart kiddieplay.)
>
> | * One-Time-Pads
> |
> | A vendor might claim the system uses a one-time-pad (OTP), which
> is
> | theoretically unbreakable. That is, snake-oil sellers will try
> to
> | capitalize on the known strength of a OTP. It is important to
> | understand that any variation in the implementation means that it
> is
> | not an OTP, and has nowhere near the security of an OTP.
> |
> | A OTP system is not an algorithm. It works by having a "pad" of
> random
> | bits in the possession of both the sender and recipient. The
> message is
> | encrypted using the next n bits in the pad as they key, where n
> is the
> | number of bits in the message. After the bits are used from the
> pad,
> | they're destroyed, and can never again be used. The bits in the
> pad
> | must be truly random, generated using a real random source, such
> as
> | specialized hardware, radioactive decay timings, etc., and not
> from an
> | algorithm or cipher. Anything else is not a one-time-pad.
>
> The phrase easy-to-use should not appear in proximity to one
> time pad, except in the context 'Easier key management than a one time
> pad!"
>
I would also suggest that the generation of OTP 'pads' for users is
*highly* questionable. Who else is getting a copy of them, assuming they're
even valid?
Dave Merriman
- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
PGP Email welcome, encouraged, and PREFERRED. Visit my web
site at http://www.shellback.com/p/merriman
for my PGP key and fingerprint
"What is the sound of one hand clapping in a forest
with no one there to hear it?"
I use Pronto Secure (tm) PGP-fluent Email software for Windows
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBMjzSBMVrTvyYOzAZAQGVwQP+N6vjyniDH0ad3G8dWu1cPHi5yfvksbS7
EJmgpSVTlaLf1Kp7rX2zBULxKvd2bqN3z3tAhj6reeG8la+P3Skw9gPJS8ggYvOn
cXwdRsCyRICgHYMcbaEB/91YsJMweYyzWLe2JZazs3NfsafxdNKerGR7kvoQF0bG
oBNR169sGlo=
=WqlN
-----END PGP SIGNATURE-----