[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Q.E.D.



At  8:28 PM 10/16/96 -0500, IPG Sales wrote (original at excessive length):
>         ...  IPG has produced a system to generate software OTPs,
>         albeit it within limited but but more than ample entropy, not
>         software random numbers.
>
>         We stipulate the obvious fact that the encryptor stream
>         generated by EUREKA is a PRNG stream, though we do consider
>         it gross denigration to castigate it as ONLY a PRNG stream.
>         It is a PRNG issue that also happens to be an extremely well
>         behaved OTP sequence, with limited but ample entropy, as well.

The problem is you are misusing the term One Time Pad.

>         It meets each and every criteria rationally established for an
>         OTP in all reasonable aspects.

One of the criteria for a OTP is that you can credibly claim that ANY plain
text (of the correct length) is a valid decryption of a cyphertext
encrypted with a OTP.  Since your PRNG has less entropy than the message,
there are output sequences that can not occur.  Therefore there are
plaintext messages which have no possible key.  These messages are not
credible decryptions and the PRNG is not a OTP.  This criterion is directly
related to the provable security of the OTP.  As such it is certainly a
rationally established criterion.

Now your PRNG may be a reasonably secure cypher system.  (I haven't looked
at it.)  However it isn't an OTP and should not be advertised as such. 
Doing so makes people familar with the field think you don't know what you
are talking about.


-------------------------------------------------------------------------
Bill Frantz       | Tired of Dole/Clinton?     | Periwinkle -- Consulting
(408)356-8506     | Vote 3rd party.  I'm       | 16345 Englewood Ave.
[email protected] | Voting for Harry Browne    | Los Gatos, CA 95032, USA