[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Info: Elementrix POTP
Forwarded from sci.crypt:
In article <[email protected]>, [email protected] (WHMurray) writes:
> In article <[email protected]>, [email protected] (Michael Handler)
> writes:
>
> >It
> >looked somewhat like a stream cipher that generates its key by measuring
> >packet lag over TCP/IP. General consensus was that any key determined
> >from public information wasn't secure.
>
> It uses a new symmetric message key for each message. The key for message
> n is a function of that for message n-1 modulated by the content of
> message n-1. However, it operates at the message layer, not the TCP/IP
> layer. In a given population, everyone in the population can begin with
> the same key. As messages are exchanged between any two parties in the
> population, they end up with a key which is unique to them. The system is
> synchronous. If any traffic between two parties is lost, they must
> re-synch; keys between each of the parties and other parties will not be
> affected.
>
> The idea is novel and useful. It will be resistant against most
> attackers. It is much less resistant to attacks by nation states that
> could have a record of all traffic among all parties. Of course it is not
> an OTP nor is it more secure than other modern systems. If anything, it
> is a little less so, at least against those who have all of the traffic
> and to the extent that more than two parties start with the same initial
> key. Of course, its strength is to permit all members of the population
> to begin with the same key while ensuring that members of the population
> are safe from each other. It also ensures that compromise of the initial
> key is not sufficient to read traffic. One must have all the intervening
> traffic. Thus, if one comes to the party late, learning the initial key
> will not enable one to read current traffic.
>
> >OTOH, I saw a press-release on Cypherpunks a week or two back that
> >claimed Whitfield Diffie and David Kahn had both examined the algorithm
> >under NDA, and both were blown away by it. OTOOH, I don't know how much
> >Diffie and Kahn know about TCP/IP.
>
> Diffie knows enough; Kahn less. However, both are geniuses and know what
> they need to know. As to their being "blown away," I tend to doubt it.
> The idea is useful but not revolutionary.
>
> >We'll know for sure when they release the details of the spec. And, if
> >they go to the logical conclusion of all this secrecy and they *don't*
> >release the spec, it won't be worth a bucket of warm snake oil.
>
> If they have applied for a patent and if the effectiveness of the scheme
> does not rely upon secrecy of the scheme, then of course there is no
> reason for secrecy. They sent me an evaluation copy of the program and
> have been fairly open in discussing it. (No one has suggested an NDA or
> even that there were any secrets involved.) While for security I would
> rather have Lotus Notes or Secure Exchange, for ease of administration
> this program has advantages.
>
> The product is interesting and less bogus than your meters might lead you
> to believe. Few of us would like to have our products evaluated strictly
> on the basis of press releases and reports.
>
> I believe that the scheme infringes patents of which I am aware.
>
>
>