[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: using pgp to make an otp

-- [ From: amp * EMC.Ver #2.3 ] --


From: John Curtis              \ Internet:    ([email protected])
To:   amp                      \ Internet:    ([email protected])

Subject: RE: using pgp to make an otp

JC> I was confused and answered a question you didn't ask. I guess you
JC> can use PGP to generate a set of pseudorandom numbers.  I'm not sure
JC> that this would be different from  using the IDEA cypher (the
JC> underlying PGP cypher) to generate random numbers.  I am also not
JC> convinced that this would be quicker or cheaper than any number of
JC> other mechanisms.

JC> If I really wanted a true one-time pad, I'm inclined to explore the
JC> thermal noise of a zener diode.

isn't the noise generated by such a diode more accurately described
as chaotic rather than random? i would think that there might be
potential problems with using chaos as a random number source. it
might be somewhat less random than you may think as most chaotic
system's 'noise' operates within definable parameters. (like a lorenz
system). i _would_ think that it would act as a most excellent prng,
but exactly how _truely_ random it actually would be i couldn't say. 
while it may not be _truely_ random, it would most likely be
cryptographically secure though. 

i think generating _true_ randomness is pretty difficult without
measuring something similar to radioactive decay. 

the system that i proposed setting up is, admittedly, a p-otp at
best. i'm much more convinced of this than i was when i initially
proposed it. the comments i've gotten on it were most enlightening.

<[email protected]> (since 10/31/88)
<[email protected]>
PGP Key = 57957C9D
PGP FP = FA 02 84 7D 82 57 78 E4  E2 1C 7B 88 62 A6 F9 F7 
November 9, 1995   11:41

Version: 2.6.2