Re: Internet Privacy Guaranteed ad (POTP Jr.)

[droelke@rdxsunhost.aud.alcatel.com (Daniel R. Oelke)]

> From owner-cypherpunks@toad.com  Mon Feb 19 17:50:19 1996
> Date: Mon, 19 Feb 1996 17:17:52 -0600 (CST)
> From: IPG Sales <ipgsales@cyberstation.net>

> We are not currently revealing all the details of our system because of 
> patents in process, and other relat6ed matters. We are offering the 
> software. You should be able to readily decompile it and determine the 
> algorithms used andf how they are used to generate random number sequences 
> for very long files.  For short messages, a true OTP is used directly. 

Marketing Fluff - read "we don't *want* to revel it".  Patent stuff doesn't
take long to get the initial disclosures filed.  Cypherpunks are 
generally engineers and are immune to such crap.  

> If you are aware of encrtypting technology, you recognize that hardware 
> prime number cycle wheels for the basis of some of the most secured 
> hardware systems employed for encryption. We simply expand that technogy 
> using software to set an intial setting, an adder, and a limit for 64 
> such wheels, using large random prime numbers for each of those settings. 
> The total number of possibilities is over 10 to the 1690th power and can 
> be much larger. 

So.  Large "random" prime numbers are generated.  From what?  How?
Obviously these act as keys to your "OTP".  Figure out how to 
match this prime and you can generate the same "OTP".

> Thus we can eliminate the need to have the length of the OTP to be equal 
> to the length of the file - if you do not belive that it works, try it 
> and see - it takes inly a few hours to set such a trial up. We generated 
> over 790 gigabytes of charcaters, on multiple backups, and tested. Our 
> standard deviations, chi squares, Delta ICs for bits, characters, sets, 
> and the entire set were random. The sets are random, and you can take 
> that to the bank. 

So the data coming out appears random.  Big whoopie.  Lots of algorithms
can generate the same thing.

The key is how do you seed that random number generator? 

This isn't even close to being a OTP.  A OTP by definition has a random
set of data that is transmitted to the receipient over a seperate
secure channel from the actual message to be sent.  The actual message
and the OTP are XOR'ed together and sent.  The receipient then XORs
the OTP and the encrypted message to get plaintext.

That is pretty simple - even a marketing drone should be able to figure
that one out.

Now - explain how (in generic terms) your system acts as a OTP.

> Someone, will decompile it and discover that it is truly random, at least 
> from the practical usage basis. But we need that time to file patents, 
> cvopyrights and the like. 

Yes - hopefully someone will take the time and money to decompile it.
.... but if you are so sure of yourself,
why not give away some demo copies.  Why not source of the security
functions?  (Shove that patent crap someplace - you wouldn't be 
selling it if your disclosures weren't already filed)

> The IPG system solves the key management problem and produces a truly 
> unbreakabkle system. We make no apologies for not currently revealing all 
> of the methodologies andf algorithms, but they will be revealed with 
> time, by us or others, and you will discover that it is indeed a simple, 
> easy to use, easy to install, truly unbreakable system.

"unbreakable" - Bullshit - you obviously don't know crap.

Dan
------------------------------------------------------------------
Dan Oelke                                  Alcatel Network Systems
droelke@aud.alcatel.com                             Richardson, TX