[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: A Snake-Oil FAQ
At 4:37 PM 7/20/96 +0000, Deranged Mutant wrote:
>The vendor may confuse random session keys or initialization vectors
>with OTPs.
"Random session keys" and "initialization vectors" probably need
definition. Perhaps a very high level description of an existing "good"
encryption system would do. Certainly a pointer to such a description
would be valuable. Here is a start at some definitions:
Random session keys - The practice of generating a new, random key for each
message/communication session etc. This key needs to be communicated to
the receivers of the message. This communication can be performed using
public key cryptography or protocols such as Diffie Hellman.
Initialization Vectors - The practice of including some random data at the
start of an encrypted message to make it more secure against certain forms
of cryptanalysis.
A good idea and a good first pass - Bill
-------------------------------------------------------------------------
Bill Frantz | The Internet may fairly be | Periwinkle -- Consulting
(408)356-8506 | regarded as a never-ending | 16345 Englewood Ave.
[email protected] | worldwide conversation. | Los Gatos, CA 95032, USA