[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A Snake-Oil FAQ

To: "Deranged Mutant" <[email protected]>, [email protected]
Subject: Re: A Snake-Oil FAQ
From: [email protected] (Bill Frantz)
Date: Mon, 22 Jul 1996 00:34:04 -0700
Sender: [email protected]

At  4:37 PM 7/20/96 +0000, Deranged Mutant wrote:
>The vendor may confuse random session keys or initialization vectors
>with OTPs.

"Random session keys" and "initialization vectors" probably need
definition.  Perhaps a very high level description of an existing "good"
encryption system would do.  Certainly a pointer to such a description
would be valuable.  Here is a start at some definitions:

Random session keys - The practice of generating a new, random key for each
message/communication session etc.  This key needs to be communicated to
the receivers of the message.  This communication can be performed using
public key cryptography or protocols such as Diffie Hellman.

Initialization Vectors - The practice of including some random data at the
start of an encrypted message to make it more secure against certain forms
of cryptanalysis.

A good idea and a good first pass - Bill

-------------------------------------------------------------------------
Bill Frantz       | The Internet may fairly be | Periwinkle -- Consulting
(408)356-8506     | regarded as a never-ending | 16345 Englewood Ave.
[email protected] | worldwide conversation.    | Los Gatos, CA 95032, USA

Prev by Date: Re: Netscape
Next by Date: <rant> Re: Devil's Bargain
Prev by thread: Re: A Snake-Oil FAQ
Next by thread: Re: A Snake-Oil FAQ
Index(es):
- Date
- Thread