[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Snake Oil FAQ 0.4 [comments appreciated]


To: [email protected]
Date: Mon Sep 16 12:05:17 1996
> (First off, I'd like to thank Matt for doing this.)
> The key length stuff is good, but a common component of snake oil is
> that it claims to have very long key sizes.
> | Some ciphers, while currently secure against most attacks, are not
> | considered viable in the next few years because of relatively small
>  keysizes
> | and increasing processor speeds (making a brute-force attacks
>  feasible). The
> | tables below should give some general guidelines for making intelligent
> | decisions about the key length you need. If the key is too short, the
>  system
> | will be easily broken, even if the cipher is a good one.
> | 
> | In [1] and [2], we're presented with some guidelines for deciding
> | appropriate key length. (It is important to note that this is based on
>  the
> | ability to predict computing power 40, 65, and 100 years from now.
>  Major
> | breakthroughs in computing power 30 years from now might render
>  everything
> | on this chart kiddieplay.)
> |    * One-Time-Pads
> | 
> |      A vendor might claim the system uses a one-time-pad (OTP), which
>  is
> |      theoretically unbreakable. That is, snake-oil sellers will try
>  to
> |      capitalize on the known strength of a OTP. It is important to
> |      understand that any variation in the implementation means that it
>  is
> |      not an OTP, and has nowhere near the security of an OTP.
> | 
> |      A OTP system is not an algorithm. It works by having a "pad" of
>  random
> |      bits in the possession of both the sender and recipient. The
>  message is
> |      encrypted using the next n bits in the pad as they key, where n
>  is the
> |      number of bits in the message. After the bits are used from the
>  pad,
> |      they're destroyed, and can never again be used. The bits in the
>  pad
> |      must be truly random, generated using a real random source, such
>  as
> |      specialized hardware, radioactive decay timings, etc., and not
>  from an
> |      algorithm or cipher. Anything else is not a one-time-pad.
>       The phrase easy-to-use should not appear in proximity to one
> time pad, except in the context 'Easier key management than a one time
> pad!"

I would also suggest that the generation of OTP 'pads' for users is 
*highly* questionable. Who else is getting a copy of them, assuming they're 
even valid?

Dave Merriman

- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
PGP Email welcome, encouraged, and PREFERRED. Visit my web
site at         http://www.shellback.com/p/merriman
for my PGP key and fingerprint
"What is the sound of one hand clapping in a forest
with no one there to hear it?"
I use Pronto Secure (tm) PGP-fluent Email software for Windows
Version: 2.6.2