Re: Snake Oil FAQ 0.4 [comments appreciated]

[tcmay@got.net (Timothy C. May)]

At 2:06 AM 9/17/96, The Deviant wrote:

>Not to mention, the basic flaw of OTP.. if you have the only copy of the
>key, and the key is non-repetitive, how do you send the key to another
>person without being just as insecure as not encrypting it in the first
>place... almost any OTP claims are gonna be snake oil.

Not quite.

Many cryptographic messages have a *time value*. The canonical example is
"Attack at dawn." A one-time pad carried by a unit out onto the battlefield
is eminently valuable for receiving such time-critical messages.

Many other examples abound: embassies receiving instructions from the home
country, travelling businessmen exchanging messages with the office, Air
Force One receiving encrypted transmissions from NORAD, and so on.

This is why OTPs are still in use by the military, embassies, etc.

Granted, asymmetric key systems have various advantages, discussed here all
the time, but to say almost any OTP claims are snake oil is untrue. (Many
claims about OTPs _are_ of course snake oil, but usually in that they are
not true OTPs in the Shannon sense.)

--Tim May

We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Higher Power: 2^1,257,787-1 | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."