[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Snake Oil FAQ 0.4 [comments appreciated]

To: "David K. Merriman" <[email protected]>
Subject: Re: Snake Oil FAQ 0.4 [comments appreciated]
From: The Deviant <[email protected]>
Date: Mon, 16 Sep 1996 22:06:37 -0400 (EDT)
cc: [email protected]
In-Reply-To: <[email protected]>
Organization: The Silicon Pirates
Sender: [email protected]

On Mon, 16 Sep 1996, David K. Merriman wrote:

> Date: Mon, 16 Sep 1996 10:05:27 -0700 (PDT)
> From: "David K. Merriman" <[email protected]>
> To: [email protected]
> Subject: Re: Snake Oil FAQ 0.4 [comments appreciated]
> 
> To: [email protected]
> Date: Mon Sep 16 12:05:17 1996

[usefull stuff rm'd]

> >
> >       The phrase easy-to-use should not appear in proximity to one
> > time pad, except in the context 'Easier key management than a one time
> > pad!"
> >
> 
> I would also suggest that the generation of OTP 'pads' for users is
> *highly* questionable. Who else is getting a copy of them, assuming they're
> even valid?
> 

Not to mention, the basic flaw of OTP.. if you have the only copy of the
key, and the key is non-repetitive, how do you send the key to another
person without being just as insecure as not encrypting it in the first
place... almost any OTP claims are gonna be snake oil.

 --Deviant
"I understand by 'freedom of Spirit' something quite definite -
the unconditional will to say No, where it is dangerous to say
No.
           Friedrich Nietzsche

References:
- Re: Snake Oil FAQ 0.4 [comments appreciated]
  - From: "David K. Merriman" <[email protected]>

Prev by Date: Re: forward secrecy in mixmaster
Next by Date: The GAK Momentum is Building...
Prev by thread: Re: Snake Oil FAQ 0.4 [comments appreciated]
Next by thread: Re: Snake Oil FAQ 0.4 [comments appreciated]
Index(es):
- Date
- Thread