bhayes@glacier.UUCP (04/21/86)
In article <484@ucsfcca.UUCP> dick@ucsfcca.UUCP (Dick Karpinski) writes: >The simplest encryption which is secure is the one time pad, right? >[...] [Can you construct a] one time pad [by] selecting larger supplies >of bits from one or several CD ROMs or simply compact disks of music? There is a code known as a "book code" that does just this. Choose a particular edition of a particular book and give a copy to each person who is to use the code. To find a key, agree to some character in the book [e.g. by page/line/character triplet] and use the characters in the book starting at that place. The choice can be be by open communication ["page 25/line 16/character 12"] or more subtle methods [e.g. a function of the California lottery winners for the day]. In general you can leave the problem of key publication/distribution to other people by agreeing to use, say, the editorial page of the Herald Tribune as a key. Using CDs to distribute the keys is a nice high-tech gloss on an old idea. -Barry
gnu@hoptoad.UUCP (04/22/86)
In article <913@vortex.UUCP>, lauren@vortex.UUCP (Lauren Weinstein) writes: > To be truly useful, one-time pads must use VERY random data. I doubt > that "partial selection" systems (choosing bits from CDroms, etc.) would > be adequate. Real-world one-time systems tend to use the most random > sources of bits they can find--like the rate of decay of certain > isotopes. Suppose you made your own CDROMs using isotopes to generate the data. It does make a difference that you can put 600 MBytes of truly random data onto a CDROM and slip it into a diplomatic pouch for delivery as next week's cipher. It would be hard to fit a large one-time pad into a battlefield portable unit (eg on 6250 BPI 1/2'' tape) until CDROM. If you have 600MB of true random data then it doesn't matter much whether you send a little selector to pick WHICH random data you are going to use -- it's already as random as it can get. You have the usual key distribution problems of course -- if a Bad Guy gets a CDROM then you are out of luck, as with all one-time pads. Skipping around in it only slightly increases the work factor, but complicates the key handling since the key is not only the CD ROM but also the sequence in which to use pieces of it. There *is* the problem that there are only a few factories in the world that can make CDROMs but I'm sure the NSA won't object to spending some tax dollars on building a private one of their own. -- John Gilmore {sun,ptsfa,lll-crg,ihnp4}!hoptoad!gnu jgilmore@lll-crg.arpa
lauren@vortex.UUCP (Lauren Weinstein) (04/23/86)
The important thing about one-time pad data is that it must never, ever be reused. I got the impression from the person who first proposed the CD ROMs that they wanted to use an algorithm that might permit reusing parts of the CD data as a seed for new data. Such a technique would compromise the randomness and would not be adequate. If a CD ROM is treated simply as a big chunk of data to be used up once and then thrown away, then this problem doesn't exist. --Lauren--