Re: High Quality Random sources, was: Re: SecuriKey

From: Valdis . Kletnieks
Date: Mon Jan 12 2004 - 01:00:29 EST

Next message: George Anzinger: "Re: [discuss] Re: kgdb for x86_64 2.6 kernels"
Previous message: Andrew Morton: "Re: 2.6.1-mm1: drivers/video/sis/sis_main.c link error"
In reply to: Stephen D. Williams: "Re: High Quality Random sources, was: Re: SecuriKey"
Next in thread: Stephen D. Williams: "Re: High Quality Random sources, was: Re: SecuriKey"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, 11 Jan 2004 23:10:47 EST, "Stephen D. Williams" said:

> OTP absolutely requires that you share the OTP out of band, i.e. you
> twin a capture of random data. Any transfer makes it as vulnerable as
> the transfer method.

The single most common OTP-related offense of Schneier's "snake oil crypto"
has got to be the fact it's almost never only used exactly once and then discarded.

So sure you can load 200 meg of OTP into the dongle before you leave the spy agency
on a mission. The fun starts when you get to the 201st megabyte of data. :)

Attachment: pgp00000.pgp
Description: PGP signature

Next message: George Anzinger: "Re: [discuss] Re: kgdb for x86_64 2.6 kernels"
Previous message: Andrew Morton: "Re: 2.6.1-mm1: drivers/video/sis/sis_main.c link error"
In reply to: Stephen D. Williams: "Re: High Quality Random sources, was: Re: SecuriKey"
Next in thread: Stephen D. Williams: "Re: High Quality Random sources, was: Re: SecuriKey"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]