home *** CD-ROM | disk | FTP | other *** search
- Path: sparky!uunet!haven.umd.edu!darwin.sura.net!zaphod.mps.ohio-state.edu!pacific.mps.ohio-state.edu!linac!uwm.edu!ogicse!qiclab!leonard
- From: leonard@qiclab.scn.rain.com (Leonard Erickson)
- Newsgroups: sci.crypt
- Subject: Re: pseudo one time pad...
- Message-ID: <1992Nov18.133121.23563@qiclab.scn.rain.com>
- Date: 18 Nov 92 13:31:21 GMT
- Article-I.D.: qiclab.1992Nov18.133121.23563
- References: <1992Nov11.173642.29608@ee.eng.ohio-state.edu> <1992Nov11.144908.4035@memstvx1.memst.edu> <1992Nov12.000152.316@ee.eng.ohio-state.edu>
- Reply-To: Leonard.Erickson@f51.n105.z1.fidonet.org
- Organization: SCN Research/Qic Laboratories of Tigard, Oregon.
- Lines: 21
-
- butzerd@blanc.eng.ohio-state.edu (Dane C. Butzer) writes:
-
- >Nope. I was just using DES as an example, since its output in CFM is
- >unpredictable as well as statisctally random. The real question was: If
- >you have a good enough PRNG (or try URNG - unpredictable random number
- >generator), why is a pseudo one time pad bad?
-
- Because your key depends *totally* on the starting value. If the
- "enemy" knows the *system* (which they will, sooner or later), then
- once they crack *any* message they can read them all.
-
- Output from *any* "generator" depends on input/starting values. So
- *those* are the "key". And for a "brute force" attack *they* become the
- "key space" that needs to be searched. So I just feed all the
- starting conditions in and see which ones give reasonable messages.
-
- --
- Leonard Erickson leonard@qiclab.scn.rain.com
- CIS: [70465,203] 70465.203@compuserve.com
- FIDO: 1:105/51 Leonard.Erickson@f51.n105.z1.fidonet.org
- (The CIS & Fido addresses are preferred)
-
