From: Eric Hughes <hughes@soda.berkeley.edu>
Date: Sat, 17 Oct 92 13:51:21 PDT
To: cypherpunks@toad.com
Subject: one time pads
In-Reply-To: <199210150922.AA09387@well.sf.ca.us>
Message-ID: <9210172050.AA28275@soda.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain



>Again, I'm by no means trying to suggest that OTPs be considered for
>particularly wide application.  Rather, that OTPs and a range of other
>systems be designed, implemented, and made available so that potential users
>can make their own informed choices.

One time pad systems are expensive enough and in uncommon enough use
that I doubt they are going to get written as free software.  I
personally am not going to work on them, because I don't want to go
buy the necessary hardware to generate and hold sufficient key
material for a practical application.

You also need hardware random number generators for a secure OTP
system.  Such boxes are not readily available, or come cheap.  While
not obvious, making random bits is a very deep problem.  See Knuth
volume 2 for some insights.

I suspect that this same argument holds for all the rest of the people
in the group as well.  I don't know of anybody who wants to implement
this system for themselves, given the cost involved.

Cryptography is all economics, and the economics here are that one
time pad systems are expensive enough that the software that gets
written for them will be for in-house use or will be commercial.  In
either case, someone is paying someone else for developing the
software.

It might be possible that there are enough people who do want this
that there is some money for development.  A perfectly possible
outcome is the creation of a consortium to hire some implementers who
would make some gnu-ware.  Such organization does not exist.  Until it
does, an off-the-shelf OTP system won't exist.

Eric