From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sun, 5 Nov 1995 08:07:14 +0800
To: amp <Alan.Pugh@internetMCI.COM>
Subject: Re: using pgp to make an otp
Message-ID: <199511042351.PAA07430@ix4.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:58 AM 11/5/95 -0500, amp <Alan.Pugh@internetMCI.COM> wrote:
>i want a source of data for use as a otp. 
....
>i'd like to know if there was a reason not to use the output of pgp

Either PGP is a strong enough cryptosystem that you don't need
to use a one-time-pad, or it's not, in which case you need better
randomness than PGP will give you (I doubt it), or you have special
applications for which PGP is impractical (like decrypting small amounts
of data on a very wimpy machine in an environment that you can easily
distribute OTP keys (for using ONCE ONLY)).  Or you're just doing it for fun.

A OTP can give you provably secure cryptography, given that the pad
is only used once, and has real randomness behind it.  If it's only
pseudo-random numbers (e.g. generated from some algorithm), then
it's as crackable as the source of random numbers, and therefore no
longer provably secure.  And of course, if you use it more than once,
or your pad distribution isn't secure, you lose.

>i still need a program to make use of the otp i've produced, 

Two alternatives - spend 5 minutes writing it in a language you know well,
or pick a language you don't know very well and use it as an excuse
to learn the language.  It's slightly more complex than "hello, world",
since you need to input data from two files and use XOR.  

>what are the holes in this?  why would it be unadvisable to do it?
The big problem with OTPs (other than getting people to use the pads
ONLY ONCE, since they're otherwise hosed) is shipping them around;
the traditional method is guys with briefcases handcuffed to their arms....

>otoh, would it be a good basis for a otp?
Large quantities of good random numbers are hard to find.  Small quantities
can come from dice or throwing darts at the stock market pages;
the zener diode or radioactivity methods people have been discussing
will produce larger quantities if you've got the equipment.
If you've got one of those new radio-tuner boards for your PC, tuning it
to an unused station might be quite decent, and we've just been discussing
whether video is any good.

With many of these sources, it's probably worth grinding the numbers through
some sort of compression or encryption algorithm just to smudge over any
periodicity or other structure to it.
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---