From: "Mark M." <markm@voicenet.com>
Date: Sat, 21 Sep 1996 11:53:23 +0800
To: cypherpunks@toad.com
Subject: Re: OTP seed solution? - strong, tried before???
In-Reply-To: <842976406.25087.0@fatmans.demon.co.uk>
Message-ID: <Pine.LNX.3.95.960920210709.220A-100000@gak>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Tue, 17 Sep 1996 paul@fatmans.demon.co.uk wrote:

> A very simple idea came to me today that I`m sure has been done 
> before and I wanted to find out if it has any problems I haven`t 
> seen:
> 
> A strong random generator (ie. a BBS) is seeded with a true random 
> seed (derived possibly from keyboard latency) and used each time a 
> message is send to create a message length randon string.
> 
> This string is XOR`d or added to the message creating a OTP.
> 
> The recipient has previously been sent a seed value for the generator 
> encrypted under say RSA and signed to prevent a man in the middle 
> attack.

That's the definition of a stream cipher.  BBS is rather slow and is dependant
on the difficulty of factoring large numbers.  Of course, if the keys are
distributed using RSA or Rabin, then the strength of the system depends on the
difficulty of factoring numbers anyway.  There are many stream ciphers that
are fast and secure.  I generally like to use a block cipher in CFB or OFB
mode rather than a stream cipher, but they are basically the same thing.

Mark
- -- 
PGP encrypted mail prefered.
Key fingerprint = d61734f2800486ae6f79bfeb70f95348
http://www.voicenet.com/~markm/

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3
Charset: noconv

iQEVAwUBMkNA2CzIPc7jvyFpAQHeZAf/d6cdUZ0611N+9E5yTwLebrJtdMJJG0zo
jk1rujKQB/3+Faexrazw2hTjTdoidH/irSWrCSPlgdgPOO8kuwK5HSONlXD/gzK3
WP0lS5iiTHSg0Gfge/K2px4HJjl4gP/bsNkcdTDf5QuZHsJFQ1wKcBkuv5AVCuD8
wp3fGKBy2fD2HrAAbvmACHwzVYV99D6X7KIXkBUB8kvH4cBPGwe1dWH45uWtE5UW
UJRyxax2m31K7mJ5kcIEf/noQHikZVCBNx0ojlnMub2M+UZhenJvvoVMu/0AqF7g
1OCk7H7SEI5g9AzB/zboKh+6Zs5oII+lsIIdNZRz4xqyaNzmQUU/Lg==
=+n1m
-----END PGP SIGNATURE-----