From: Eric Hughes <hughes@soda.berkeley.edu>
To: cypherpunks@toad.com
Message Hash: e0200c965cf15e4312ff9a6ced3adbd63b333f8c6515bc99c898ff5420028779
Message ID: <9211131721.AA13968@soda.berkeley.edu>
Reply To: <9211131639.AA23711@newsu.shearson.com>
UTC Datetime: 1992-11-13 17:21:09 UTC
Raw Date: Fri, 13 Nov 92 09:21:09 PST
From: Eric Hughes <hughes@soda.berkeley.edu>
Date: Fri, 13 Nov 92 09:21:09 PST
To: cypherpunks@toad.com
Subject: Rander box
In-Reply-To: <9211131639.AA23711@newsu.shearson.com>
Message-ID: <9211131721.AA13968@soda.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain
Perry on random bit rates:
>I strongly disagree -- you really want to be able to do as high a
>bandwidth as possible.
Cryptography is all economics.
The economics here is that John Draper is going to try to market this
thing, not play with it in the lab. I don't know what experience you
have with electronic design, so pardon me if I condescend. You don't
sell features that most people don't need. You don't add parts when
only a few people are going to use the feature. You make another
version if there is sufficient demand for higher performance.
One-time pads are expensive to make relative to other forms of
security. Period. No argument. George Gleason and I had a long
conversation via email over a period of weeks about this. He was
convinced. If you don't believe me, ask him.
The largest need for random bits right now is for key material. If you
want to use one-time pads, fine. They are secure, no problem. The
random number generator we are discussing here is not suitable for
making one-time pads. If you want one, build it. It's not what most
people need right now.
In fact, if one-time pads are economical to use, then surely there is
a market for one-time pad systems. Of course, if such a market does
not exist, then one-time pads don't provide economical protection for
the market as a whole. Which do you think?
Re: continuous spewing of bits.
Perry thinks this is a bad idea because it won't work with
workstations well with respect to interrupts.
In my previous post, I mentioned powering the device from DTR. DTR,
for those of you not familiar with RS-232, is a device control line
which is separately assertable. To turn the device off, toggle DTR.
Presto! No more power, no more bits. Simple, when you know what DTR
does.
My original point remains, though: you don't need a power switch.
Eric
Return to November 1992
Return to “pmetzger@shearson.com (Perry E. Metzger)”