1995-07-13 - OTP server..

Header Data

From: Doug Hughes <Doug.Hughes@Eng.Auburn.EDU>
To: cypherpunks@toad.com
Message Hash: 9805459fc2adca9ead725f39f20cd98bb73d0c3640a9c818cebf975e474fd366
Message ID: <199507132346.SAA07316@netman.eng.auburn.edu>
Reply To: N/A
UTC Datetime: 1995-07-13 23:46:51 UTC
Raw Date: Thu, 13 Jul 95 16:46:51 PDT

Raw message

From: Doug Hughes <Doug.Hughes@Eng.Auburn.EDU>
Date: Thu, 13 Jul 95 16:46:51 PDT
To: cypherpunks@toad.com
Subject: OTP server..
Message-ID: <199507132346.SAA07316@netman.eng.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain



How about WWW one time pad servers? You browse to your
favorite OTP server, which has a random number generator
running in the background. You tell it to give you a block
of X bytes, and mail it to persons 1, 2, 3, ... N.

These people then use this OTP for encrypting a document.
It wouldn't be illegal because you aren't encoding any data
and distributing it.. You're generating raw data. You wouldn't
have to distribute any crypto software, you just xor your
data file with the number of bytes that you were sent
in the mail from the OTP server.. Enough of these things
would be REALLY tough to monitor.. Plus, you could connect
8 different times and just pick one of the sets.. Or you
could just use a portion of the set that you and the receiving
party agreed upon.

Or, instead of using email, you could have a application/x-otp
browser that would collect the OTP that the server sent out
to you over HTTP. (this would be really hard to differentiate
from other data if the server was doing other things at the
same time).

Thoughts?

 Doug Hughes				Engineering Network Services
 doug@eng.auburn.edu			Auburn University




Thread