From: “Christopher J. Shaulis” <cjs@netcom.com>
To: Doug.Hughes@Eng.Auburn.EDU (Doug Hughes)
Message Hash: d0de18a4a693f07b5ea8ee54504efa061941b78d1fe9b278122ff210b0eb2dba
Message ID: <199509282349.TAA00187@hoopsnake.cjs.net>
Reply To: <199509290031.TAA24720@lab21.eng.auburn.edu>
UTC Datetime: 1995-09-29 00:57:57 UTC
Raw Date: Thu, 28 Sep 95 17:57:57 PDT
From: "Christopher J. Shaulis" <cjs@netcom.com>
Date: Thu, 28 Sep 95 17:57:57 PDT
To: Doug.Hughes@Eng.Auburn.EDU (Doug Hughes)
Subject: Re: worldwide announce: New OTP Mail/FTP apps
In-Reply-To: <199509290031.TAA24720@lab21.eng.auburn.edu>
Message-ID: <199509282349.TAA00187@hoopsnake.cjs.net>
MIME-Version: 1.0
Content-Type: text
> One initial connection is all that is needed to have a secure
> connection for the lifetime of the two communicating parties. This
> initial connection can be accomplished via any number of ways. It
> does involve an initial one time only shared secret. This is much
> different than the many shared secrets and key management issues of
> private and public key systems. For the initial connection you can
> stick the machines back to back if you are really worried about
> security. This initial transaction serves as a seed for subsequent
> transactions. All subsequent transactions depend on preceding
> transactions. A degree of randomness comes from the randomness of
> the messages. Each next word in the message is random.
I'm a little new to this, but I thought the whole idea behind keys was
not having to whisper "secrets" to someone on the other side of a
crowded mall. Most people don't have the luxary of connecting their
computers back to back with someone on the other side of the world
just to ensure a secure communications path. Ther would have to be
some mechnisms to ensure that secure delivery of your "secret", and
that brings us back to key management, so the whole thing is rather
self defeating.
Christopher
Return to September 1995
Return to “Jim Gillogly <jim@acm.org>”