1995-10-20 - “power one time pad”

Header Data

From: Paul Koning 1695 <pkoning@chipcom.com>
To: Cypherpunks mailing list <cypherpunks@toad.com>
Message Hash: 9eb8a025b06d437ec03c3527a1ff8894b7d27c87dd6fa19afeec776dea0ce0bc
Message ID: <3087F1A2@mailer2>
Reply To: N/A
UTC Datetime: 1995-10-20 16:02:17 UTC
Raw Date: Fri, 20 Oct 95 09:02:17 PDT

Raw message

From: Paul Koning               1695 <pkoning@chipcom.com>
Date: Fri, 20 Oct 95 09:02:17 PDT
To: Cypherpunks mailing list <cypherpunks@toad.com>
Subject: "power one time pad"
Message-ID: <3087F1A2@mailer2>
MIME-Version: 1.0
Content-Type: text/plain



I'd be interested in reactions to the article in Network World, 10/16/95 
issue,
page 53.  It describes a supposed cryptosystem that sounds bogus, but
I can't make up my mind about how much is the system and how much is
the confusion of the author.

Among other things, it says that POTP "doesn't use an encryption algorithm;
instead it synchronizes random processes on two computers as they
communicate".  (I wonder if the author understands that that's just another
way to describe encryption algorithms...)  The other claim is that it 
eliminates
the need to manage keys.  "... there is no need for central servers where 
PGP
keys ... are kept".

This seems like a strange claim because of course PGP doesn't require
central servers, but more importantly, you can't do authentication without
at least one piece of keying data being established out of band.  That
could be a certification authority public key, but you need something
to get started.

Supposedly this thing was shown at Interop.  Did anyone see it, and does
the product make sense even if the article didn't?

(One thing that disturbes me about the product name is the use of the
phrase "one time pad".  Since the "random" processes are presumably
not random but rather pseudo-random, there is no one time pad involved
at all, but rather a plain old stream cypher of some sort, which may or
may not be secure in practice but cannot have the "secure from first
principles" property that real one time pad has.)

     paul
     (pkoning@chipcom.com)





Thread