From: “Perry E. Metzger” <perry@piermont.com>
To: SINCLAIR DOUGLAS N <sinclai@ecf.toronto.edu>
Message Hash: 1b98d3c51feb5c91738749a64bbbe7fd3d1d5aeb0cdce20d0949f090431507a8
Message ID: <199602212307.SAA10309@jekyll.piermont.com>
Reply To: <96Feb21.173106edt.9978@cannon.ecf.toronto.edu>
UTC Datetime: 1996-02-22 12:01:39 UTC
Raw Date: Thu, 22 Feb 1996 20:01:39 +0800
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 22 Feb 1996 20:01:39 +0800
To: SINCLAIR DOUGLAS N <sinclai@ecf.toronto.edu>
Subject: Re: IPG OTM expansion
In-Reply-To: <96Feb21.173106edt.9978@cannon.ecf.toronto.edu>
Message-ID: <199602212307.SAA10309@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain
SINCLAIR DOUGLAS N writes:
> I have a guess as to IPG's "OTP" expansion algorithm. The clue is the
> prime wheels. It reminded me of something I read in Kahn that was originally
> done with paper tape.
>
> Take two random streams, A and B. Their lengths are relatively prime. Let's
> use 1000 and 999. An expanded stream C is computed thus:
>
> C[i] = A[i % 1000] ^ B[i % 999]
>
> C thus does not repeat until 999000 values have gone past. Using more than
> two relatively prime wheels will produce very large streams. The key,
> of course, is that *the entropy does not increase*. I am sure that this
> sort of expansion is vulnerable to attack.
Indeed it is. It is fairly straightforward to crack this. If you read
the same chapter of "The Codebreakers" you will note that, in fact,
this same method was tried and broken way, way back.
> Am I close, Ralph?
Return to February 1996
Return to “SINCLAIR DOUGLAS N <sinclai@ecf.toronto.edu>”