From: droelke@rdxsunhost.aud.alcatel.com (Daniel R. Oelke)
To: ipgsales@cyberstation.net
Message Hash: 1d74c1ee0a5ae78004965246cddaec2b0512b7e76756df06aa626108b37a0a69
Message ID: <9602200007.AA09268@spirit.aud.alcatel.com>
Reply To: N/A
UTC Datetime: 1996-02-20 01:42:18 UTC
Raw Date: Tue, 20 Feb 1996 09:42:18 +0800
From: droelke@rdxsunhost.aud.alcatel.com (Daniel R. Oelke)
Date: Tue, 20 Feb 1996 09:42:18 +0800
To: ipgsales@cyberstation.net
Subject: Re: Internet Privacy Guaranteed ad (POTP Jr.)
Message-ID: <9602200007.AA09268@spirit.aud.alcatel.com>
MIME-Version: 1.0
Content-Type: text/plain
> From owner-cypherpunks@toad.com Mon Feb 19 17:50:19 1996
> Date: Mon, 19 Feb 1996 17:17:52 -0600 (CST)
> From: IPG Sales <ipgsales@cyberstation.net>
> We are not currently revealing all the details of our system because of
> patents in process, and other relat6ed matters. We are offering the
> software. You should be able to readily decompile it and determine the
> algorithms used andf how they are used to generate random number sequences
> for very long files. For short messages, a true OTP is used directly.
Marketing Fluff - read "we don't *want* to revel it". Patent stuff doesn't
take long to get the initial disclosures filed. Cypherpunks are
generally engineers and are immune to such crap.
> If you are aware of encrtypting technology, you recognize that hardware
> prime number cycle wheels for the basis of some of the most secured
> hardware systems employed for encryption. We simply expand that technogy
> using software to set an intial setting, an adder, and a limit for 64
> such wheels, using large random prime numbers for each of those settings.
> The total number of possibilities is over 10 to the 1690th power and can
> be much larger.
So. Large "random" prime numbers are generated. From what? How?
Obviously these act as keys to your "OTP". Figure out how to
match this prime and you can generate the same "OTP".
> Thus we can eliminate the need to have the length of the OTP to be equal
> to the length of the file - if you do not belive that it works, try it
> and see - it takes inly a few hours to set such a trial up. We generated
> over 790 gigabytes of charcaters, on multiple backups, and tested. Our
> standard deviations, chi squares, Delta ICs for bits, characters, sets,
> and the entire set were random. The sets are random, and you can take
> that to the bank.
So the data coming out appears random. Big whoopie. Lots of algorithms
can generate the same thing.
The key is how do you seed that random number generator?
This isn't even close to being a OTP. A OTP by definition has a random
set of data that is transmitted to the receipient over a seperate
secure channel from the actual message to be sent. The actual message
and the OTP are XOR'ed together and sent. The receipient then XORs
the OTP and the encrypted message to get plaintext.
That is pretty simple - even a marketing drone should be able to figure
that one out.
Now - explain how (in generic terms) your system acts as a OTP.
> Someone, will decompile it and discover that it is truly random, at least
> from the practical usage basis. But we need that time to file patents,
> cvopyrights and the like.
Yes - hopefully someone will take the time and money to decompile it.
.... but if you are so sure of yourself,
why not give away some demo copies. Why not source of the security
functions? (Shove that patent crap someplace - you wouldn't be
selling it if your disclosures weren't already filed)
> The IPG system solves the key management problem and produces a truly
> unbreakabkle system. We make no apologies for not currently revealing all
> of the methodologies andf algorithms, but they will be revealed with
> time, by us or others, and you will discover that it is indeed a simple,
> easy to use, easy to install, truly unbreakable system.
"unbreakable" - Bullshit - you obviously don't know crap.
Dan
------------------------------------------------------------------
Dan Oelke Alcatel Network Systems
droelke@aud.alcatel.com Richardson, TX
Return to March 1996
Return to “Wink Junior <winkjr@teleport.com>”