From: Bryce <wilcoxb@nagina.cs.colorado.edu>
Date: Thu, 8 Feb 1996 11:20:38 +0800
To: Simon Spero <ses@tipper.oit.unc.edu>
Subject: Re: POTP gets good press
In-Reply-To: <Pine.SOL.3.91.960207131830.2562B-100000@chivalry>
Message-ID: <199602072228.PAA21832@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

I, Bryce, wrote:

> Content:  includes diagrams entitled "Link Level Encryption"
> in which sender transmits keys to receiver, and "Packet
> Level Encryption" in which sender transmits key sto
> certificate authority which transmits them to multiple
> receivers, and "Synchronized Random Key Generation (SRKG)" 
> a la "Power One Time Pad" in which no keys are transmitted
> and multiple recievers magically decipher messages via
> built-in encryption devices.
> 
> Am I right in thinking this is utter unmitigated
> bullsh snake oil?  Does anybody have any other


 An entity calling itself "Simon Spero
 <ses@tipper.oit.unc.edu>" is alleged to have written:

> It could be doing something SKIP like; if the certificates are DH certs, 
> it could be using those to generate a shared secret, and combing that 
> with an IV to generate a key.
> 
> hard to tell from the article


But this would entail a certificate authority to prevent
MITM attack, right?  The article clearly claimed that POTP
did away with the necessity of key management completely-- 
a claim that I find only slightly more believable than a
patent application for a perpetual motion machine.


Regards,

Bryce

                 "Toys, Tools and Technologies"
  the Niche 
        New Signal Consulting -- C++, Java, HTML, Ecash
            Bryce 
 
PGP sig follows



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMRkkNPWZSllhfG25AQG02QP/V5SKi0K0Ywj/wcqGVCF3SU9qqQbrHFKn
GCp/f5AoltP0ZTuZ46M6ObE7ER0rmzx8CQClqfZUBdj0IOXD1wlRwvppZASRiXms
BWxm3XLC/s9rcHH/CVKREinUKU0BK5Id+gnBQaR5D8dzE6PtEicoY5I9ZnGFSLUd
knGdNO3GqjY=
=xfpS
-----END PGP SIGNATURE-----