1996-02-20 - Returned mail: User unknown

Header Data

From: Mailer-Daemon@wipinfo.soft.net (Mail Delivery Subsystem)
To: cypherpunks@toad.com
Message Hash: 868c81f8dd44661395c900ce7f3a09f90941d79b55d95d4d20aee4819e68d70c
Message ID: <9602200933.AB07900@s.wipinfo.soft.net>
Reply To: N/A
UTC Datetime: 1996-02-20 09:48:28 UTC
Raw Date: Tue, 20 Feb 1996 17:48:28 +0800

Raw message

From: Mailer-Daemon@wipinfo.soft.net (Mail Delivery Subsystem)
Date: Tue, 20 Feb 1996 17:48:28 +0800
To: cypherpunks@toad.com
Subject: Returned mail: User unknown
Message-ID: <9602200933.AB07900@s.wipinfo.soft.net>
MIME-Version: 1.0
Content-Type: text/plain


   ----- Transcript of session follows -----
550 rajr... User unknown

   ----- Unsent message follows -----
Return-Path: <cypherpunks@toad.com>
Received: by s.wipinfo.soft.net (4.1/SMI-4.1)
	id AA07898; Tue, 20 Feb 96 15:03:05 IST
Received: from toad.com by relay3.UU.NET with SMTP 
	id QQadse09618; Tue, 20 Feb 1996 04:11:46 -0500 (EST)
Received: by toad.com id AA25259; Tue, 20 Feb 96 00:51:53 PST
Received: from cs.umass.edu (freya.cs.umass.edu) by toad.com id AA25253; Tue, 20 Feb 96 00:51:48 PST
Received: from thor.cs.umass.edu by cs.umass.edu (5.65/Ultrix3.0-C)
	id AA22177; Tue, 20 Feb 1996 03:51:45 -0500
Received: (from lmccarth@localhost) by thor.cs.umass.edu (8.6.12/8.6.9) id DAA02057; Tue, 20 Feb 1996 03:51:44 -0500
From: lmccarth@cs.umass.edu
Message-Id: <199602200851.DAA02057@thor.cs.umass.edu>
Subject: Re: Internet Privacy Guaranteed ad (POTP Jr.)
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Date: Tue, 20 Feb 1996 03:51:44 -0500 (EST)
Cc: ipgsales@cyberstation.net (IPG Sales)
Reply-To: cypherpunks@toad.com (Cypherpunks Mailing List)
In-Reply-To: <Pine.BSD/.3.91.960219132531.301A-100000@citrine.cyberstation.net> from "IPG Sales" at Feb 19, 96 02:51:58 pm
X-Mailer: ELM [version 2.4 PL25]
Mime-Version: 1.0
Content-Length: 3356
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-cypherpunks@toad.com
Precedence: bulk

I wrote:
# Gee, why are we all so worried about key management ?  It's just a load and
# go installation at each of the user sites !  ;)

("That was sarcasm, son")

IPG Sales writes:
> That is precisely why PCX Nvelopes is such an extraordinary system. 
> That is the beauty of PCX Nvelopes, it lifts that  burden from the 
> user, eliminates it entirely. You may have worried about key 
> management, but with our system, you will not have to do so in the 
> future. The system itself, manages all the OTPs, you do not have to do 
> anything but use the system. Key management is the problem with all existing 
> systems, but it is no problem at all with the PCX Nvelopes system, 

What protects each user's one time pads ("PCX Nvelopes", or whatever) ?  

Are they protected by an eight-character Unix account password ?  (This would 
be harder for implementations on traditionally single-user platforms like the
Macintosh and most of the Microsoft OSes, presumably.) 

Are they protected by a policy that says all users must lock away their IPG
disks or CDs when not in use ?  

Also, how are they protected from the people who generate the one-time pads
at IPG (and their friends and families) ? 

> as you 
> would see if you looked at the system, instead, of talking about something 
> when you have no idea at all of what it is about. 

As I said earlier, I read all your material and still had almost no idea
at all about what it is. If you don't tell people about the system, it's
extremely hard for them to do more than speculate.

> The first set of keys 
> must be sent by a secure source, US mail, FED EX, or whatever, but
> thereafter, all updates can be accomodated over Internet. 

Keys ?  Wait a minute, #2 of the "Dozen Reasons why PCX Nvelopes is
absolutely the finest Communication Security and Privacy system available",
according to http://www.netprivacy.com/ipg/dozbest.html, is:

"2. No Messy, Intrusive Passwords/Encryption Keys to get in your way and
worry about, forget about those troublemakers"

[...]
> all hardware generation of OTP's are irregular, otherwise they are not 
> random. 

I'm not sure what you mean by "irregular" in this context.

> Thus at times, a hardware source, such as ADC LOB system, can generate 
> nonrandom data, unless this is checked, it can destroyed the integrity of 
> your system. 

This doesn't quite jibe with my understanding of the typical use of a hardware
RNG. From what I have read, one starts with an unpredictable bit source with
some known bias, so that each original bit has somewhat less than one bit of
real entropy. The bias is "corrected" by combining the original bits to get
fewer bits with enough real entropy, and then repeating the process enough to
get enough final bits of real entropy. 

Could you explain what the acronyms "ADC" and "LOB" mean here ?  I
just tried a web search for the two together, and all I got was a page of
UFO acronyms, and some astronomical acronyms (LOB = Lick Observatory 
Bulletin). Schneier discusses hardware RNG at length in Applied Cryptography,
but he doesn't mention either acronym. I might guess that LOB = Low Order
Bits.

-Lewis	"You're always disappointed, nothing seems to keep you high -- drive 
	your bargains, push your papers, win your medals, fuck your strangers;
	don't it leave you on the empty side ?"  (Joni Mitchell, 1972)





Thread