Re: ARC4 algorithm

On Mon, Mar 17, 2003 at 09:03:03AM -0700, kjell@pintday.org wrote:
> This will be my last posting on the subject, because this is
As a cryptographer, I must disagree. The OTP can be useful in that it allows time-shifting of secure channels. If I have a secure channel now, but that channel will go away in the future, I can exchange an OTP now and use it to create a virtual secure channel in the future.

> Furthermore, a cipher on its own is useless. OTPs are certainly

Here you are definately correct. Robin was wrong. An OTP does not provide unconditional security. It provides unconditional *secrecy*. It is impossible to determine the content of a message encrypted under an OTP used properly.

However, modern cryptography has many many more goals than just secrecy. It has other goals for security such as integrity (bit-flipping attacks) and authentication (impersonation attacks). It also has non-security goals such as efficiency (how do you get that much random data?) and practicality (how to you manage such a large key?). It takes a well-designed cryptosystem to meet all of the various goals, and an OTP fails miserably on all fronts but the secrecy one.

And these goals are just for the cryptography. For real security systems in which cryptography is just one component, there are even more diverse sets of goals. However, this is probably the wrong forum for such discussions.

  Rick Received on Mon Mar 17 22:36:28 2003