[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Rest of World encryption hardware products?
>>>>> "Alex" == Alex Alten <Andrade@ix.netcom.com> writes:
Alex> At 11:48 AM 6/9/98 -0400, Bill Sommerfeld wrote:
>>> > Since it is not possible to ship worth-while encryption
>>> products >from the US (40-bit restriction),
>>>
>>> Actually that is not true anymore. TriStrata Security just
>>> announced a fully exportable, unlimited key strength encryption
>>> product. Here's their URL.
>>>
>>> http://www.tristrata.com
>> I read the whitepaper on the site. It contains a number of
>> phrases which should set off any crypto expert's snake-oil
>> detectors, the most crucial being "virtual one time pad".
>>
Alex> I don't think you need to take quotes out of context and change
Alex> their wording. Here's exactly what was written.
Alex> "With RKS, a Random KeyStream derived from a physical random
Alex> number generator is used as the cipher key. Conforming to the
Alex> requirements for a practical Vernam Cipher, the Random
Alex> KeyStream is the same length as the message and will not repeat
Alex> with a small statistical probability. The secret is the
Alex> effective management of a virtual keystream over 10³º bytes
Alex> long."
Alex> It is not claiming to be perfect, there is a small statistical
Alex> probability of a repetition. Obviously you can't store a 10^30
Alex> byte 1-time pad. So it has to be generated from a smaller
Alex> amount of random data. However the solution is elegant and has
Alex> been reviewed by some top cryptographers, like Bart Preneel and
Alex> Fred Piper. So far it has held up under tough analysis,
Alex> including by some cryptographers over at Bell Labs. It's
Alex> effective key strength is 128 bits.
So what you're saying is that Bill and others were EXACTLY right.
If the effective key strength is 128 bits, it may be a decent
cryptosystem. (It doesn't follow that it will be, since key length
is necessary but not sufficient.)
However, the reason the comment "snake oil detectors" is valid is that
such a system, by your own statement, is NOT a Vernam cypher, is not
related to the Vernam cypher, and has NONE of the properties of a
Vernam cypher. Any claim to the contrary IS snake oil and is likely
to be interpreted as an attempt to mislead the gullible.
A Vernam cypher has a random key of length equal to the plaintext.
Period. Full stop. Then and only then will it have the "provably
unbreakable" property that makes it unique among cryptosystems.
paul
References: