[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Rest of World encryption hardware products?

To: Andrade@ix.netcom.com
Subject: Re: Rest of World encryption hardware products?
From: Paul Koning <pkoning@xedia.com>
Date: Wed, 10 Jun 1998 10:17:24 -0400
Cc: sommerfeld@orchard.arlington.ma.us, Stephen.Waters@digital.com, ipsec@tis.com
References: <Your message of "Tue, 09 Jun 1998 00:25:19 PDT." <3.0.3.32.19980609002519.009c0d80@netcom.com><199806091548.LAA01720@thunk.epilogue.com><3.0.3.32.19980610004741.009af1a0@netcom.com>
Sender: owner-ipsec@ex.tis.com

>>>>> "Alex" == Alex Alten <Andrade@ix.netcom.com> writes:

 Alex> At 11:48 AM 6/9/98 -0400, Bill Sommerfeld wrote:
 >>> > Since it is not possible to ship worth-while encryption
 >>> products >from the US (40-bit restriction),
 >>> 
 >>> Actually that is not true anymore.  TriStrata Security just
 >>> announced a fully exportable, unlimited key strength encryption
 >>> product.  Here's their URL.
 >>> 
 >>> http://www.tristrata.com
 >>  I read the whitepaper on the site.  It contains a number of
 >> phrases which should set off any crypto expert's snake-oil
 >> detectors, the most crucial being "virtual one time pad".
 >> 

 Alex> I don't think you need to take quotes out of context and change
 Alex> their wording.  Here's exactly what was written.

 Alex> "With RKS, a Random KeyStream derived from a physical random
 Alex> number generator is used as the cipher key.  Conforming to the
 Alex> requirements for a practical Vernam Cipher, the Random
 Alex> KeyStream is the same length as the message and will not repeat
 Alex> with a small statistical probability. The secret is the
 Alex> effective management of a virtual keystream over 10낳 bytes
 Alex> long."

 Alex> It is not claiming to be perfect, there is a small statistical
 Alex> probability of a repetition.  Obviously you can't store a 10^30
 Alex> byte 1-time pad.  So it has to be generated from a smaller
 Alex> amount of random data.  However the solution is elegant and has
 Alex> been reviewed by some top cryptographers, like Bart Preneel and
 Alex> Fred Piper.  So far it has held up under tough analysis,
 Alex> including by some cryptographers over at Bell Labs. It's
 Alex> effective key strength is 128 bits.

So what you're saying is that Bill and others were EXACTLY right.

If the effective key strength is 128 bits, it may be a decent
cryptosystem.  (It doesn't follow that it will be, since key length
is necessary but not sufficient.)

However, the reason the comment "snake oil detectors" is valid is that 
such a system, by your own statement, is NOT a Vernam cypher, is not
related to the Vernam cypher, and has NONE of the properties of a
Vernam cypher.  Any claim to the contrary IS snake oil and is likely
to be interpreted as an attempt to mislead the gullible.

A Vernam cypher has a random key of length equal to the plaintext.
Period.  Full stop.  Then and only then will it have the "provably
unbreakable" property that makes it unique among cryptosystems.

	paul

References:

Re: Rest of World encryption hardware products?

From: Bill Sommerfeld <sommerfeld@orchard.arlington.ma.us>

Re: Rest of World encryption hardware products?

From: Alex Alten <Andrade@ix.netcom.com>

Prev by Date: Re: Rest of World encryption hardware products?
Next by Date: Re: DNS and X.501 DistinguishedName
Prev by thread: Re: Rest of World encryption hardware products?
Next by thread: Re: Rest of World encryption hardware products?
Index(es):
- Main
- Thread