Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!watmath!clyde!cbosgd!ihnp4!inuxc!pur-ee!uiucdcs!ccvaxa!aglew
From: aglew@ccvaxa.UUCP
Newsgroups: net.crypt
Subject: Re: What is it really like?
Message-ID: <12900005@ccvaxa>
Date: Fri, 16-May-86 18:41:00 EDT
Article-I.D.: ccvaxa.12900005
Posted: Fri May 16 18:41:00 1986
Date-Received: Sun, 25-May-86 14:15:35 EDT
References: <6650@utzoo.UUCP>
Lines: 40
Nf-ID: #R:utzoo.UUCP:6650:ccvaxa:12900005:000:2258
Nf-From: ccvaxa.UUCP!aglew    May 16 17:41:00 1986


>/* Written  4:42 pm  May 12, 1986 by henry@utzoo.UUCP in ccvaxa:net.crypt */
>> Why are one time pads impractical in military field communications?
>> If a CD ROM holds 500 megabytes of key in a drive like the ones that
>> joggers are happy to wear on their belts,  I see no hard problems.
>
>There are also some other problems.  The requirement that one-time key
>sequences never be re-used means you need a different key disk for each
>communications link.  If you use different parts of the same disk, then
>your whole communications system is compromised if the enemy captures
>one of them -- something that must be assumed to happen occasionally.

Would a single CD ROM shared between several stations, plus a smaller ROM
that generates a different probe sequence of the master CD ROM for each
station make the keys sufficiently different for the CD ROM one time pad to
be useful (apart from size of data flow)?

Ie. if you have a key of 4E9 bits, and you know S, exactly how many 1s there
are (due to having captured a disk), how much does this help you find an
arbitrary key pattern formed by permuting those bits in some way? It
certainly drastically reduces the space spanned by the key, from 2^4E9 to
something like 4E9!/(2E9!)^2, assuming S ~= 2E9. And, of course, the probe
sequences would be quite restricted (do I hear anybody say `quadratic
residue' out there?)

If you have (largekey,smallkey), and largekey is captured, you've only really
got a smallkey system. When the enemy has captured the CD ROM key, randomized
probing is susceptyible to the same sort of attacks that catch people using
every 105th word of the King James' Bible.

Would it be so difficult, however, to manufacture a large number of different
CD ROMS? You certainly couldn't make a master and press from it, but if you
have a laser writing to two WORM disks at once you could randomize the signal
controlling the laser and produce pairs of keys automatically. I wouldn't use
a pseudo-random number generator for the randomization, though, since
finding out that algorithm and a serial number would tell the enemy all your
keys.

Andy "Krazy" Glew. Gould CSD-Urbana.    USEnet:  ihnp4!uiucdcs!ccvaxa!aglew
1101 E. University, Urbana, IL 61801    ARPAnet: aglew@gswd-vms