Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!seismo!nbires!vianet!devine
From: devine@vianet.UUCP (Bob Devine)
Newsgroups: sci.crypt
Subject: Re: Completely Secure Encryption
Message-ID: <190@vianet.UUCP>
Date: Tue, 26-May-87 11:41:22 EDT
Article-I.D.: vianet.190
Posted: Tue May 26 11:41:22 1987
Date-Received: Sat, 30-May-87 06:45:45 EDT
References: <581@gec-mi-at.co.uk>
Organization: Western Digital, Boulder Tech Ctr
Lines: 23

In article <581@gec-mi-at.co.uk>, adam@gec-mi-at.co.uk (Adam Quantrill) writes:
> 
> e.g. exor /bin/sh /bin/crypt /etc/termcap | exor my_text
> 
> Does anyone have any comments as to the security of this method?

  First make sure that the files are identical!  Remember that termcap
(and terminfo) files vary greatly from site to site.  The executable
files may differ too; they certainly are different for different releases,
for different machines and maybe for different configurations of same
machine (compiler may insert floating point code depending on whether
a fp processor is available).

  For better results you should not always start at the first byte of
the files -- lseek in a random amount.  Depending on your security needs
you could select a single file that is unchanging, a spelling dictionary
might be adequate.  What becomes the secret key is where in the file you
start from.  Either send that information or have a shared, secret function
that generates the same start position for sender and receiver.

  And don't forget that the executable files may be page-aligned.  That
is, at the 1k (or whatever) boundaries there will have been lots of
preceding zeros.  Xor using zeros gives you unmodified plain text.