Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!seismo!mcnc!ecsvax!hes
From: hes@ecsvax.UUCP (Henry Schaffer)
Newsgroups: sci.crypt
Subject: Re: Completely Secure Encryption
Message-ID: <3304@ecsvax.UUCP>
Date: Sun, 31-May-87 22:42:33 EDT
Article-I.D.: ecsvax.3304
Posted: Sun May 31 22:42:33 1987
Date-Received: Tue, 2-Jun-87 03:25:53 EDT
References: <581@gec-mi-at.co.uk> <1290002@hpcvlo.HP.COM>
Organization: NC State Univ.
Lines: 20
Summary: It is the size of the key space, rather than the size of the key, which is important for security.


We've had a number of postings about selecting some long bit stream
(a compact disk or a dictionary, ...) and xor'ing it with the message.
While a compact disk may "sound" secure (:-) because
of the long bit string it contains - cracking the encrypted
message is *not* equal in difficulty to guessing a (random) bit string
of that length.  Ignoring the issue of randomness of the file contents, 
the guessing issue is no harder than choosing the correct disk
or file, plus maybe
an offset into the disk.  The offset probably has fewer possibilities
than the choice of the disk, but still has fewer possibilities than
does the (relatively short) key used in such methods as the DES.
E.g., the 56 bit key in the DES has 2^56 or about 7 x 10^16 possibilities.
It would take an *unusually* large file (a million gigabytes) to have
that many offsets - or to have a million files to choose from (each a
gigabyte) and then an offset into the file.  None of the examples given
comes anywhere close to this magnitude.
So it doesn't appear that we have a good substitute for the one-time-pad.

--henry schaffer  n c state univ