Path: utzoo!utgpu!water!watmath!clyde!rutgers!husc6!hao!gatech!mcnc!decvax!decwrl!whyvax.dec.com!kruger
From: kruger@whyvax.dec.com (Hart for CCCP chief in '88)
Newsgroups: sci.crypt
Subject: "Secure" encryption
Message-ID: <8801132010.AA15994@decwrl.dec.com>
Date: 13 Jan 88 22:59:00 GMT
Organization: Digital Equipment Corporation
Lines: 14

Maybe someone can answer a question that's been bothering me for a while now. Ifyou need an absolutely (provably) secure code, the key must be as long as the
message. Even if it is not, a very short (and fairly random) datum will be hard to decode. So why not embed the real key in the message? ie, the external "key"
is designed only to decrypt the randomly selected internal key, which is the
one that decodes the real message. One of the modes of DES does this, but each
successive key is no longer than the previous one. I am proposing a key of
perhaps 128 bytes. It is extremely random (this is a technical point on which
I have no expertise -- I will assume a REALLY random technique, ie not a pseudo-random sequence whose mechanics we know, but some physical process we don't,
like radiation counts or something. Now, your 16 byte key need only decrypt a
patternless "plaintext" key. And the longer key can be used to make a much
nastier encryption. Why isn't this done?

dov

"Disclaimers are bullshit"