Page 2 of 2
Re: About the Firestaff
Posted: Fri Feb 27, 2004 9:26 pm
by Spec8472
shadowhawk wrote:
No, I'm talking about Verdano (?) cipher. The one where the random key is the length of the message, and you encode the message by XORing key and message. But both parties have to have the key, and no one else. And the key should be used only once.
I havn't heard of the Verdano cipher previously, but if it's only using a "random" use-once key the size of the message, and XORing key+message, it is just a derivation of a one-time-pad, albeit digital.
It basicly boils down to this: The security of the cipher is only as secure as your random key generator. The random number generators inside your PC whilst they may seem random - given enough data are fairly predictable.
There are now some random number generators which appear to be truely random - but they require some hardware bits to be added to your PC.
Re: About the Firestaff
Posted: Fri Feb 27, 2004 10:24 pm
by Shadowhawk
spec8472 wrote:I havn't heard of the Verdano cipher previously, but if it's only using a "random" use-once key the size of the message, and XORing key+message, it is just a derivation of a one-time-pad, albeit digital.
It basicly boils down to this: The security of the cipher is only as secure as your random key generator. The random number generators inside your PC whilst they may seem random - given enough data are fairly predictable.
There are now some random number generators which appear to be truely random - but they require some hardware bits to be added to your PC.
I didn't know that name (one-time-pad) but I think we are talking about the same thing. I don't know about using pseudo-random deterministic generators, but there are some tests of randomness, and some generators are very good. Theoretically I think that the 'true' key is the rendom generator seed, so you don't need to guess generated sequence, only the generator seed.
There are some sources of randomness in the computer (noise mostly); while I think the only proven truly random are quantum phenomena like radioactive atoms decay it is believed that "thermal" noise is good enough for ciphers. In Linux one have /dev/random device for such use:
The random number generator gathers environmental noise from device drivers and other sources into an entropy pool. The generator also keeps an estimate of the number of bit of the noise in the entropy pool. From this entropy pool random numbers are created.
Re: About the Firestaff
Posted: Sat Feb 28, 2004 12:25 am
by Lochar
OK, I think we've gotten slightly off topic here...