Re: One-Time Pads [was: Re: Help: Randomizing a List of Numbers]

From: Arthur J. O'Dwyer (ajo_at_nospam.andrew.cmu.edu)
Date: 07/22/04

• Next message: Michael Amling: "Re: OTP's"
• Previous message: Matthijs Hebly: "Re: Improvement to Fortuna?"
• In reply to: Johnny Bravo: "Re: One-Time Pads [was: Re: Help: Randomizing a List of Numbers]"
• Next in thread: Bill Emerson: "Re: One-Time Pads [was: Re: Help: Randomizing a List of Numbers]"
• Reply: Bill Emerson: "Re: One-Time Pads [was: Re: Help: Randomizing a List of Numbers]"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 22 Jul 2004 13:40:52 -0400 (EDT)

On Thu, 22 Jul 2004, Johnny Bravo wrote:
>
> On 21 Jul 2004 19:45:57 GMT, Bill Emerson <no@one.home> wrote:
> >
> > I was thinking that it might not be a bad idea to include a list of
> > strings with each otp, in the clear, to be included as random words in
> > the pre-encrypted messsage in order to help insure that no tampering
> > had been done.
>
> Padding with strings of nulls would help. Just put a random amount
> of X characters at the beginning and end, and in the middle parts if
> you wish, of the message to pad it out to a certain length. Then your
> attacker can't flip a byte without taking a real chance that they
> flipped the wrong byte, not only failing to mess up the message in
> they way they wished, but alerting you to the fact that someone
> altered the message.

  Or you could just put the MD5 hash at the end of every message.
The attacker can't tamper with your message at all, then, unless he
can read the whole thing. (Which we of course are hoping he can't.)
No cleartext or padding involved.

-Arthur

• Next message: Michael Amling: "Re: OTP's"
• Previous message: Matthijs Hebly: "Re: Improvement to Fortuna?"
• In reply to: Johnny Bravo: "Re: One-Time Pads [was: Re: Help: Randomizing a List of Numbers]"
• Next in thread: Bill Emerson: "Re: One-Time Pads [was: Re: Help: Randomizing a List of Numbers]"
• Reply: Bill Emerson: "Re: One-Time Pads [was: Re: Help: Randomizing a List of Numbers]"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: One-Time Pads [was: Re: Help: Randomizing a List of Numbers] ... >with each otp, in the clear, to be included as random words in the pre- ... Padding with strings of nulls would help. ... attacker can't flip a byte without taking a real chance that they ... (sci.crypt) Re: Security level of SET PASS /GENERATE ? ... guessing program to only try passwords of the mandated length. ... strings with length exactly equal to n. ... If you have a length 6 password and your attacker searches the variable ... through the space of 5 digit passwords is guaranteed to be fruitless. ... (comp.os.vms) Re: Security level of SET PASS /GENERATE ? ... Having a mandated password length is however a weakness since anyone ... guessing program to only try passwords of the mandated length. ... strings with length exactly equal to n. ... If you have a length 6 password and your attacker searches the variable ... (comp.os.vms) Re: Security level of SET PASS /GENERATE ? ... guessing program to only try passwords of the mandated length. ... strings with length exactly equal to n. ... If you have a length 6 password and your attacker searches the variable ... advantage of that to choose 5 character passwords. ... (comp.os.vms) Re: Padding and block ciphers ... the key incorrect because the padding is incorrect. ... How would an attacker know if the padding is incorrect? ... and you only had to decrypt the last block to ... (sci.crypt)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint