At 08:34 AM 9/24/03 -0400, Greg Troxel wrote: >A consequence of the infinite CPU assumption is that ciphers like AES, >hash functions like SHA-1, etc. are all considered useless by the >purist QC community. Thus, people talk about doing authentication >with families of universal hash functions. This has the practical >problem that the original (courier-transported) secret keying material >for authentication is used up, and the typical scheme talked about is >using some of the agreed-upon QKD bits to replenish the authentication >keying material. This does not seem very robust.

Those couriers are carrying one-time pad CDs, in a QC world. Do not try to pet their dogs, BTW. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]