i'm working on a one time pad based IPsec key daemon with a similar
purpose to what you describe. i'll be posting here for feedback when
it's ready but the basic premise is that it provides strong ephemeral
IPsec keying using one time pads previously exchanged between peers.
as long as the pads are generated and secured properly[1] you don't
need to care if $TLA has kept your IPsec traffic archives in their
acres of computing machinery.
likewise, if large qubit quantum computers suddenly become feasible or
multi ring GCF gets really fast, you don't need to worry about past
key exchanges (also archived) being compromised, as with pub key based
ISAKMP implementations.
Strikes me as a fairly silly project, except for the fun of coding it.
There are a number of protocols like EKE, SPEKE, A-EKE, etc.
that let you combine a shared password with public-key encryption
for extra strength - a crude variant would be to encrypt your
Diffie-Hellmann keyparts with AES for the key exchange,
so there's nothing that can be conveniently attacked when the
hypothetical Quantum Computer comes online.
There's still a risk of compromising your keys if
the KGB blackbags your machine, so you might want to
change keys annually or monthly or whatever,
but your OTPs are at risk just as a password would be.
And long before Quantum Computers become strong enough to crack
2048-bit public key algorithms at a price that makes the
KGB want to waste its resources on you, there'll be
more convenient ways to blackbag machines, whether it's
including extra features in the OS through the audio CD player
or putting a video camera in your ceiling.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
