At 01:01 AM 2/4/2006, Travis H. wrote:
Assume further that it is not cost-effective to furnish each with a HWRNG, even one as inexpensive as a sound card (for example, they may not have a spare slot on the motherboard nor built-in sound). ... Suppose that /dev/random is too slow (SHA-1 was never meant to generate a lot of output) because one of these machines wishes to generate a large file for use as a one-time pad*.
One-time pads are expensive protocols to use properly - the operational costs of generating easily-disposable media, putting couriers with briefcases handcuffed to their arms onto airplanes, shredder costs when trashing the CD/DVD/etc., /dev/thermite for the PCs, and all the other things that you need to do for a real OTP threat model add up to real money after a while. If you can afford that, you can afford to spend $100 for an external sound card or USB hardware random generator dongle or whatever or a PC case with more slots in it. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
