On Sep 13, 2013, at 3:23 PM, "Perry E. Metzger" <pe...@piermont.com> wrote:

> The problem these days is not that something like AES is not good
> enough for our purposes. The problem is that we too often build a
> reinforced steel door in a paper wall.

Also, if AES being insufficiently strong is our problem, we have a whole bunch 
of solutions easily at hand.  Superencrypt successively with, say, Serpent, 
Twofish, CAST, Salsa, and Keccak in duplex mode.  This has a performance cost, 
but it is orders of magnitude less overhead than switching to manual key 
distribution of one-time pads.  

It's hard for me to think of a real world threat that is addressed better by a 
one-time pad than by something cheaper and less likely to get broken via human 
error or attacks on the key management mechanism.  

> Perry E. Metzger        pe...@piermont.com

The cryptography mailing list

Reply via email to