On Fri, Aug 13, 2021, 6:07 AM grarpamp <[email protected]> wrote: > > I heard people recently talking about using _multiple_ OTP's. > > Not sure how that helps anything but it sounds nice and paranoid. > > That's probably describing "multiple encryption", > cascade, or composition. > > https://en.wikipedia.org/wiki/Multiple_encryption > > In the case of properly used OTP's with TRNG's, > multiple doesn't help anything since the info theoretic security > of that system has been proven. > > But for all other classes of algos such as the common > asym/symm/hash, multiple can be used as a safety > backup in case a sole use algo might be broken, > but is no good if they all are fail... > ie: md5 + sha1 != good > or if use of all N of them was poor, thus = fail too. >
I'm aware that xoring hashes reduces their security (more collisions, I believe). You want to concatenate them. PS: Now for the more interesting thing in this note... > > Notice how GoldBug et al happened to sneak > themselves onto that page too. > Similar to me saying "public input state" above. A dangerous error but doesn't appear malicious on anyone's part. publicly investigate and debunk or clear their I guess to take action on weird, sketchy public behaviors, one would need to figure out how to influence or satisfy whatever is stimulating them. Not sure how to do that.
