On Thu, Aug 29, 2013 at 12:15:17PM -0700, Michael Hicks wrote: > ok so I guess I just send u guys the links and u check out my software > and Vet it? This was made for people to be able to protect their > privacy and the NSA can't hack it No One can it's impossible. all the > information is at scrambler.webs.com
Your description of how a OTP works is not correct. At http://scrambler.webs.com/how-does-it-work you write: > The drawback of the one-time cypher pad encryption method is that to > encrypt a message without reusing the one-time cypher pad requires it > to be 256 times the size of the message. Encrypting a one megabyte > file without reusing the one-time cypher pad requires it to be 256 > megabytes. This is incorrect. A one-time pad needs to be the same size as the message being encrypted, not 256 times as large. OTP implementations such as onetime (http://red-bean.com/onetime/) implement this properly, using one byte of pad to encrypt one byte of plaintext. Making such a fundamental mistake in the basic definition of the cipher you're promoting is not a good sign that you're capable of implementing it securely. Continuing on, though... > While it is recommended that you do not reuse one-time cypher pads, > Scrambler will do so. Well, that's a really bad idea, because reusing a OTP makes it completely trivial to break. Instead of the method you've described, I would recommend that you look at how onetime tracks which pad bytes have been used, and ensures they are never reused. > After Scrambler has completed encrypting the message that required it > to reuse the one-time cypher pad chosen for encryption, Scrambler will > notify you that the one-time cypher pad was reused and should be > discarded. > Scrambler can be used to encrypt a file up to > approximately 1.84E19 bytes in size without reusing the one-time > cypher pad (18,400,000,000,000,000,000, or 18 quintillion bytes; or > about 18,400,000 1 TB hard drives). Of course, the one-time cypher pad > will need to be 256 times 1.84E19 bytes in size to do so without > recycling through the one-time cypher pad. This paragraph is nonsensical if you're actually implementing a OTP. The description you give makes me think that you're actually implementing a stream cipher with 256x ciphertext expansion. Could you clarify how Scrambler generates its cypher pads? Explaining that might help us understand how your system works in practice. -andy -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at [email protected].
