Hisham writes: > Hello LibTech crowd, > > Sorry if this has been discussed here before but is anybody here familiar > with a software called Privus? > https://www.kickstarter.com/projects/857935876/175768761?token=bbfb88ac > > Its developers promote it as an encryption service that "offers absolutely > unbreakable security". > It uses OTP encryption technology, that developers claim is harder to break > that PGP.
OTPs can be absolutely unbreakable, but you have to generate the pads in an absolutely random manner, distribute them over an absolutely secure channel, store them with an absolutely secure storage method, and then only use each one once. Governments have, from World War II to today, tried to actually follow these rules (with physical distribution of key material). It's been expensive and cumbersome because each pair of potential communicating parties need to have -- in advance! -- as much key material as the total amount of communication that they may ever do. They can't send any more new key material electronically (unless they want to burn some other existing key material); effectively, it's subject to a conservation law. Tools that claim to use an OTP that don't involve physical key material distribution (like, meet the person in person and give them a key that they have to keep physically secure, and make sure that the key is as long as all the messages that you may exchange before you next see them again) are doing it wrong. A lot of people hear about the use of XOR in OTPs and think of some way to create the pad based on a smaller amount of information that can be exchanged in another way. If you do this, the pad is actually a stream cipher and the absolute security guarantees are lost. (The goal of a stream cipher is to make an encryption keystream from a short key in such a way that someone who doesn't know the key can't determine the keystream, nor detect any regularities in it. The keystream plays the role of a one-time pad key, but it is not truly random because it's produced by a deterministic means.) There are many stream ciphers out there, and some of them are thought to offer good security, but none is provably unbreakable and some have been broken in practice. -- Seth Schoen <[email protected]> Senior Staff Technologist https://www.eff.org/ Electronic Frontier Foundation https://www.eff.org/join 815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x107 -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at [email protected].
