Re: thoughts on one time pads

2006-02-08 Thread Travis H.
If anyone is interested in participating in the design of a system that could be used for manual key distribution and/or OTP purposes, email me. I figure we can talk about our special cases off-list, and maybe submit the final design to the list for people to take their best crack at it. --

Re: CD shredders, was Re: thoughts on one time pads

2006-02-02 Thread Aram Perez
On Feb 1, 2006, at 3:50 AM, Travis H. wrote: On 1/28/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: In our office, we have a shredder that happily takes CDs and is designed to do so. It is noisy and cost $500. Here's one for $40, although it doesn't appear to shred them so much as make them

Re: CD shredders, was Re: thoughts on one time pads

2006-02-02 Thread James Deane
I have an Executive Machines EPS-1501X cross-cut shredder (15 sheet, I think) which also shreds CDs. And it really shreds them, into about 1/4 x 1 strips. It's no louder than any home/office other shredder I've used, though it is louder when shredding CDs. Jim --- Travis H. [EMAIL PROTECTED]

CD shredders, was Re: thoughts on one time pads

2006-02-01 Thread Travis H.
On 1/28/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: In our office, we have a shredder that happily takes CDs and is designed to do so. It is noisy and cost $500. Here's one for $40, although it doesn't appear to shred them so much as make them pitted:

Re: [EMAIL PROTECTED]: Re: thoughts on one time pads]

2006-01-31 Thread Dave Howe
Eugen Leitl wrote: Sudden thermal stress (liquid nitrogen, etc) might be good enough to delaminate, leaving clear disks behind. Not sure what the data surface is made from but - surely a suitable organic solvent could remove the paint into suspension leaving a clear plastic disc and no trace of

Re: thoughts on one time pads

2006-01-31 Thread John Denker
Anne Lynn Wheeler wrote: is there any more reason to destroy a daily key after it as been used than before it has been used? That's quite an amusing turn of phrase. There are two ways to interpret it: *) If taken literally, the idea of destroying a key _before_ it is used is truly an

Re: thoughts on one time pads

2006-01-31 Thread Peter Fairbrother
Peter Gutmann wrote: Jonathan Thornburg [EMAIL PROTECTED] writes: Melting the CD should work... but in practice that takes a specialized oven (I seriously doubt my home oven gets hot enough), and is likely to produce toxic fumes, and leave behind a sticky mess (stuck to the surface of the

Re: thoughts on one time pads

2006-01-31 Thread Anne Lynn Wheeler
John Denker wrote: That indicates a gross lack of tamper-evident packaging, as discussed above. The store should never have activated a card that came from a package that had been tampered with. if you have seen many of the gift cards in racks at grocery stores ... they can be skimmed w/o any

Re: thoughts on one time pads

2006-01-31 Thread Anne Lynn Wheeler
John Denker wrote: -- The best way to _protect_ a key after it has been used is to destroy it. -- For keys that have yet been used, a sufficient scheme (not the only scheme) for many purposes is to package the keys in a way that is tamper-resistant and verrry tamper-evident.

Re: thoughts on one time pads

2006-01-31 Thread dan
In our office, we have a shredder that happily takes CDs and is designed to do so. It is noisy and cost $500. --dan - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: thoughts on one time pads

2006-01-31 Thread John Denker
I forgot to mention in my previous message: It is worth your time to read _Between Silk and Cyanide_. That contains an example of somebody who thought really hard about what his threat was, and came up with a system to deal with the threat ... a system that ran counter to the previous

RE: thoughts on one time pads

2006-01-31 Thread leichter_jerrold
[CD destruction] | You missed the old standby - the microwave oven. | | The disk remains physically intact (at least after the | 5 seconds or so I've tried), but a great deal of pretty | arcing occurs in the conductive data layer. Where the | arcs travel, the data layer is vapourized. | | The

Re: thoughts on one time pads

2006-01-28 Thread Peter Gutmann
Jonathan Thornburg [EMAIL PROTECTED] writes: Melting the CD should work... but in practice that takes a specialized oven (I seriously doubt my home oven gets hot enough), and is likely to produce toxic fumes, and leave behind a sticky mess (stuck to the surface of the specialized oven). For no

Re: thoughts on one time pads

2006-01-28 Thread Travis H.
There are various versions of getting rid of a disk file. 2) Zeroizing the blocks in place (followed by deletion). This is vastly better, but still not entirely secure, because there are typically stray remnants of the pattern sitting beside the nominal track, and a

Re: thoughts on one time pads

2006-01-28 Thread Dave Howe
John Denker wrote: Dave Howe wrote: Hmm. can you selectively blank areas of CD-RW? Sure, you can. It isn't s much different from rewriting any other type of disk. Yeah, I know. just unsure how effective blanking is on cd-rw for (say) a pattern that has been in residence for two

RE: thoughts on one time pads

2006-01-28 Thread Trei, Peter
To: cryptography@metzdowd.com; [EMAIL PROTECTED] Subject: Re: thoughts on one time pads Jonathan Thornburg [EMAIL PROTECTED] writes: Melting the CD should work... but in practice that takes a specialized oven (I seriously doubt my home oven gets hot enough), and is likely to produce toxic fumes, and leave

Re: thoughts on one time pads

2006-01-27 Thread Adam Fields
On Thu, Jan 26, 2006 at 06:09:52PM -0800, bear wrote: [...] Of course, the obvious application for this OTP material, other than text messaging itself, is to use it for key distribution. Perhaps I missed something, but my impression was that the original post asked about how a CD full of

Re: thoughts on one time pads

2006-01-27 Thread Jonathan Thornburg
Two other problems with using a CD for OTP key material: 1. How to insure physical security for the N years between when you exchange CDs and the use of a given chunk of keying material? The single CD system is brittle -- a single black-bag burglary to copy the CD, and poof, the adversary has

Re: thoughts on one time pads

2006-01-27 Thread John Kelsey
From: Travis H. [EMAIL PROTECTED] Sent: Jan 26, 2006 6:30 AM To: cryptography@metzdowd.com Subject: thoughts on one time pads ... In this article, Bruce Schneier argues against the practicality of a one-time pad: http://www.schneier.com/crypto-gram-0210.html#7 I take issue with some of the

Re: thoughts on one time pads

2006-01-27 Thread Dave Howe
Jonathan Thornburg wrote: 1. How to insure physical security for the N years between when you exchange CDs and the use of a given chunk of keying material? The single CD system is brittle -- a single black-bag burglary to copy the CD, and poof, the adversary has all your keys for the next N

Re: thoughts on one time pads

2006-01-27 Thread John Denker
Dave Howe wrote: Hmm. can you selectively blank areas of CD-RW? Sure, you can. It isn't s much different from rewriting any other type of disk. There are various versions of getting rid of a disk file. 1) Deletion: Throwing away the pointer and putting the blocks back on the free

Re: thoughts on one time pads

2006-01-27 Thread bear
On Thu, 26 Jan 2006, Adam Fields wrote: On Thu, Jan 26, 2006 at 06:09:52PM -0800, bear wrote: [...] Of course, the obvious application for this OTP material, other than text messaging itself, is to use it for key distribution. Perhaps I missed something, but my impression was that the

Re: thoughts on one time pads

2006-01-27 Thread Anne Lynn Wheeler
John Denker wrote: One drawback with this is that you have to destroy a whole disk at a time. That's a problem, because if you have a whole disk full of daily keys, you want to destroy each day's key as soon as you are through using it. There are ways around this, such as reading

Re: thoughts on one time pads

2006-01-26 Thread Thierry Moreau
Travis H. wrote: In this article, Bruce Schneier argues against the practicality of a one-time pad: http://www.schneier.com/crypto-gram-0210.html#7 I take issue with some of the assumptions raised there. [...] Then a $1 CD-ROM would hold enough data for 7 years of communication! [...]

Re: thoughts on one time pads

2006-01-26 Thread Jack Lloyd
On Thu, Jan 26, 2006 at 05:30:36AM -0600, Travis H. wrote: [...] Excuse me? This would in fact be a _perfect_ way to distribute key material for _other_ cryptosystems, such as PGP, SSH, IPSec, openvpn, gaim-encryption etc. etc. You see, he's right in that the key distribution problem is the

Re: thoughts on one time pads

2006-01-26 Thread Ralf Senderek
On Thu, 26 Jan 2006, Travis H. wrote: All I've got to say is, I'm on this like stink on doo-doo. Being the thorough, methodical, paranoid person I am, I will be grateful for any pointers to prior work and thinking in this area. You may wish to look at: Ueli M . Maurer:

Re: thoughts on one time pads

2006-01-26 Thread bear
On Thu, 26 Jan 2006, Travis H. wrote: For example, you may have occasional physical meetings with a good friend, colleague, family member, or former co-worker. Let's say you see them once every few years, maybe at a conference or a wedding or a funeral or some other occasion. At such