Nico, thanks for the detailed answer. Tell me if I'm off my rocker here...
So the mapping of {key, counter} to {mask} is one-to-one. In that case,
yes, it's as good as it gets, with respect to limit cycles.
Secondarily, as you pointed out, it then falls back to the failure rate of
counter
Koenig's idea is interesting, and with a small twist I think could have
worked. If instead of only applying noise at the receiving end, noise was
first applied by the sender, then the recipient applies his own noise and
sends it back to the sender, who then subtracts his original noise and
sends
Isn't that equivalent to sender doing XOR on the plaintext, recipient doing
XOR on first ciphertext, sender doing another XOR on second ciphertext to
create third ciphertext, and the recipient doing XOR again to get plaintext?
That's key-reuse and breaks XOR/OTP. The middleman simply XORs the
yes, should have thought it through ...
On Thu, Jun 13, 2013 at 4:44 PM, Natanael natanae...@gmail.com wrote:
Isn't that equivalent to sender doing XOR on the plaintext, recipient
doing XOR on first ciphertext, sender doing another XOR on second
ciphertext to create third ciphertext, and the
Hi,
A foundation offered me money for improving, auditing, or implementing
crypto-related software and hardware. We could probably also
fund/perform usability studies.
Any suggestions?
--Mo
signature.asc
Description: OpenPGP digital signature
___
I agree with Nico's comments about the importance of ensuring good entropy
on nonsession keys. And thanks to Greg for pointing out that important
distinction.
Beyond the xor mask diversity issue, my second question remains: whether
neighboring (i.e. single-bit-difference-seeded) blocks have