Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10.1 (Tek) 9/26/83; site tekchips.UUCP Path: utzoo!watmath!clyde!floyd!vax135!cornell!uw-beaver!tektronix!tekchips!jackg From: jackg@tekchips.UUCP (Jack Gjovaag) Newsgroups: net.crypt Subject: one time pads and non-random generators Message-ID: <571@tekchips.UUCP> Date: Fri, 17-Feb-84 10:20:31 EST Article-I.D.: tekchips.571 Posted: Fri Feb 17 10:20:31 1984 Date-Received: Sun, 19-Feb-84 08:08:06 EST Organization: Tektronix, Beaverton OR Lines: 30 The problem Gene Spafford brings up about the possibility of a truly random key failing to encrypt a significant portion of a message doesn't seem to me to be a problem at all. The probability of a random xor key generating a long string of zeros, and thereby leaving the cleartext unencrypted is no greater than the probability of producing a non-zero string of bits that encrypts the text into something that *appears* to be unencrypted. Therefore, someone trying to decypher an encrypted message should take little comfort if he sees a meaningful string of characters in the encrypted text. In fact, if it isn't inconvenient to generate the key and the encrypted text simultaneously, the key can be chosen to be a string of readable cleartext. It is then sent over the unsecure communication channel and the encrypted text sent over the secure channel. Anyone tapping the unsecure channel will *always* see readable stuff but what looks like cleartext will have no discoverable relation to the actual message (unless he can tap the secure channel as well). Clearly, it isn't always convenient to use this scheme, but it does illustrate the fact that the distinction between key and encrypted text is artificial and they can be viewed as simply two components of a message, neither of which can be assumed to make any sense without the other. But I digress. It seems to me that it is always better to strive for maximum randomness in the generation of the key even if there is a probability of leaving significant parts of the cleartext untouched because an intruder cannot know that it hasn't. Jack Gjovaag Computer Research Lab Tektronix, Inc.