Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.1 (Tek) 9/26/83; site tekchips.UUCP
Path: utzoo!watmath!clyde!floyd!vax135!cornell!uw-beaver!tektronix!tekchips!jackg
From: jackg@tekchips.UUCP (Jack Gjovaag)
Newsgroups: net.crypt
Subject: one time pads and non-random generators
Message-ID: <571@tekchips.UUCP>
Date: Fri, 17-Feb-84 10:20:31 EST
Article-I.D.: tekchips.571
Posted: Fri Feb 17 10:20:31 1984
Date-Received: Sun, 19-Feb-84 08:08:06 EST
Organization: Tektronix, Beaverton OR
Lines: 30

The problem Gene Spafford brings up about the possibility of a truly
random key failing to encrypt a significant portion of a message
doesn't seem to me to be a problem at all.  The probability of a
random xor key generating a long string of zeros, and thereby leaving
the cleartext unencrypted is no greater than the probability of
producing a non-zero string of bits that encrypts the text into
something that *appears* to be unencrypted.  Therefore, someone
trying to decypher an encrypted message should take little comfort
if he sees a meaningful string of characters in the encrypted text.
In fact, if it isn't inconvenient to generate the key and the
encrypted text simultaneously, the key can be chosen to be a
string of readable cleartext.  It is then sent over the unsecure
communication channel and the encrypted text sent over the
secure channel.  Anyone tapping the unsecure channel will *always*
see readable stuff but what looks like cleartext will have no
discoverable relation to the actual message (unless he can tap
the secure channel as well).  Clearly, it isn't always convenient
to use this scheme, but it does illustrate the fact that the
distinction between key and encrypted text is artificial and
they can be viewed as simply two components of a message, neither
of which can be assumed to make any sense without the other.

But I digress.  It seems to me that it is always better to strive
for maximum randomness in the generation of the key even if there
is a probability of leaving significant parts of the cleartext 
untouched because an intruder cannot know that it hasn't.

  Jack Gjovaag
  Computer Research Lab
  Tektronix, Inc.