[cryptography] Unbreakable crypto?
jeffrey at goldmark.org
Fri Mar 20 17:21:57 EDT 2015
On 2015-03-20, at 1:24 PM, stef <s at ctrlc.hu> wrote:
> On Fri, Mar 20, 2015 at 06:12:31PM +0000, Dave Howe wrote:
>> Or a reasonably clever and trolling satire on snakeoil products. :)
> the less optimistic alternative is this being a well-crafted water-holing site
> targeted at the members of this mailing-list.
I believe I’ve also seen this raised on sci.crypt, which is
spectacularly easy to troll.
I really WANT to believe it is a deliberate troll-like thing. But
the sad fact of the matter is that a huge number of people who
learn a little about the OTP think that they can create unbreakable
crypto, and they end up
(1) Using a crappy PRNG.
(2) Seeding/keying their crappy PRNG badly.
(3) Failing to notice/address the malleability of these things.
(4) Reusing the key/pad.
So whether a troll or not, that is the kind of snake oil that people
I like using the OTP as an example of how brittle some schemes are. Doing
things “slightly” wrong can lead to dramatic reductions in security.
More information about the cryptography