Jeff Bone <jbone@jump.net> writes:
> kragen@pobox.com wrote:
> > Jeff Bone <jbone@jump.net> writes:
> > > > Of course, if you're up against a big enemy, and they know the type of
> > > > observation you're doing then they can do the equivalent of a brute force
> > > > search (record all TV stations, measure all stars, etc.).
> > >
> > > That's essentially the same as "generate all possible one-time pads of form X." If
> > > you can make the problem that hard for "them," you've won. ;-)
> >
> > It's not at all essentially the same, although you may be correct that
> > it's good enough. If you find a star that decrypts the message to
> > something sensible, you can be pretty sure the decryption was correct;
> > that's not at all true of one-time pads.
>
> You're missing the point. It's not just about finding the star, it's about finding the
> time interval in which the observations yielded the keypad bitstring in question.
OK, fine, but the point is that if you find a star and a time (and
whatever other set of parameters you need --- sampling rate, bits per
sample, wavelength filters, etc etc etc) that decrypts a ciphertext
into something sensible, you can be sure that it's the right sensible
thing. That's not the case with one-time pads --- given any
ciphertext-plaintext pair of the same length, you can find a pad that
will encrypt the plaintext as the ciphertext.
This is because the one-time pad has a keyspace as large as the number
of possible plaintexts.
It *does* have the very cool property that, if the star isn't being
measured by your adversary at the time, they can't get the key bits
later --- which is not the case for more ordinary kinds of stream
ciphers.
This archive was generated by hypermail 2b29 : Fri Apr 27 2001 - 23:18:42 PDT