Thank you Kevin for your comments! One-time pad offers perfect secrecy, but yes, it is not much used in practice mainly because of several problems/challenges I am sure you in this list are well aware of.
About the XEP proposal: if Prover and Verifier clients are running in same device or even in same application, amount of one-time pad related problems decreases, because the keys can be used, transmitted, stored and deleted, e.g., inside one running program. Randomness that is good enough for cryptography is of course problematic. Usage of one-time pad would be very different than we have learned from crypto books. A new key and message to be encrypted could be randomly generated every time when authenticating. No long pads are used/needed/stored so it has still been quite fast in my tests. But would one-time pad actually give any additional security when compared just using a random string (key part from one-time pad without the encrypted message)? Can anyone find threats related to the XEP proposal? Like from message authentication? For example, one-time pads do not provide any message authentication, would it be more secure to to use random key to encrypt a randomly generated message or understandable message? Is there any difference? At the moment message authentication is provided using a mechanism where the Verifier processes only a message coming from a known Prover containing a known secret. If there is errors in the sender or in the secret, the message is not processed as authentic. In addition XMPP's E2E security could be used for encryption/authenticity. -Teemu 2014/1/10 Kevin <kevinsisco61...@gmail.com>: > I have looked over the 2-factoring mechanism and I feel the need to point > something out: > The one-time pad, while great in theory, proves somewhat unrealistic in > practice. It can be slow, especially if used in hardware. So if used in a > router could possibly lag the network. Again, the one-time pad is great in > theory; I personally like it. Realistically, however, I'd replace it with > something else. Just my thoughts. > > -- > Kevin > > _______________________________________________ > cryptography mailing list > cryptography@randombit.net > http://lists.randombit.net/mailman/listinfo/cryptography _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
