On Fri, Mar 20, 2015 at 4:02 AM, Enrique Soriano <esori...@lsub.org> wrote:
> These days we can buy 128GB pendrives (i.e. very long pads) for $35. > > This simple approach seems viable to me: > > https://www.codeandsec.com/Poor-Mans-Unbreakable-Encrypted-TCP-Tunnel Poorly implemented, one time pads are in fact quite dangerous: 1) Extremely great care must be taken to never reuse any portion of the pad. When reused, the attacker can easily obtain the XOR of the plaintexts encrypted with the reused portion of the pad 2) Without authentication (i.e. a MAC), one time pads are highly malleable The author of that software doesn't know the difference between a one time pad and a stream cipher. There's no practical reason to prefer a one time pad to a modern stream cipher like ChaCha20, which can be combined with the Poly1305 MAC to create an authenticated encryption scheme that isn't malleable like an unauthenticated one time pad. -- Tony Arcieri
_______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
