On 2015-03-20, at 1:24 PM, stef <s...@ctrlc.hu> wrote: > On Fri, Mar 20, 2015 at 06:12:31PM +0000, Dave Howe wrote: >> Or a reasonably clever and trolling satire on snakeoil products. :) > > the less optimistic alternative is this being a well-crafted water-holing site > targeted at the members of this mailing-list.
Szia Stef, I believe I’ve also seen this raised on sci.crypt, which is spectacularly easy to troll. I really WANT to believe it is a deliberate troll-like thing. But the sad fact of the matter is that a huge number of people who learn a little about the OTP think that they can create unbreakable crypto, and they end up (1) Using a crappy PRNG. (2) Seeding/keying their crappy PRNG badly. (3) Failing to notice/address the malleability of these things. (4) Reusing the key/pad. So whether a troll or not, that is the kind of snake oil that people sincerely produce. I like using the OTP as an example of how brittle some schemes are. Doing things “slightly” wrong can lead to dramatic reductions in security. Cheers, -j _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
