Hi, A couple of specific comments:
Unfortunately I have it on very good authority that the @CIPHER tag does not work as well as it should. Here is what Jess told me:There may be some truth to that comment, but it is due to the nature of the problem and not necessarily the @CIPHER tag itself. Yes, the BitRoll, Caesar, and Rot13 types supported by @CIPHER are trivial encryption methods and don't have a place in a production system.
"Unless somebody has changed something in the last
year, all of Tango's <@CIPHER> stuff (besides the
hash) is basically worthless for the purposes of
security.
OneTimePad is by definition a rotation cipher. It even says so right in the manual. Criticizing it for being so is like complaining that a dog has fur.The one time pad actually isn't a one time pad at all, it's a rotation cipher, and on top of that it doesn't work properly...
The power of the OneTimePad is based in the keys and their management, not the cipher algorithm itself. In a perfect world, OneTimePad is the most secure encryption mechanism available. Why? Because, in a perfect world, the keys are *NEVER* reused and never stored after use.
Obviously not storing keys is difficult in the real world, so in practice, the OneTimePad falls far short of its theoretical performance.
As to your comment that it doesn't work properly, I've never heard or experienced any issues with it.
Eric
________________________________________________________________________
TO UNSUBSCRIBE: send a plain text/US ASCII email to [EMAIL PROTECTED]
with unsubscribe witango-talk in the message body
