dittybopper: No data remanence issues.
dittybopper: To the best of me knowledge, I was the first one to publish the idea of using 10-sided dice to generate OTPs, and as you can see I've also experimented with other manual methods of encryption.
Xcott: dittybopper: Yeah, but manual, paper OTPs are about as foolproof a solution as you are going to find. The rules are simple, and when followed, they *WORK*.That's not what "foolproof" means. OTPs are actually the opposite of foolproof: they fail catastrophically when people cut a few corners or make a few mistakes, and the onerous key requirements actually encourage those mistakes.OTPs are fragile in the sense that if someone ever cuts a corner and reuses a pad, anyone who intercepts your transmissions can immediately detect the reuse, and it's not that hard to extract the messages in full when this happens. It's hard to express just how embarrassingly bad this is by modern standards: a cipher should never fail this dramatically when a key is misused or used past its mandated lifetime.On top of this, the OTP requires that key material be written down and stored in two different places, which again is pretty awful security by modern standards, or even 1970s standards. You should only need a key or passphrase that you can memorize---you should never have to write down a key---and you shouldn't have to share it with anyone, even the person with whom you are communicating. The only reason to use an OTP is that the encryption method is theoretically unbreakable if all practical matters are ignored. But you only needed that theoretical unbreakability 40-50 years ago, before people figured out how to make reliably strong cipher algorithms. And when you factor in the practical matters, it's a real D- of a cipher.This is why cryptographers are conditioned to hear "one-time pad" and think "crackpot." If you're writing cryptographic software and you want to guarantee that people will declare it snake oil, use the phrase "one-time pad" in the marketing copy.
dittybopper: Xcott: dittybopper: Color me skeptical that you could ever make it work consistently. After all, the most simple countermeasure would be to just type slowly in an even rhythm, or to consciously vary the timing.Yes, and the simple countermeasure to fingerprint detection is to wear gloves. That's why fingerprints never helped convict a criminal---because everyone just started wearing gloves all the time starting in 1892.Certainly, but we're talking about *PROFESSIONALS* here, not two-bit low level criminals with poor impulse control.Seriously, how many people do you expect to suddenly decide to type slowly in an even rhythm to prevent timing attacks on their computer? Even people aware of the need for that kind of countermeasure are going to try that for 30 seconds and say "fark it." Countermeasures are effectively a non-issue. It's like pointing out that you can defeat speaker identification by talking like Meatball all the time---great, but nobody does that, and nobody's going to do that.Actually, you can make this completely moot by simply doing your typing in a secure facility. Which is where you were going to store the documents anyway.Again, we're discussing people for whom security isn't some afterthought, but a way of life, and they are guarding secrets that you have no clue how tightly they are held. I've been inside that world.For very limited distribution, highly sensitive documents, where you can't afford to have them leaked, typing them directly onto paper instead of into a computer, where some nosy sysadmin might grab them, or some disgruntled worker might snarf on to a thumb drive . That way the only real copy is paper, and paper is harder to sneak out of a secure facility than electronic data on something as small as a thumb drive or a microSD card.How many typewritten documents do you think you could sneak past the guards that are there specifically to prevent that sort of thing?Plus, with paper, if you take the only copy, it's ...
Xcott: Encryption pads are never reused, except when some dimwit did reuse them.
dittybopper: Xcott: dittybopper: Ribbons went into burn bags when they were used up.So did one-time pads. And yet, Venona was still a real thing that happened.The pads that were used for the messages broken in the Venona program didn't: They were re-used, which is how those messages were broken.
dittybopper: Color me skeptical that you could ever make it work consistently. After all, the most simple countermeasure would be to just type slowly in an even rhythm, or to consciously vary the timing.
StaleCoffee: While the keystroke analysis sounds kind of absurd, grabbing the em radiation is called Van Eck phreaking.
rumpelstiltskin: The keystroke analysis could be based on the idea that every hammer travels a different distance from its resting point to the point of impact, and then returns the same distance. That doesn't seem trivial to analyze when someone is typing quickly; you have three sounds for each key, and you need to sort them all out. But it definitely doesn't seem impossible.
FullMetalPanda: dittybopper: Actually makes sense, and it's why I use a manual typewriter to make one time pads: No data remanence issues.They can tell exactly what you're typing by just hearing you type
dittybopper: Actually makes sense, and it's why I use a manual typewriter to make one time pads: No data remanence issues.
vpb: Actually, they are switching back to typewriters to avoid leaks.The idea that they didn't know that the NSA was spying on them is cute, considering that the NSA was created specifically to spy on them back during the cold war.
If you like these links, you'll love
More Farking, less working
Sign up for the Fark NotNewsletter!
Links are submitted by members of the Fark community.
When community members submit a link, they also write a custom headline for the story.
Other Farkers comment on the links. This is the number of comments. Click here to read them.
You need to create an account to submit links or post comments.
Click here to submit a link.
Also on Fark
Submit a Link »
Copyright © 1999 - 2018 Fark, Inc | Last updated: Feb 24 2018 06:06:59
Runtime: 0.247 sec (246 ms)