|
Science Forum Index » Cryptography Forum » Good Program That Creates OTPs?
Page 1 of 3 Goto page 1, 2, 3 Next
|
| Author |
Message |
| Jeremy Thorpe |
 Posted: Fri Dec 12, 2003 12:28 pm |
|
|
|
Guest
|
Does anyone here know of a program for Linux that creates OTPs and is
open source?
Thank you so much. I want to burn a bunch of them on a CD and send it to
a friend so that we can discuss a certain proprietary project in complete
secrecy, and this is the only encryption scheme I trust.
Jeremy |
|
|
| Back to top |
|
| Hillary Clinton |
| Posted: Fri Dec 12, 2003 12:28 pm |
|
|
|
Guest
|
Jeremy Thorpe wrote:
Quote: Does anyone here know of a program for Linux that creates OTPs and is
open source?
I don't know of a "program that creates OTPs" but if all you are looking
for is the pad itself and good source of random data will do.
Try www.random.org to get a bunch or random files. You can download 1 or 10
meg files. Then get a really good encryption program. Take the random file
you download from random.org and encrypt it with AES or serpent or twofish
and throw away the key. You now have a nearly random file that you can use
for a pad. And it is no longer something you downloaded from the internet.
There are probably lots of technical problems with this approach, but I'm
willing to bet you don't need as much confidertiality as Bill and I do, so
it is probably good enough for your purposes.
Now on to the real problem. How will you share the keying material with
AlGore, or whom ever is on the other end of the connection? |
|
|
| Back to top |
|
| Tom St Denis |
| Posted: Fri Dec 12, 2003 12:36 pm |
|
|
|
Guest
|
"Jeremy Thorpe" <jeremythorpe@shore.net> wrote in message
news:eVmCb.323$0s2.198@newsread2.news.pas.earthlink.net...
Quote:
Does anyone here know of a program for Linux that creates OTPs and is
open source?
Thank you so much. I want to burn a bunch of them on a CD and send it to
a friend so that we can discuss a certain proprietary project in complete
secrecy, and this is the only encryption scheme I trust.
Trust? Trust for what? An OTP doesn't give you authentication. They're
not very practical.
You gotta learn yourself some of them there cryptological thingies before
you bequest your desires and feign imagination on this group.
Tom |
|
|
| Back to top |
|
| David Wagner |
| Posted: Fri Dec 12, 2003 3:13 pm |
|
|
|
Guest
|
Jeremy Thorpe wrote:
Quote: But no one is going to steal those one-time-pads.
They will be destroyed forever after being used, [...]
That doesn't prevent them from being copied before they are used.
Quote: having long since been
transferred from the CD, which is only a means of conveying them to their
destination and then burned to dust. They will not be stored on a computer.
I don't follow. If you're copying them from the CD to a computer,
in what sense can one say that they are not stored on a computer?
Or, are they copied onto some other media? (And, how do you know
they won't get stolen from that other media?) |
|
|
| Back to top |
|
| Jeremy Thorpe |
| Posted: Fri Dec 12, 2003 3:28 pm |
|
|
|
Guest
|
On Fri, 12 Dec 2003 17:36:49 GMT, Tom St Denis <tomstdenis@iahu.ca> wrote:
Quote:
"Jeremy Thorpe" <jeremythorpe@shore.net> wrote in message
news:eVmCb.323$0s2.198@newsread2.news.pas.earthlink.net...
Does anyone here know of a program for Linux that creates OTPs and is
open source?
Thank you so much. I want to burn a bunch of them on a CD and send it to
a friend so that we can discuss a certain proprietary project in complete
secrecy, and this is the only encryption scheme I trust.
Trust? Trust for what? An OTP doesn't give you authentication. They're
not very practical.
You gotta learn yourself some of them there cryptological thingies before
you bequest your desires and feign imagination on this group.
Tom
No. I need a program that creates OTPs. You sure have a strange way of
saying that you don't know of any.
Wouldn't a more reasonable course be to just give my post a pass?
Wait! I get it: You're being "cryptic". Isn't that just too cute.
Jeremy |
|
|
| Back to top |
|
| Tom St Denis |
| Posted: Fri Dec 12, 2003 3:42 pm |
|
|
|
Guest
|
"Jeremy Thorpe" <jeremythorpe@shore.net> wrote in message
news:%xpCb.963$Pg1.421@newsread1.news.pas.earthlink.net...
Quote: On Fri, 12 Dec 2003 17:36:49 GMT, Tom St Denis <tomstdenis@iahu.ca> wrote:
"Jeremy Thorpe" <jeremythorpe@shore.net> wrote in message
news:eVmCb.323$0s2.198@newsread2.news.pas.earthlink.net...
Does anyone here know of a program for Linux that creates OTPs and is
open source?
Thank you so much. I want to burn a bunch of them on a CD and send it
to
a friend so that we can discuss a certain proprietary project in
complete
secrecy, and this is the only encryption scheme I trust.
Trust? Trust for what? An OTP doesn't give you authentication.
They're
not very practical.
You gotta learn yourself some of them there cryptological thingies
before
you bequest your desires and feign imagination on this group.
Tom
No. I need a program that creates OTPs. You sure have a strange way of
saying that you don't know of any.
Wouldn't a more reasonable course be to just give my post a pass?
Wait! I get it: You're being "cryptic". Isn't that just too cute.
So your definition of "secure" doesn't involve authentication? So
essentially you want your bits to be private but you don't care what they
turn into on the other end.... Neat.
Tom |
|
|
| Back to top |
|
| Jeremy Thorpe |
| Posted: Fri Dec 12, 2003 4:28 pm |
|
|
|
Guest
|
On Fri, 12 Dec 2003 20:42:46 GMT, Tom St Denis <tomstdenis@iahu.ca> wrote:
Quote:
"Jeremy Thorpe" <jeremythorpe@shore.net> wrote in message
news:%xpCb.963$Pg1.421@newsread1.news.pas.earthlink.net...
On Fri, 12 Dec 2003 17:36:49 GMT, Tom St Denis <tomstdenis@iahu.ca> wrote:
"Jeremy Thorpe" <jeremythorpe@shore.net> wrote in message
news:eVmCb.323$0s2.198@newsread2.news.pas.earthlink.net...
Does anyone here know of a program for Linux that creates OTPs and is
open source?
Thank you so much. I want to burn a bunch of them on a CD and send it
to
a friend so that we can discuss a certain proprietary project in
complete
secrecy, and this is the only encryption scheme I trust.
Trust? Trust for what? An OTP doesn't give you authentication.
They're
not very practical.
You gotta learn yourself some of them there cryptological thingies
before
you bequest your desires and feign imagination on this group.
Tom
No. I need a program that creates OTPs. You sure have a strange way of
saying that you don't know of any.
Wouldn't a more reasonable course be to just give my post a pass?
Wait! I get it: You're being "cryptic". Isn't that just too cute.
So your definition of "secure" doesn't involve authentication? So
essentially you want your bits to be private but you don't care what they
turn into on the other end.... Neat.
Tom
You sure are good at jumping to conclusions in the absence of data.
Jeremy |
|
|
| Back to top |
|
| Tom St Denis |
| Posted: Fri Dec 12, 2003 4:34 pm |
|
|
|
Guest
|
"Jeremy Thorpe" <jeremythorpe@shore.net> wrote in message
news:fqqCb.1016$Pg1.782@newsread1.news.pas.earthlink.net...
Quote: You sure are good at jumping to conclusions in the absence of data.
Ok, tell me, how does your threat model avoid authenticity issues?
Tom |
|
|
| Back to top |
|
| Jan Panteltje |
| Posted: Fri Dec 12, 2003 4:43 pm |
|
|
|
Guest
|
On a sunny day (Fri, 12 Dec 2003 17:28:42 GMT) it happened Jeremy Thorpe
<jeremythorpe@shore.net> wrote in
<eVmCb.323$0s2.198@newsread2.news.pas.earthlink.net>:
Quote:
Does anyone here know of a program for Linux that creates OTPs and is
open source?
Thank you so much. I want to burn a bunch of them on a CD and send it to
a friend so that we can discuss a certain proprietary project in complete
secrecy, and this is the only encryption scheme I trust.
Jeremy
cat /dev/random > file
Type also:
apropos random
Then read all those manuals 
Jan |
|
|
| Back to top |
|
| Jeremy Thorpe |
| Posted: Fri Dec 12, 2003 4:58 pm |
|
|
|
Guest
|
On Fri, 12 Dec 2003 16:21:01 -0500 (EST), Hillary Clinton <hillary-no-spam@clinton.net> wrote:
Quote:
Jeremy Thorpe wrote:
Does anyone here know of a program for Linux that creates OTPs and is
open source?
I don't know of a "program that creates OTPs" but if all you are looking
for is the pad itself and good source of random data will do.
There are several. I was just hoping to find someone that used one of them
and therefore could recommend it.
Quote:
Try www.random.org to get a bunch or random files. You can download 1 or 10
meg files. Then get a really good encryption program. Take the random file
you download from random.org and encrypt it with AES or serpent or twofish
and throw away the key. You now have a nearly random file that you can use
for a pad. And it is no longer something you downloaded from the internet.
Very good. I'll look into that.
Quote: There are probably lots of technical problems with this approach, but I'm
willing to bet you don't need as much confidertiality as Bill and I do, so
it is probably good enough for your purposes.
Yeh. Wouldn't want anyone to see those videos of you two and those chimpanzees.
Quote: Now on to the real problem. How will you share the keying material with
AlGore, or whom ever is on the other end of the connection?
Hand-delivered by a trusted friend who won't even know what they are actually
carrying. (the CD will be disguised and they will see only a stack of papers)
Seems like there should be some way to use /dev/random on my Linux box.
All I need is to randomize a list of numbers 0000 to 9999.
Thanks a lot Hillary. You are hillaryus :-)
Jeremy |
|
|
| Back to top |
|
| Paul Rubin |
| Posted: Fri Dec 12, 2003 5:11 pm |
|
|
|
Guest
|
Jeremy Thorpe <jeremythorpe@shore.net> writes:
Quote: Thank you so much. I want to burn a bunch of them on a CD and send it to
a friend so that we can discuss a certain proprietary project in complete
secrecy, and this is the only encryption scheme I trust.
Learn some more cryptography so you'll come to trust better schemes. |
|
|
| Back to top |
|
| Jeremy Thorpe |
| Posted: Fri Dec 12, 2003 6:28 pm |
|
|
|
Guest
|
On Fri, 12 Dec 2003 21:43:19 GMT, Jan Panteltje <pNaonStpealmtje@yahoo.com> wrote:
Quote:
On a sunny day (Fri, 12 Dec 2003 17:28:42 GMT) it happened Jeremy Thorpe
jeremythorpe@shore.net> wrote in
eVmCb.323$0s2.198@newsread2.news.pas.earthlink.net>:
Does anyone here know of a program for Linux that creates OTPs and is
open source?
Thank you so much. I want to burn a bunch of them on a CD and send it to
a friend so that we can discuss a certain proprietary project in complete
secrecy, and this is the only encryption scheme I trust.
Jeremy
cat /dev/random > file
Type also:
apropos random
Then read all those manuals
Jan
I can do that, Jan, and have /dev/random setup correctly, but what I need
to make my simplistic scheme work is the numbers 0000 to 9999 randomized.
When you trim the output of of /dev/random to 4 characters (by concatenating
several runs and then trimming it down) you get a lot of duplicates.
I wonder if there is some way I could just print out a list in order and
then use /dev/random to select a line at random and send it to the bottom
of another file?
Thank you much.
Jeremy |
|
|
| Back to top |
|
| Jeremy Thorpe |
| Posted: Fri Dec 12, 2003 6:28 pm |
|
|
|
Guest
|
On Fri, 12 Dec 2003 21:34:23 GMT, Tom St Denis <tomstdenis@iahu.ca> wrote:
Quote:
"Jeremy Thorpe" <jeremythorpe@shore.net> wrote in message
news:fqqCb.1016$Pg1.782@newsread1.news.pas.earthlink.net...
You sure are good at jumping to conclusions in the absence of data.
Ok, tell me, how does your threat model avoid authenticity issues?
Tom
No. You won't tell me what I want to know, so I won't tell you what you
want to know.
Jeremy |
|
|
| Back to top |
|
| Jeremy Thorpe |
| Posted: Fri Dec 12, 2003 6:28 pm |
|
|
|
Guest
|
On Fri, 12 Dec 2003 21:43:19 GMT, Jan Panteltje <pNaonStpealmtje@yahoo.com> wrote:
Quote:
On a sunny day (Fri, 12 Dec 2003 17:28:42 GMT) it happened Jeremy Thorpe
jeremythorpe@shore.net> wrote in
eVmCb.323$0s2.198@newsread2.news.pas.earthlink.net>:
Does anyone here know of a program for Linux that creates OTPs and is
open source?
Thank you so much. I want to burn a bunch of them on a CD and send it to
a friend so that we can discuss a certain proprietary project in complete
secrecy, and this is the only encryption scheme I trust.
Jeremy
cat /dev/random > file
Type also:
apropos random
Then read all those manuals
Jan
I can do that, Jan, and have /dev/random setup correctly, but what I need
to make my simplistic scheme work is the numbers 0000 to 9999 randomized.
When you trim the output of of /dev/random to 4 characters (by concatenating
several runs and then trimming it down) you get a lot of duplicates.
I wonder if there is some way I could just print out a list in order and
then use /dev/random to select a line at random and send it to the bottom
of another file?
Thank you much.
Jeremy |
|
|
| Back to top |
|
| Jeremy Thorpe |
| Posted: Fri Dec 12, 2003 6:28 pm |
|
|
|
Guest
|
On Fri, 12 Dec 2003 21:34:23 GMT, Tom St Denis <tomstdenis@iahu.ca> wrote:
Quote:
"Jeremy Thorpe" <jeremythorpe@shore.net> wrote in message
news:fqqCb.1016$Pg1.782@newsread1.news.pas.earthlink.net...
You sure are good at jumping to conclusions in the absence of data.
Ok, tell me, how does your threat model avoid authenticity issues?
Tom
No. You won't tell me what I want to know, so I won't tell you what you
want to know.
Jeremy |
|
|
| Back to top |
|
| |
