On 3/21/15, Jeffrey Goldberg <[email protected]> wrote: > [Apologies for quoting badly] > > No! A thousand times no. > > (1) the file isn't secret
But the fact that I'm using it as my one-time pad is. Why isn't that good enough? > (2) the file isn't random. Right. An ISO file is a bad choice - too many zeros & machine code isn't very random. But what about something like an MP3, OGV or some other compressed file? > I'm sorry to pick on you, but you've illustrated a point I tried to make > earlier. The OTP is a simple idea that is remarkably easy for people to > misunderstand. It doesn't feel like you're picking on me - I appreciate the feedback :) Best Regards, Lee > >> On Mar 21, 2015, at 3:13 PM, Lee <[email protected]> wrote: >> >>> On 3/20/15, Michael Kjörling <[email protected]> wrote: >>> On 20 Mar 2015 15:11 -0400, from [email protected] (Kevin): >>>> I was tempted by the promise of software to run a one-time pad on my >>>> machine. I am a fool and I fall upon my own sword. >>> >>> An unauthenticated one-time pad is trivial to implement; it's >>> literally a few lines of code in any reasonably modern language, and a >>> handful of lines of code in less modern ones. >>> >>> The hard part, as has been pointed out in this thread, is to generate >>> and handle the _pad_. >> >> Would a commonly available large binary file make a good one-time pad? >> Something like ubuntu-14.10-desktop-amd64.iso12 maybe.. >> >> Regards, >> Lee >> _______________________________________________ >> cryptography mailing list >> [email protected] >> http://lists.randombit.net/mailman/listinfo/cryptography > _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
