[8374] in cryptography@c2.net mail archive
Re: Cryptographic Algorithm Metrics
daemon@ATHENA.MIT.EDU (Peter Fairbrother)
Wed Jan 3 17:43:43 2001
Date: Wed, 03 Jan 2001 22:38:00 +0000
From: Peter Fairbrother <peter.fairbrother@ntlworld.com>
To: Greg Rose <ggr@qualcomm.com>, John Young <jya@pipeline.com>
Cc: <cryptography@c2.net>
Message-ID: <B6795A48.48E5%peter.fairbrother@ntlworld.com>
In-Reply-To: <4.3.1.0.20010104081709.01d6fc38@127.0.0.1>
Mime-version: 1.0
Content-type: text/plain; charset="US-ASCII"
Content-transfer-encoding: 7bit
on 3/1/01 9:25 pm, Greg Rose at ggr@qualcomm.com wrote:
> At 03:06 PM 1/3/2001 -0500, John Young wrote:
>> Yes, the one-time pad. However, I wondered if Smith
>> was hinting at another cipher(s) not yet publicized,
>> perhaps computational -- or more exotic technology
>> such as quantum, DNA, ultra-spectral and beyond.
>
> It always amazes me that people single out the OTP here. There are any
> number of other algorithms that are unconditionally secure. The simplest is
> Shamir's secret sharing, when you don't have enough shares.
I don't think secret sharing qualifies as a cipher.
> At Crypto a
> couple of years ago the invited lecture gave some very general results
> about unconditionally secure ciphers... unfortunately I can't remember
> exactly who gave the lecture, but I think it might have been Oded
> Goldreich... forgive me if I'm wrong. The important result, though, was
> that you need truly random input to the algorithm in an amount equal to the
> stuff being protected, or you cannot have unconditional security.
Not so. Perfect compression with encryption works too.
>The OTP
> is just the simplest realisation of this.
>
> Greg.
Peter
--
Peter Fairbrother
peter.fairbrother@ntlworld.com
