[8375] in cryptography@c2.net mail archive
Re: Cryptographic Algorithm Metrics
daemon@ATHENA.MIT.EDU (Ben Laurie)
Wed Jan 3 18:06:52 2001
Message-ID: <3A53AF36.328B75ED@algroup.co.uk>
Date: Wed, 03 Jan 2001 23:01:10 +0000
From: Ben Laurie <ben@algroup.co.uk>
MIME-Version: 1.0
To: Greg Rose <ggr@qualcomm.com>
Cc: John Young <jya@pipeline.com>, cryptography@c2.net
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Greg Rose wrote:
>
> At 03:06 PM 1/3/2001 -0500, John Young wrote:
> >Yes, the one-time pad. However, I wondered if Smith
> >was hinting at another cipher(s) not yet publicized,
> >perhaps computational -- or more exotic technology
> >such as quantum, DNA, ultra-spectral and beyond.
>
> It always amazes me that people single out the OTP here. There are any
> number of other algorithms that are unconditionally secure. The simplest is
> Shamir's secret sharing, when you don't have enough shares. At Crypto a
> couple of years ago the invited lecture gave some very general results
> about unconditionally secure ciphers... unfortunately I can't remember
> exactly who gave the lecture, but I think it might have been Oded
> Goldreich... forgive me if I'm wrong. The important result, though, was
> that you need truly random input to the algorithm in an amount equal to the
> stuff being protected, or you cannot have unconditional security. The OTP
> is just the simplest realisation of this.
Don't you think that's a pretty good reason for singling it out? Is
there any additional merit in the more complex realisations?
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
