Regarding the security of this

  • tyree731

    tyree731 - 2008-05-20

    You use the one-time pad to encrypt which is nice and all, but I have a question. How are keys distributed? One-time pad relies on completely random keys to be information theoretically secure. If, for example, you used Diffie-Hellman to distribute keys then this scheme would only be as secure as Diffie-Hellman is (notably, the difficulty discrete logarithm problem which is not information theoretically secure) since the completely random key would be sent using this scheme across the network. Furthermore, if the two parties agree on a pre-shared key then this is not information theoretically secure since the xor of two ciphertexts equals the xor of two plaintexts. If the adversary could guess a single plaintext he or she has the key. Finally, if the two parties agree on a pre-shared key then use that to seed a PRNG, then this is not information theoretically secure either since the key is no longer completely random. If an adversary knows the number of messages sent then he or she only has to guess the seed of the generator in order to be able to recover every single message sent. Again, since we are using the one-time pad, the xor of two ciphertexts equals the xor of the two corresponding plaintexts. Guessing any plaintext and getting it right would give the key and, unless one is careful, the internal state of the PRNG.

    I guess I'm just curious what you do.

    • Pascal Sachs

      Pascal Sachs - 2008-05-21

      The one-time pad plugin works as follows:
      1.) Alice creates the key for her and Bob. She can use the internal key-generator, a random block device or a key-file. So if you don't trust our internal key generator you can use another source. Furthermore the internal key generator is not a PRNG so the key can't be reconstructed with just a seed.

      2.) If you would have read the instructions on the page the you would know: We recommend, that Alice distribute the key over an usb stick, cd directly to Bob, personally. One can also use another distribution method, but as you said, that's not really secure.

      3.) Bob can now move the key to the .paranoia folder and can now chat encrypted with alice.

      Best you just read the instructions on the page and the README file to know how our system exactly works.

      Anyway we do not distribute keys automatically because there is no secure way to do so. I hope I could help you

    • tyree731

      tyree731 - 2008-05-22

      Thank you for the response. I'm sorry if I seemed uninformed in my first post as I was too lazy to look up how you do it.

      You're key generation scheme (randomness extractor) is wonderful and your scheme is elegant and simple. Apologies all around.


Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

No, thanks