Subject: Re: System clock resolution and random numbers
To: Ty Sarna <firstname.lastname@example.org>
From: Dave Burgess <email@example.com>
Date: 05/02/1997 16:05:58
> Andrew Brown wrote:
> > that, i believe, was in "cardinal of the kremlin" and they made the cds
> > by sampling atmospheric noise and overlaying lots of samples. then the
> > encryption/decryption key (the cd was used as a otp) was simply an
> > offset into the cd's data. cute, eh?
> Yup, that's what I remember, except I haven't read "Cardinal of the
> Kremlin" yet, so either it was another book or it appeared in more than
> one of his books.
> The hard part of this scheme would be secure delivery of the cd's more
> than the generation of the numbers, I think. Of course, you can decide
> how secure you need to be and put an according amount of effort and
> money into it. For doing it on the cheap, you could just use the "hidden
> in plain sight" trick. Disguise them like music CD's and send then by
> regular mail/FedEx/UPS/etc.
> Anyone want to go into business? :-)
One of my crypography texts suggested using a bank of rock and roll CD's
and XORing the contents of your message with the non-zero contents of
the CD. You pick the title and the offset and away you go. It has the
added benefit of justifying having headphones plugged into your CD
drive: "I have to make sure I'm using the right key disk...."
Dave Burgess Network Engineer - Nebraska On-Ramp, Inc.
*bsd FAQ Maintainer / SysAdmin for the NetBSD system in my spare bedroom
"Just because something is stupid doesn't mean there isn't someone that
doesn't want to do it...."