Newsgroups: sci.crypt
Path: utzoo!henry
From: henry@utzoo.uucp (Henry Spencer)
Subject: Re: One time pads?
Message-ID: <1988Feb28.000316.9936@utzoo.uucp>
Organization: U of Toronto Zoology
References: <4209@june.cs.washington.edu>
Date: Sun, 28 Feb 88 00:03:16 GMT

> ... What if the n+5th message is the key (again adulterated in some
> form) for the nth message? ...

Chaining schemes like this require perfect transmission.  Real cryptosystems
have to be robust in the presence of garbles in messages or even missing
messages; such things do happen.

All such "autokey" systems have a major weakness for serious use: even a
hint as to what's going on destroys security.  The standard rule of thumb
for cryptosystem design is that it simply isn't possible to keep an enemy
totally ignorant of the general nature of the cryptosystem.  (In fact, the
standard rule is stronger than that:  one should assume that the enemy
knows *everything* about your cryptosystem that isn't changed frequently,
i.e. he knows everything except what today's encryption key is.)
-- 
Those who do not understand Unix are |  Henry Spencer @ U of Toronto Zoology
condemned to reinvent it, poorly.    | {allegra,ihnp4,decvax,utai}!utzoo!henry
