Re: OT: how to securely produce a large data file for "one time tape" encryption input
- Posted by ghaberek (admin) Aug 18, 2015
- 2128 views
but yes I do want to "roll my own". I know what my code does
Can you honestly attest that you know what your code does? We do not know what we do not know, and you will not know if your code can be broken until it is broken.
what back-doors might be in someone else's I can't say
The examples I provided have been analyzed repeatedly by many cryptographers for potential back doors and none have ever been found.
I won't upload it for anyone else because whoever wants it, would be as paranoid as myself and would not want to use it.
Security through obscurity is no security at all.
Keep in mind, once your info is out there, it can never be retracted. Why make it easy for the data collectors? The one-time-pad (tape) method is the ONLY encryption that is actually uncrackable, assuming unlimited resources is thrown at a decryption effort.
That is not true because you are not using a proper one-time pad:
You are generating the one-time pad and then keeping it static and you are reusing it at some point.
Any encryption where the key is of shorter length than the plaintext, is vulnerable, because there is a relationship.
This is also not true. Definitely not true. To date, several encryption algorithms like Blowfish (and Twofish/Threefish), Serpent and Rijndael have no known weaknesses when very strong keys are used (e.g. 256-bit). It would take several lifetimes to crack those algorithms with brute force.
While I am not in any way an authority on this subject...
Neither am I. Which is why I can say I will not attempt to secure my clients' data with my own home-made pad lock, regardless of how big it may be.
Without mentioning details that could get me in trouble, I have had 2 years in the armed forces where amongst other things I learned Morse code and had lots and lots of practice with groups of numbers ;)
That's good for you. I wish I knew Morse code. But this does not make you a cryptographer.
Here's a funny quote: "Just because I am paranoid, does not mean they are not out to get me"
Yes I know that quote. Joseph Heller, Catch-22. However, you may need to consider that your approach is not even wrong.
-Greg
