-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 > ``never'' is in this case based on one case of provable secure scheme > (that was notably difficult in implementation)?
I wouldn't be so quick to place blame on the difficulty of implementing the one-time pad. Implementing the OTP is really pretty simple: use each pad once and burn it when you're done. The difficulty lies in trying to make fallible human nature rise to the level of competency required to use the OTP. Anyway, to answer your question, no. It's based on a couple of things. 1. Many provably secure schemes are isomorphic to the one-time pad. This means that the other provably secure schemes share the same flaws as the OTP. 2. The provably secure schemes that aren't isomorphic to the OTP typically get broken pretty quickly. As an example of #2, look at IBM's Atjai-Dwork, which was released at CRYPTO97. Atjai-Dwork was some nice work, really, with a beautiful mathematical proof of security. I emphasize this: _proof_. It wasn't built on conjecture. Within a year there were three different breaks against Atjai-Dwork. Turns out the axioms Atjai and Dwork used to build the algorithm weren't quite as robust as they thought. Moral of the story: proofs of security are nice. They give us something to point and laugh at. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (Darwin) iQEcBAEBCgAGBQJGKoqZAAoJELcA9IL+r4EJ0NAH/iITpey1J+7LSzmOEhQXmx07 neLiSqeTb++9yy2mWWlYt8WyfvALbljNWrgmyZqFoRrMRVkkF+MhbqEPm9PcyOcp ndE78mqt+9xI+H7SY6heFyWRemKtXVpGBYalHeFh3P+K/1xzmAio6SwfTw6PxYl+ gvAy1pvvNY1HNi/jux6PzCyI3AVSZGudV92/6cQJkED0UOPIdWcuoyu1PHY2g8St hhLmVXewBe41P883wV1y3/5mwQBTGp+j6yH9i1FZ/46vzVhRbwidJgtYSZpnB9Yn fsXfZlazX5MFVIJQyeUOzkARYmD4Go+sALw6TP75HhRrXYBlv7CWAqsMkm57WPg= =sGBb -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
