On Thu, Sep 13, 2001 at 11:55:12AM +0200, G?tz Babin-Ebell wrote:
> Clayton Haapala wrote:
> >
> > On Wed, Sep 12, 2001 at 08:12:39AM -0700, Michael Sierchio wrote:
> > >
> > > Clayton Haapala wrote:
> > >
> > > > Why not encrypt the Certificate key, prior to splitting it
> > >
> > > Encrypt the public key? Does not compute.
> > >
> > I wrote a bit more than THAT -- I said to use a separate public key
> > to encrypt (protect) the Certificate key. Beats using a bloody XOR.
> > Then, when they get together to merge their Certificate pieces, they
> > put them together and decrypt using the separate private key.
>
> And how do you store the seperate private key ?
>
> Don't underestimate XOR.
> With a good random source and a secure way to seperate
> key and data it is one of the best crypt algorithms available.
>
> By
>
> Goetz
According to Bruce Schnieders (sp?) bible "Applied Cryptography", a truly random one
time pad (basically this XOR thing) is the *most secure* crypto system. Its as secure
as the truly random pad is secret. The key is the same length as the clear text and
the cipher text. Any data padded with a truly random key generates truly random cipher
text. There are NO patterns in the cipher text.
Of course it has limited uses for obvious reason (I think Ill encrypt 5 10MB files
with 5 10MB random keys. That should be easy to manage :) But where is is useful, it
is very useful.
I've used it on occasions. If anyone wants to try to break something Ill send you my
Cipher text. Of course its also truly random junk, so theres not much youll be able to
do with it ;)
Crispin
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
