Encrypted data sample
Yates, Glen
JAMES.G.YATES at saic.com
Thu Apr 10 12:28:01 EDT 2003
> I really don't know much about MC's encryption either. The program
> I posted relies on a keyFile with the same list of random numbers being
> stored on each computer. Unless someone else has access to that file or
> is somehow reading the electronic emissions from your keyboard, the
> encryption is in the form of a one-time pad which is the most secure form
> of encryption possible. As long as the keyFile is used only once and then
> discarded or replaced, the code is unbreakable.
>
> Philip Chumbley
Unbreakable! Ha, famous last words of an overconfident cryptologist!
While I agree that a non-repeating key is the strongest form of encryption,
it is not neccessarily unbreakable, you have to look at how the key was
generated, are the numbers truly random or not? If you use your computer as
you have done in the sample code to generate the key then they are not
random but rather psuedo-random numbers. If that is the case, then the code
breaker can use knowledge of how the key was generated to help in decrypting
the data.
To be more secure, you should use a truly random source of random numbers,
such as measurements of radioactive decay.
-Glen
More information about the metacard
mailing list