Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] OneTime 2.0 (beta): one-time pad system.

Karl Fogel kfogel at red-bean.com
Tue Jul 30 11:15:15 PDT 2013


Andy Isaacson <adi at hexapodia.org> writes:
>> OneTime 2.0-beta is ready for review and testing, as threatened [1].  See
>> 
>>   http://red-bean.com/onetime/
>
>At a quick glance, it appears you have not added any message
>authenticity to the system, correct?  Do you have any thoughts on how to
>add tamper resistance to onetime?

Well, I figured the pad is the authentication.  If the message decrypts
at all, then the person who sent it to you must have the pad you expect
them to have, so they must be the person you think they are :-).

(Or did you mean something else, like message integrity?)

When decryption fails, one sees an error like: "DecodingError: unable to
decode (wrong pad?)".  There's a regression test for this, by the way.

Best,
-K



More information about the liberationtech mailing list