Forgot your password?
typodupeerror

Totally Random One Time Pads 265

Posted by Zonk
from the random-is-as-random-does dept.
liliafan writes "Scientists in Japan have come up with a way of harnessing a truly random datasource for generating one time encryption pads: Quasars. One time encryption pads are widely accepted as being the most secure form of encryption, but this new technology from the National Institute of Information and Communications Technology makes the pads even more secure."
This discussion has been archived. No new comments can be posted.

Totally Random One Time Pads

Comments Filter:
  • Dupe (Score:5, Informative)

    by TheComputerMutt.ca (907022) * <jeremybanks@jeremybanks.ca> on Thursday March 30, 2006 @07:40PM (#15030727) Homepage Journal
    This is a dupe of almost the same story from the same source [slashdot.org].
    • Re:Dupe (Score:5, Funny)

      by suso (153703) * on Thursday March 30, 2006 @07:42PM (#15030749) Homepage Journal
      So its not truely a one time pad then.
    • Re:Dupe (Score:5, Funny)

      by koh (124962) on Thursday March 30, 2006 @07:46PM (#15030784) Journal
      This is a dupe of almost the same story from the same source.

      If you had read TFA, you would know they use Slashdot feeds as an entropy source for their one-time pads. They do report problems though, since during a recent test run they noticed 42% of their one-time pads were effectively equal...
    • Hack (Score:3, Interesting)

      by Catskul (323619) *
      It sounds like a great idea, but it might be easy to subvert. All I have to do is overwhelm the signal and get the target to use my (or null) one time pad, and I will be able to decrypt. Hell I can even make my one time pad *look* random, and they'd likely never notice. While I'm at it I can do it from a satellite and not have to get near their antenna.
      • I would hope they had protections against that sort of thing. But you do have a very interesting idea there, I wonder if it could be made to work.
      • Re:Hack (Score:3, Interesting)

        by hurfy (735314)
        How about not even replacing their signal.

        Could one jam/interfer with it enough if they had a rough idea of when? Sounds MUCH easier than pegging the millisecond to inject yours.

        Interfer enough so data is unusable, then they have to resend. Repeat as much as possible. Isn't having multiple versions of secret data floating around a bad thing?
    • Not only is it a dupe, the other story's still on the front page. Editors, edit thyselves!
    • by fm6 (162816)
      No it's not. The headline is different.
    • So you get to go home to a different apartment each night?

      Cool! But how do you move all your stuff from place to place?

      wbs.
  • Hmm... (Score:4, Funny)

    by fishybell (516991) <{fishybell} {at} {hotmail.com}> on Thursday March 30, 2006 @07:41PM (#15030738) Homepage Journal
    Where can I buy one of these new fangled quasars anyway?

    From what I hear, I'll probably be able to save on my heating bills too.

  • by Anonymous Coward on Thursday March 30, 2006 @07:41PM (#15030740)
    Women have had those forever...
  • by caffeinemessiah (918089) on Thursday March 30, 2006 @07:42PM (#15030747) Journal
    if this is ever widely accepted, it seems that the inevitable deluge of security researchers trying to find predictability in the patterns would be a beneficial thing. if one ever comes close to succeeding, sure your credit card details could be stolen, but we'd understand the universe a tiny little bit better...
    • Even worse, if a government agency, such as NASA, started monitoring and collecting vast amounts of data about every known quasar, then they could run through this history upon recieving an "encrypted" signal. (Depending on the factors, I think this could be done in polynomial time)

      Thus, even though the data is random, it still isn't secure.

      Yes, I know they want to add ciphers to it FTA, but that is snake oil on snake oil. And One time pads are very weak if the key isn't properly handled and generated.

      Good
    • I haven't read the article, but I'd be surprised if data from quasars truly had no patterns in them. I doubt this will ever be used extensively in cryptography though, because the one time pad is really difficult to implement. The key has to be as long as the message, and you can only use the key once, so in many cases you're better off just sending the message instead of the key if you have a secure way to exchange keys.
  • Isn't quartz technology currently being used for timing applications? :P
  • So what? (Score:4, Interesting)

    by rsw (70577) on Thursday March 30, 2006 @07:44PM (#15030763) Homepage
    Getting randomness isn't interesting. Thermal noise is truly random, perfectly white, and easy to generate---it's as hard as passing a current through a resistor. Want more noise power? Avalanche breakdown, with appropriate whitening, works fine.

    Unless they've come up with an interesting way for two people in disparate locations to observe the same quasar and both independently observe the same random phenomena in a way which reliably and securely gives them access to the pad with no communication channel between them, this just isn't interesting.

    -rsw
    • Re:So what? (Score:5, Informative)

      by homer_ca (144738) on Thursday March 30, 2006 @08:04PM (#15030883)
      Actually it's worse than that. From TFA:

      Each communicating party would only need to know which quasar to monitor and when to start in order to encrypt and decrypt a message.


      The name of the quasar and time to start monitoring are the cryptographic keys. That doesn't sound like a lot of bits in the keyspace.
      • Re:So what? (Score:5, Informative)

        by interiot (50685) on Thursday March 30, 2006 @08:20PM (#15030975) Homepage
        The name of the quasar and time to start monitoring are the cryptographic keys. That doesn't sound like a lot of bits in the keyspace.
        Yes, but it's more secure than other keys, because the only way to attack it is to steal the keys before the time that the quasar is monitored. If an attacker discovers the keys afterwards, the key is useless.

        Also, the keyspace is larger than you think... the article mentions that quasars have a very broad frequency spectrum. So, #quasars (that are visible to both) X monitoring-time-choices X monitoring-frequency-choices may result in a large-ish keyspace (or, at the very least, means that it may be physically extremely expensive to try to decrypt a message against all possible keys).

        • It would seem that if you intercept a set of keys that specify a certain quasar and a certain start time then you could establish a geographic region that encompassed both the sender and receiver.
        • Re:So what? (Score:2, Insightful)

          by homer_ca (144738)
          OK, even if the keyspace is pretty large, what you have now is a symmetrical cipher. You still have to distribute that key securely.
          • ... So you distribute that key via assymetric encryption, very soon before you send the actual message. That narrows the keyspace a bit, but means that if the attacker doesn't have the computing power to brute-force the assymetric encryption between the time that the key is sent, and the time that the quasar is monitored, that the attacker has failed.

            In other words, it makes it exceedingly difficult to brute-force, even for well-funded governments, so dedicated attackers will almost certainly use other

            • Re:So what? (Score:3, Insightful)

              by GlassHeart (579618)
              So you distribute that key via assymetric encryption, very soon before you send the actual message. That narrows the keyspace a bit, but means that if the attacker doesn't have the computing power to brute-force the assymetric encryption between the time that the key is sent, and the time that the quasar is monitored, that the attacker has failed.

              I start monitoring as many quasars as I can the moment I intercept the key message. That way, when I finally decode the key message I can also read the actual me

            • Though that's assuming that it's very expensive to record the wide-band transmissions of all quasars in the visible sky... is that true, or not?
        • Yes, but it's more secure than other keys, because the only way to attack it is to steal the keys before the time that the quasar is monitored. If an attacker discovers the keys afterwards, the key is useless.

          I don't get that. You could just record all quasars, then get a key and take a look into your archive and presto - there's the one-time pad of the other party. Right?
          • Re:So what? (Score:3, Insightful)

            by Kadin2048 (468275)
            Yep, pretty much.

            I actually thought that they were talking about using the data from quasars to generate one-time pads, which would then be distributed by conventional means. I didn't think they were actually proposing having two separate people observe the same quasar, to produce the "one-time" pad simultaneously. Unless you had a quasar that you knew nobody else knew about, and definitely wasn't monitoring, it seems like a pretty bad idea. Especially if the people you're trying to conceal information from
        • BUZZZ! Wrong! (Score:2, Interesting)

          by Anonymous Coward
          Agencies like the NSA will just monitor all quasars all the time. Given that the NSA already monitors (and records) communications transmissions (wireless mostly) 24/7/365.25, matching a quasar from the database with the appropriate signal start and stop would not be difficult to do. I'd say, not very secure a system really, because if the data is coming to or going from the U.S. the quasar would have to be visible in the same hemisphere as it's destination. You could not use this scheme to transmit data
      • Re:So what? (Score:2, Informative)

        by mal0rd (323126)
        This is not like other forms of encyption where the attacker to brute force by going through all the possible keys after the fact. With all the telescopes and camera on earth, we can only monitor about 2% of the visible sky. So a single cracker can't possibly record the data from every quasar all the time, or even a small percentage of them. So even though the keyspace is small, the attacker only gets to make a few gueses.

        Let's say the communicators choose the least secure method and publish the exact
      • homer_ca wrote:

        The name of the quasar and time to start monitoring are the cryptographic keys. That doesn't sound like a lot of bits in the keyspace.

        This was discussed the last time this article came 'round. You're right in your summary, but not in your assessment. The number of quasars, window of time to start monitoring, available bandwidth of random data from the quasars, etc., all make such attacks essentially impractical. Remember that shifting a one-time pad by even one bit renders the decrypt

        • Actually I have a correction to make myself. TFA says the quasar data is used to add randomness to a stream cipher like a salt. This sounds less and less like a one-time pad.
  • Lava Lamps (Score:2, Interesting)

    by NitsujTPU (19263)
    The coolest random number generator ever.

    http://www.lavarnd.org/ [lavarnd.org]
  • Xl6oUBY (Score:5, Funny)

    by Entropy (6967) on Thursday March 30, 2006 @07:44PM (#15030770)
    i147 F7b AIQzC9 7kXTA8TzJ Vl LcYxkN FXkCFA Ev4Lpwjk2 A0Jy7flvj phOlaTF 3S Z0uPk kP 5RKMkQ 5U5oZPW FzA f rj4FB 4vrI ZWr dovA6W l CS6
    • Re:Xl6oUBY (Score:3, Insightful)

      by Tackhead (54550)
      > i147 F7b AIQzC9 7kXTA8TzJ Vl LcYxkN FXkCFA Ev4Lpwjk2 A0Jy7flvj phOlaTF 3S Z0uPk kP 5RKMkQ 5U5oZPW FzA f rj4FB 4vrI ZWr dovA6W l CS6

      "'Impossible to predict', my 4vrI, you insensitive CS6!"

      You forgot that the LcYxkN (who live in the disc, at a 90-degree angle from the jet of 3C273, and who escaped the blast) have developed faster-than-light communication.

    • Re:Xl6oUBY (Score:5, Funny)

      by Guppy06 (410832) on Thursday March 30, 2006 @08:29PM (#15031027)
      Mom, hang up the phone! I'm trying to play VGA Planets!
    • You kept that username all this time just to make that post, didn't you?
  • by argoff (142580) on Thursday March 30, 2006 @07:46PM (#15030780)
    I imagine someone who wanted to could buy enough equiptment to record all known quasar emmissions and store them
    or try them against encrypted data streams. A million quasars with 5000 possible frequencies each, wouldn't be that
    much for a computer to churn thru. In a way, it almost seems like security thru obscurity.
    • And of course, you need to work out the exact moment the observation starts at. An offset of even a single bit will give you nonsense, that's the idea behind the pad. The keyspace offered by a million quasars, 5000 possible frequencies, and an almost arbitrarily fine time sampling is pretty vast.
      • by kingkade (584184) on Thursday March 30, 2006 @08:36PM (#15031064)
        The keyspace offered by a million quasars, 5000 possible frequencies, and an almost arbitrarily fine time sampling is pretty vast.

        The point is how do you get those parameters to the other party secretly? This is the same problem as giving them a one-time pad generated any random way. I think the point is that you can get randomness but the previous problem will always exist.
    • > I imagine someone who wanted to could buy enough equiptment to record all known quasar emmissions and store them

      Bruce Schneier's blog is having an interesting discussion about this. The key question that's floating to the top is exactly the one you zeroed in on.

      What if there aren't enough radio telescopes in the world to tape all the quasars in the sky? In that case, the "quasar encryption" scheme may actually be workable. Then even an opponent with infinite computing resources is stuck. Eve the eavesd
      • The USA counterespionage group was happy to decode just a small percentage of soviet OTP transmissions in project venona [wikipedia.org]. The fact that the source of your OTP is public is a huge hole in the presumption of the OTP system actually being secure. Even if your enemy can only intercept 1% of your quasar transmissions, you could be in trouble -- especially if you presume that the OTP is secure enough to tell your other half the time and location of the quasar to listen to for the next pad... At that point your
  • Actual advancement (Score:5, Insightful)

    by flooey (695860) on Thursday March 30, 2006 @07:47PM (#15030789)
    The summary for this article is a little misleading. One time pads aren't new, and good sources of natural randomness aren't new either.

    The interesting part of this article is the fact that quasars could be used as a natural source of randomness for one time pads, yet can be accessed by both parties simultaneously. The historical problem with one time pads (and the reason they're rarely used in practice) is that it's a huge pain to distibute sufficient random data to all parties involved in a communication. Being able to use a natural source of randomness that's available to everyone at once would be a major increase in the usability of one time pads.
    • Being able to use a natural source of randomness that's available to everyone at once would be a major increase in the usability of one time pads.

      Including Eve ;)

      Sorry inside Alice and Bob [wikipedia.org] encryption humor.
  • So, the quasar is effectively transmitting the decryption key. Great! -- Now all you need to do is prevent everyone in the world except your intended recipient from seeing it.
    • Re:almost there (Score:3, Informative)

      by PitaBred (632671)
      Naah. Just prevent everyone except the intended recipient from knowing when you're recording it for the OTP. Much easier problem.
  • Finally! (Score:5, Funny)

    by loconet (415875) on Thursday March 30, 2006 @07:48PM (#15030801) Homepage
    ...harnessing a truly random datasource

    Wow, they finally managed to tap into my girlfriend's mood neurons?
     
  • by Zadaz (950521) on Thursday March 30, 2006 @07:50PM (#15030810)
    How does this increase security? It's not like quasars are private property. Anyone can look at 'em...
  • by brian0918 (638904) <brian0918@g m a i l .com> on Thursday March 30, 2006 @07:52PM (#15030817)
    How is this more secure than one-time pads? Whereas only the two parties involved have access to one-time pads, everyone has access to quasar radiation. The two users still have to tell eachother where to look and when, and that information is all someone would need to crack the message. The only way it could be more secure is if the coordinates are only available on one-time pads, in which case you're basically saying that code breakers have to go out and buy an antenna....
  • That's not randomness at all. It only seems random because they don't have a model currently to describe quasar behavior. Thus, they're confusing randomness with unpredictability - just because one can't predict what will happen in the next n instances doesn't make it random. What's to say some brilliant scientist won't come along in the near future with a model predicting quasar behavior?
    • That's not randomness at all. It only seems random
      An interesting assertion, but without any backing evidence.
      they're confusing randomness with unpredictability
      There isn't any particularly better definition of randomness than "unpredicability". Some things are more unpredicable than others. Some things can even be proven to be unpredictable; for instance, the Blum-Blum-Shub PRNG has been proven to be unpredictable if you don't have a copy of its internal state, because it is mathematically intractable to derive the state from the output.

      It seems unlikely that it will become possible to predict the behavior of quasars as you suggest; we can't even accurately predict the weather on earth, which is a much smaller system than a quasar. For that matter, we can't predict the detailed behavior of a lava lamp, making that a reasonable source of random numbers (but patented!).

      • Some things can even be proven to be unpredictable; for instance, the Blum-Blum-Shub PRNG has been proven to be unpredictable if you don't have a copy of its internal state, because it is mathematically intractable to derive the state from the output.

        Not quite true: it's been proven that telling apart the bits output by a BBS PRNG from truly random bits is at least as difficult as integer factorisation. Of course, that's still better than most other PRNGs, and generally good enough.

      • by howlingfrog (211151) <ajmkenyon2002&yahoo,com> on Friday March 31, 2006 @03:09AM (#15032275) Homepage Journal

        There isn't any particularly better definition of randomness than "unpredicability".

        That's true not just as a rule of thumb, but in a more formal sense as well. The word "random" is pretty hard to come up with a mathematically formal definition for, and "pretty hard" may mean "impossible" depending on your definition of "definition" (more on that later). To make things simple, let's just talk about sequences of ones and zeros. Take for example the sequence 01101110010111011110001001101010111100110111101111 ... Definitions of randomness from statistics and probability just require a potentially random sequence to have all possible subsequences of a given length appear with the same frequency. That is, 0 appears exactly as often as 1; 00 appears exactly as often as 01, 10, and 11; 000 as often as 001, 010, 011, 100, 101, 110, and 111; and so on. The sequence I gave above passes those tests with flying colors. But it's not random at all. I'll put some spaces in it, and you'll see the pattern: 0 1 10 11 100 101 110 111 1000 1001 1010 1011 1100 1101 1110 1111... It's simply counting in binary. The longer you extend the sequence, the better it does in statistical randomness tests--the first few dozen bits have a pretty strong bias for 1 over 0, but that ends up as noise in the long run.

        The relatively young field of information theory introduces the concept of "algorithmic randomness." The randomness of a sequence of bits is defined to be the length of the shortest Universal Turing Machine program which ouputs that sequence. In pseudocode, our example sequence is output by the program:

        let i = 0
        while (true) do
        output i
        let i = i + 1
        end while

        That's a comically short program to generate an arbitrarily long sequence. So the example fails tests for algorithmic randomness miserably. The fun part is that the problem of finding the shortest UTM program to generate a given sequence is provably intractable. Thanks to the the Halting Problem [wolfram.com], you can't always tell if a given UTM program will halt or loop infinitely. All you could ever know is whether or not the program has output the desired sequence yet--if it's still running, it may do so eventually and then halt, it may output something else and then halt, or it may keep running forever. So algorithmic randomness plugs the holes in statistical randomness by trading an unreliably solvable problem for a reliably unsolvable one. You can't ever be sure a sequence is random, but you can sometimes be sure it isn't.

        I got off on a bit of a tangent there about information theory, but my point is that algorithmic randomness captures what we mean by "random" much better than statistical randomness. And algorithmic randomness is just a mathematically formal way of saying "unpredictable."

    • That's not randomness at all. It only seems random because they don't have a model currently to describe quasar behavior.

      You're not hungry, you just think you're hungry.

      Seriously, given an accurate model of how it's generated, nothing is random. Randomness is totally subjective. Nothing is ever truly random.

    • Ever heard of chaos theory? I wonder what happens when the initial conditions in a chaotic system map straight onto something governed by Heisenberg's Uncertainty Principle. Would you call THAT random?
  • Mothership, phaser/plasma/gamma/mind-control rays, incubating larvae, tastes good with ketchup (catsup, whatever), and all that...

    Oh, and "They've got our codes!"

    Sigh. When will Earth ever learn?
  • There are plenty of sources closer to us that require less bells of whistles. Thermal (amplifier) noise [comscire.com]? Radioactive decay [fourmilab.ch]?

    Read. [random.org]
  • or IPKI (Score:3, Funny)

    by gadzook33 (740455) on Thursday March 30, 2006 @07:55PM (#15030839)
    Intergalactic Public Key Infrastructure
  • I've got a random number generator in my wallet.

    Just flip a coin.

    This article and research is utterly useless and therefor logicaly patented.
  • Trouble is, is if you have a secure method for getting the copy of the one time pad to the other person, you might as well have sent the thing you're encrypting. (Unless you do it in advance, and store it completely securely, and destroy it the moment it is used. And it's not much use for network traffic - a 650MB CD of random data lasts only minutes on a 10Mbit link. And you cannot reuse it without seriously compromising the security of the encryption).
    • You're missing the point -- it solves the OTP distribution problem, because once a specific quasar and time period is known, the OTP can be generated simultaneously by all participants. Of course, this would be possible with almost any astronomical source of random data, not just quasars. Once all the partipants know which quasar to use and how to use it, there is a virtually infinite source of OTP random bits.
    • Then problem with a one time pad is that you need to transmit a phenomenal amount of data. The pad size must be equal to the length of the message multiplied by the number of different characters in your character set. One solution to this is to generate the pads algorithmically, using a true random source as your input. If you record the random source, then both parties can generate the same pads. This means that you can transmit a slightly smaller amount of data for the pads.

      The advantage of this app

  • What's so bad with using the randomly fluctuating voltage in a wire or the current in a conducting loop as a source of random data. This could be implemented as part of an integrated circuit and could cost a fraction of a cent per copy.

    If you need protection against willful interference, put a faraday cage around it, which is not hard at all to do using lithography.

    An added advantage is that random bits can be generated by the billions per second, and is limited only by the sampling rate of the voltmeter.
    • There is only one problem with that, but it is fundamental and fatal.

      To be useful for communication, the data source needs to be observable by both the sender and the reciever. And if the spy on continent A is to be able to use it to send data to their employer on continent B, the wire would have to be span both continents, and have to be pretty conspicous to work...

      Astronomical observations is a clever way to find a shared data source visible from anywhere on the planet.
  • Oh no. Not again. (Score:2, Insightful)

    by hhr (909621)
    One Time Pads may be the most secure form of encryption, but they are *not* the most secure way to protect your secrets.

    Time and time again, security breaks down because of the way people treat their keys, not because the encryption algorithm is week.

    With a one time pad, you need to keep a copy of the pad with everyone who wants access to the data. Compare that to Public Key Crypto where you can keep your private key in one secure spot and distribute your public key widely.

    Or how about session keys (Diffie
    • With a one time pad, you need to keep a copy of the pad with everyone who wants access to the data.

      Not really - all you need is two one-time pads. One to send, and one to receive.

      The intent of One-time pads is to prevent the decoding of the message when it is intercepted. Once it reaches the destination, you can decrypt the message into a usable format and use your own security system that could be cracked more easily (but requires having better access). It is not intended to be a mass dissemmination sy

  • by ChePibe (882378) on Thursday March 30, 2006 @08:16PM (#15030949)
    Some here may not be familiar with the uses of an OTP, so here's a common use:

    In order for an intelligence agency to communicate with an asset overseas, spy agencies must often use methods of communication that cannot be easily traced (duh). Passing a message along via e-mail, phone, or a one-to-one meeting can easily be tracked, creating lots of problems for everyone in the loop.

    Therefore, many intelligence agencies did (and still) use OTPs and "Numbers Stations" - shortwave radio stations that blast out a seemingly senseless series of numbers at regular intervals and frequencies. This method gets messages and instructions to your assets without betraying who the recipient of the message is.

    The beauty is that the asset only needs a cheap, readily available shortwave radio and a OTP, which can be concealed in virtually anything (some were created that could even be affixed to the back of stamps, others were hidden in toothpaste tubes, etc. The agent then responds with a seemingly inocuous method, a "wrong number code", a mark on a wall near where an intelligence officer drives, etc.

    The problem, of course, rests in getting OTPs to the asset and ensuring they aren't compromised. But, assuming they are passed and handled securely, there's no problem at all.

    More information on Wikipedia [wikipedia.org]

  • Keyspace (Score:3, Informative)

    by Erich (151) on Thursday March 30, 2006 @08:20PM (#15030976) Homepage Journal
    There are relatively few quasars that are observable. Probably a lot fewer that are observable at the same time by two locations, if the two locations are geographically diverse. It is possible for a third party to monitor these discrete locations. Noise would be different to the two observation locations, which could be overcome using sufficient error coding in the plaintext at of course the loss of plaintext entropy, making it easier for a third party with perhaps a noisier signal (due to being slightly out-of-bound, etc) to obtain the plaintext.

    The fundimental problem is that the data is not fully random -- it is mostly deterministic based on the key of what quasar, what frequency and bandwidth, and what time. So an outside person could recover the plaintext by obtaining the observable behavior and trying all keys, or if the outside person could somehow obtain the key.

    This is a very similar situation to a "good" pseudorandom number generator. You can transmit the seed for the pseudorandom number generator and generate a one-time pad from the pseudorandom number generator. I guess the difference is that quasar behavior is not observable after the fact, but if it is feasable for the data to be logged then they reduce to similar solutions: find all the pads within the keyspace, xor with the cipher text, and watch for the entropy to drop or visibility of known plaintext.

    • There are relatively few quasars that are observable.


      I suppose you're right, if by "relatively few" you mean "200,000 and counting".
  • Not so secure... (Score:2, Insightful)

    by jamesivie (805019)
    If the party trying to decrypt your message knows that your "random" data comes from a quasar, they could just monitor the quasar themselves and crack the data pretty quickly (faster than brute force). Cryptography relies on the random data being secret, and this isn't secret at all unless your trying to hide your conversation from someone whose planet can't view the quasar you're using.
  • Spiffy, but not news (Score:5, Informative)

    by Syberghost (10557) <.moc.tsohgrebys. .ta. .tsohgrebys.> on Thursday March 30, 2006 @08:35PM (#15031058) Homepage
    This is a Vernam Cipher [wikipedia.org] with a novel but impractical noise source. It was news when Vernam invented it in 1917, and maybe again in 1919 when he patented it, but this version solves an already-solved problem in a manner that would sound really good if Lt. Colonel Carter suggested it on SG-1, but otherwise is inferior to existing solutions to the same problem.

    Nothing to see here, folks; move along.
  • ...out in the field trying to point his 100ft wide dish at the right quasar while hiding behind a tree so that nobody else can see what he's pointing it at.

    I think this should get some kind of award for dumbest invention ever.

  • most what? (Score:3, Informative)

    by eddeye (85134) on Thursday March 30, 2006 @08:41PM (#15031092)

    "One time encryption pads are widely accepted as being the most secure form of encryption..."

    Only for very limited definitions of secure. You have to produce the pads. You have to distribute the pads. You have to synchronize the pads. You have to dispose of the pads. All these steps are tedious and error-prone, and a chink in any of them destroys your supposed "perfect" security.

    Now if you said "OTP are the most algorithmically secure pads under ideal conditions", then I'd buy it. Otherwise, there's a reason only well-funded governments use these things. Ask the Soviets how well it worked for them.

  • I'll be damned. Who'd have thunk that those crappy old TVs would be of use for anything anymore?
  • One that doesn't require a telescope: http://www.lavarnd.org/ [lavarnd.org]
  • Using the quasars live seems a little flakey. If you're even *one* bit off... That's sort of the point with a good random pattern. It won't correlate with anything but itself. But I can seem them using quasars to generate the typical tapes or digital pad files.
  • i did not know they shrank quasars onto chips yet

    one would think there are plenty of other random noise sources, but hey, why not go for the most exotic possible source imaginable?
  • This sounds like a horrible way to generate a one time pad to me. A quick Googling indicates that there are about 12000 quasars. You need to pick a quasar obersvable at the same time by both parties, so that will cut the number down to around 6000, best case. Given a message, an attacker who merely knows what day the message was sent on only has to consider 86400 seconds/day * 1000000 possible_start_times/second * 6000 possible_keys/possible_start_time, which is less than 2^49 possible_keys/day. So, with
  • Maybe I'm stupid here, but if both parties have to be looking at the quasar at the same time, what happens if Party A is located in North America while Party B is located in India, and they attempt to communicate at 12PM? Only one party is going to have the quasar in their sky at a time!
  • Seems doomed (Score:3, Insightful)

    by mattr (78516) <mattr AT telebody DOT com> on Thursday March 30, 2006 @10:40PM (#15031598) Homepage Journal
    The idea of making a one time pad out of a universally available information resource just seems real silly. It may be the easiest, highest volume, highest quality source of random data, but we have already in the past see ideas like large key space and computational complexity fall to one advance or another. It strikes me that even if there are 80,000 sources in the sky, that can be narrowed down quite a bit if you just look at the direction they are pointing their radio telescopes. Or are they using some secret hidden radio telescopes to capture quasar data? There may be some small ones but I think most are really, really big. You could probably tell the angle they are pointed at from a satellite. Also, if this encryption method gets used a lot you have to expect that more information about the route the data takes gets known. It seems to me there are a more limited number of radio telescopes with this system installed than there are say labs with a more traditional random data generator.
  • #6 ... (Score:3, Informative)

    by Schraegstrichpunkt (931443) on Thursday March 30, 2006 @10:55PM (#15031647) Homepage
    ... on the list of snake-oil warning signs [schneier.com].

It is not for me to attempt to fathom the inscrutable workings of Providence. -- The Earl of Birkenhead

Working...