RE: Cryptography

Subject: RE: Cryptography
From: "Donald H White" <dwhite -at- jrtcllc -dot- com>
To: "'David Neeley'" <dbneeley -at- gmail -dot- com>, <techwr-l -at- lists -dot- techwr-l -dot- com>
Date: Fri, 23 Oct 2009 10:40:27 -0400

One-time pad cryptography has been around since the art & science of
cryptography began. One problem with the one-time pad is that, in the "olde"
days, the pads had to be printed and distributed to all who were authorized
to use them. Since each pad is used but once, it's impossible to predict how
many pads will be used per day, or per transmission channel. So, the use of
one-time pad cryptography was necessarily restricted to the most sensitive
strategic communications. The traffic volume of such channels would be much
less than with tactical communication and compromise of such communications
would be most catastrophic.

In other words, the cryptologic value in breaking a message that tells Jane
or Joe to pitch a product to company "X" is much less harmful than the
compromise of the production or marketing plans for the product.

One problem with using one-time pad cryptography to encrypt the folders and
files on a computer is the overhead: each time the computer is used by an
authorized person, the pad has to change and re-encryption must occur.
Similarly, each time a folder or file is opened by an authorized person,
that content must be re-encrypted by the operating system. The security
kernal then has to delete - completely - the expired pad. The possibilities
for machine error are great; the contents of your computer might become
over-encrypted or super-encrypted so that the OC couldn't open them again.
If that happens, you're SOL. There's also the matter of processing power and
memory needed to efficiently perform all of the
encryption-decryption-reencryption routines per file per folder that result
from use. Throw into that the ability of allowing others to access specified
folders & files across a LAN or WAN...It's not impossible, but it is

RSA and PGP delivered secure communication and cryptography to everyone,
beginning in the early 1990s. These are based, of course, on the public
key/private key concept and are very strong. PGP, in particular, is so
strong that the federal government attempted to prosecute Phil Zimmerman,
creator of PGP, for distributing it across the Internet without a license.
(The government classified PGP as a "munition" because its key stream was
greater than 40 bits.) The story of this case is very interesting and often
humorous, but the bottom line is that Zimmerman wasn't prosecuted and PGP is
available anywhere to anyone. It has changed a lot since 1991, of course.

If an operating system like Ubuntu does this without requiring licensees to
use restrictive applications, such as a unique e-mail app that few have,
then that's great news for businesses and individuals.


Donald H. White
James River Technical Communications


Free Software Documentation Project Web Cast: Covers developing Table of
Contents, Context IDs, and Index, as well as Doc-To-Help
2009 tips, tricks, and best practices.

Help & Manual 5: The complete help authoring tool for individual
authors and teams. Professional power, intuitive interface. Write
once, publish to 8 formats. Multi-user authoring and version control!

You are currently subscribed to TECHWR-L as archive -at- web -dot- techwr-l -dot- com -dot-

To unsubscribe send a blank email to
techwr-l-unsubscribe -at- lists -dot- techwr-l -dot- com
or visit

To subscribe, send a blank email to techwr-l-join -at- lists -dot- techwr-l -dot- com

Send administrative questions to admin -at- techwr-l -dot- com -dot- Visit for more resources and info.

Please move off-topic discussions to the Chat list, at:


Cryptography: From: David Neeley

Previous by Author: Re: Web site programs
Next by Author: RE: Recommended web site programs
Previous by Thread: Cryptography
Next by Thread: Re: Cryptography

What this post helpful? Share it with friends and colleagues:

Sponsored Ads