Forwarding Address: OS X

Monday, March 03, 2003

Kip Knight of Prism Research has responded to my criticism of Perfect Encryption, his software encryption suite (see a couple of posts below). As promised, his response verbatim:
Hit me hard and heavy! Yes, I do have the credentials and knowledge of encryption (Ph.D. candidate). Yes, I realize I'm stepping on 90 year-old theories. Yes, I realize I'm putting the cart before the horse. I'm trying to balance the Catch-22 problem of not trusting a hidden algorithm while hiding a very powerful algorithm from all those terrorist groups floating the Internet. Let me explain some of the properties of my Many-Time Pad (MTP) algorithm.

MTP has the same key management issues as the OTP. That is, the key must be at least as big as the plaintext. The 32MB was arbitrary for the average user. A command-line tool is provided that can create a key of any size (< 4 Exabytes). In MTP's case the key must be at least 257 bytes longer than the plaintext for the math to work.

If the OTP key is reused, the plaintext is wholly compromised. If the MTP key is reused, the risk is highly diminished. The key can be used for "many times", not forever. For MTP, the probability of finding the entire key when the plaintext and the ciphertext are known equals the probability of finding the key without any a-priori knowledge. That is the only probability law the Many-Time Pad has overcome and that the OTP fails. If two sets of plaintext/ciphertext pairs are stolen, a small amount of information (as of yet undetermined) about the key is obtained. Eventually, if enough pairs are stolen, enough about the key is found to make it compromised.

So, the MTP has only one advantage over the OTP, that is reuse of the key for "many times".

I know, I haven't divulged the algorithm yet. The BIS has given me a 30 day review (took 2 months) which allows the mass market product for export under ECCN 5D992. The agreement does not allow the algorithm to be stated on the Web. The agreement does not allow me to provide source code on the Web. I'm going to take the responsible high road and comply with the spirit of the international Wassenaar agreement to not give terrorists any sensitive technology. Disclosure of the algorithm will be given to those purchasers that do not originate from terrorist labeled countries. Slam me if you must but the algorithm can be dealt with however their conscience feels when they purchase the product from me. Except for Sudan, Libya, Iraq, North Korea, ...

Kip Knight
Prism Research

That doesn't really address my concerns so I hope that when Kip feels he's able to divulge more information he will. Discuss