Hacker News new | past | comments | ask | show | jobs | submit login

I don't understand how this is practical. If you have a highly secure mechanism for distributing the ultimate secret - one-time-pads - why not just distribute the messages in this way?

Is it just the fact that it would take two trips for the courier? Or that someone would need to intercept both communications (pad, ciphertext)?




A big benefit is that you can time-shift the distribution of the secret - you can distribute the one-time pad when it's convenient (e.g. when your submarine is at a home port) and be able to send secure messages over insecure channels at any future time.


Yes, this is essentially half the basis for cryptography, of which the one-time pad is one particularly rigid form. If Alice and Bob wish to communicate, they can do so by first verifying each other in person, or with a trusted courier, and from then on can communicate remotely. Alternatively, they can use public-key cryptography to communicate remotely and securely over an insecure channel without requiring face to face contact or a trusted courier.


An important note: public key cryptography allows secure communication over insecure channels, where an adversary only has the ability to listen in, but not over untrusted channels, where an adversary can actively intercept messages and edit them.

The internet is an untrusted medium, since packet switching requires packets to travel through routers that can edit them at will. (The fabled man in the middle attack) This is the whole point of the certificate issuer public-key infrastructure, where issuer public keys are included in your OS's installation files, a secure communication channel. (If you can't trust your OS, you of course can't trust any communication made with it to be secure anyway)


That's a good note - more succinctly, the key exchange can provide confidentiality, but not authentication.


It's not practical for most cases, but the few very very high-security ones. The pads are distributed beforehand, stored securely and used when a message encrypted to them comes in. So it's just that the message can have OTP security while not taking the time of a courier trip and can be just sent on other somewhat insecure channel.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: