Hacker News new | past | comments | ask | show | jobs | submit login

Then it’s not an oracle of OTP, but an oracle of a single-key XOR.

If an encryption scheme cannot have an oracle by definition, then it automatically passes all tests which requires the attacker to access an oracle.

Just like my wooden pencil is not vulnerable to stack overflow attacks.




Any encryption scheme may have an oracle by definition of oracle. You’re (possibly intentionally) changing the situation by refusing to allow OTP to be an actual encryption scheme.

Here is a blog post that summarizes some facts about Vernan’s OTP as it is defined in cryptography: https://wiki.soimort.org/crypto/one-time-pad/

Regardless, this is a silly discussion with nothing to be gained by me.


Well, my bad to have wasted your time with a silly discussion, then. I find it neither silly nor gain-less. I'm sorry that you feel differently.


I meant that it’s all pretty trivial business, focusing on the technicalities of what oracle is used in what security experiment.

Although if you were previously unfamiliar with the definitions at play I apologize for calling an informative discussion gain-less.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: