Decrypting GPG/PGP email messages

Paul Rubin http
Sat Sep 3 21:18:57 CEST 2005


Alessandro Bottoni <alessandro.bottoni at infinito.it> writes:
> I'm going to use my own implementation of OTP because the existing
> mechanism are devoted to protect the remote login channel and cannot
> be easily adapted to my weird e-mail-based mechanism. Anyway, I'm
> going to use a (encrypted) very long pseudo-random alpha-numeric
> sequence as a OTP so it should be quite safe.

Be very careful.  You have to really know what you're doing to have
any chance of implementing something like this securely.  See the book
"Practical Cryptography" by Schneier and Ferguson.  You're much better
off using GPG/PGP if you can.



More information about the Python-list mailing list