|
|
|
|
|
|
by eru
1932 days ago
|
|
|
About 1: the peers don't have to communicate in advance. They can just both do random sampling, and later on only use the overlap. That wastes a lot of bits, but requires no up-front communication. About 2: obviously you wouldn't just use straight one-time pad, but use the random bits to arrive at a shared key. With made up numbers: both parties sample randomly until they have eg 10k bits in common, then hash that down to eg 256 bits they need for a shared key. If they use a decent hashing scheme, the only requirement for its security is that they share at least about 256 bits that the attacker has not seen. (It doesn't matter how many common bits the attacker has seen, only how many Eve hasn't seen.) |
|
|