Quote:
So how would you address the problem of key management, i.e., how should the sequence of characters be chosen and not reused?
Take some text, unrelated to the message, 8X the message length. Generate a key. Throw the key generating text away.
Quote:
Relying on the human opens up the possibility of human related predictability, e.g., humans might tend to quote Shakespeare.
Yes, they might also do this "asdf asdf asdf" on purpose -- again, the stupid possible case is just that. It would be handy for key management in this sense -- you could just use a specific point in a specific available text (a certain bible edition, eg). As long as that is secret, there will be no guessing the key. You don't even need to keep the "actual" key, you just need to know those details.
Quote:
Imagine the following algorithm:
For each possible string of characters (2^(8*n) possibilities, where n is the number of encrypted characters), apply your algorithm to convert this to a key. Then using this key, decrypt the text. If the decrypted text and the initial string of characters both were sensible in some way, we cracked the code.
Agreed that this would work? It's a slow algorithm, 2^(8*n) tries.
Yes. It is more than slow, I am afraid. A 140 character twitter message would be 2^1120. You may think that is not such a big number, but you are wrong -- neither of us even knows a word describing this number, and probably you do not have any hardware or software available to you right now to tell you just how big a number that is.