It's splitting hairs to make a distinction, but a cipher has an intended recipient and potential eavesdroppers, whereas a puzzle has no known recipient other than the potential eavesdroppers.
A good cipher has to be readable by the intended recipient, and not by eavesdroppers, whereas a good puzzle cannot be impossible to crack.
In that sense, DRM is a sort of anti-puzzle, as the intended recipients are treated as the eavesdroppers, instead of the other way around.
Interestingly a one time pad may be crackable. Its theoretical uncrackability is only true if a truly random number generator is used. Most cryptography is fine with urandom but a one time pad requires using something like radioactive decay to generate your pad.
This is one reason (among many) why it's impractical for most crypto purposes.
Assuming a flawless CSRNG, 128 bits of entropy is more than enough to withstand current attack power. It's hard to predict the future -- quantum computers employing Grover's algorithm could conceivably have 2x or more attack power per unit energy -- but 256 bits should be adequate for a long time.
It's fine to use low-grade sources of entropy like timestamps as long as we have enough of it. I might only generate a few bits of actual entropy per second when I move my mouse in somewhat predictable arcs, but if I keep at it for a while, I'll generate 256 bits of entropy eventually.
Right, but his point is that you're not really talking about an OTP anymore, but rather a stream cipher that's as strong as the RNG. It will situationally be quite secure, but not the theoretical unbreakability of an OTP.
I would expect that the message was sent by Willaim after he died to people who knew him. A sort of inside joke, that people like me, seeing his tombstone would completely miss.
That said, I could see one making the case that it is steganography.
I don't think 'good' and 'bad' really come into play, a caesar cipher is still a caesar cipher even if it is pretty easy to crack. But when you see it, it doesn't look like something else.
Ideally, it should be "cryptographically" difficult to distinguish a steganographically-encoded message from an ordinary (noisy) encoding. The comparison between these kinds of cryptograms and steganography does about as much violence to the concept of steganography as it does to the concept of cryptography.
A good cipher has to be readable by the intended recipient, and not by eavesdroppers, whereas a good puzzle cannot be impossible to crack.
In that sense, DRM is a sort of anti-puzzle, as the intended recipients are treated as the eavesdroppers, instead of the other way around.