One Time Pads

From CryptoDox, The Online Encyclopedia on Cryptography and Information Security

Jump to: navigation, search

When encryption security is of the upmost importance, various parties will utilize the one-time pad. It insures that any intercepted messages are useless, since the information used to "scramble" or encrypt the data is no longer used.

The one-time pad often includes one for a sender and one for the recipient of the ciphertext. Depending upon the software or method used in encryption-decryption, these two pads may be completely different. Think of it as a small paper notepad full of pages. Each page contains the data needed to decipher an encrypted message. By using the page number for reference, the correct sheet is then used and discarded. In the earlier days, pads were manually used, with these books being dispersed throughout to the various expected users.

With the advent of computers and ease of creating the pads, thousands upon thousands of pages are created and distributed on external media like floppy diskettes, zip drives, CD- or DVD-ROM's and flash memory. Instead of just refering to a page or pad number, the reference could also be which disk to use.

Originally, various algorithms were used to generate the data needed for this system. By using computers, it's almost universally agreed that these are psuedo-random numbers. This was used until it was discovered that the decay of radioactive elements is totally random. This data was metered and recorded for use in generating the one-time pads that are now used by the more sophisticated systems today.

The one-time pad is also sometimes known as the Vernam cipher, after Gilbert Vernam. Vernam's system was a cipher that combined a message with a key read from paper tape. In its original form, Vernam's system was not theoretically unbreakable — this came only later when Joseph Mauborgne recognized that the key tape needs to be completely random. Because of this, the term "Vernam cipher" is also sometimes used to describe any scheme where the plaintext is combined with the key symbol by symbol; that is, an additive stream cipher, even if it is not theoretically unbreakable.

Claude Shannon showed that the one-time pad has a property known as perfect secrecy: the ciphertext gives absolutely no additional information about the plaintext. That is, the a priori probability of a plaintext message M is the same as the a posteriori probability of a plaintext message M given the corresponding ciphertext. And in fact all plaintexts are equally probable.


Why Are One-Time Pads Perfectly Secure?

If the key is truly random, a one-time pad cipher is perfectly secure against ciphertext-only cryptanalysis. This means an attacker can't compute the plaintext from the ciphertext without knowlege of the key, even via a brute force search of the space of all keys! Trying all possible keys does not help, because all possible plaintexts are equally likely decryptions of the ciphertext.

Kinds of ciphers used with a one-time pad

  • XOR
  • Modulo-addition


External Links