A One-Time Pad (often abbreviated OTP) is a process/algorithm for encryption. One of the earliest forms of a One-Time Pad used the Vigenère Square with a random key that is as long as the plaintext message being encrypted. The key is chosen in this way to avoid any repetition of the key or within the key that may provide a cryptanalyst a hint to crack it. Repetition is the secret to Breaking the Vigenère Square.

Is the One-time Pad truly unbreakable? Yes and no. You can brute force it and decrypt the message for every possible key of the same length as the message. But you are then left with every possible message that is of the same length. Which one is the real one? There is no way to tell. Even if you know a word that will be in the message and even if you know exactly where it is in the message then you are still left with every possible message that has that word in that place. You really haven't learned anything, because you already knew that word. So it is effectively unbreakable because of all the possible false decryptions.

"Wow", you say, "then why doesn't everybody use it?" There are many problems related to the One-time Pad. It suffers from problems of key generation, key distribution, and insuring keys are not reused. First you have to generate a key of random letters (or whatever is in the cipher alphabet) that is at least the length of the message to be decrypted. This is an expensive process and true random-ness is difficult to obtain. Next you have to get everybody that needs to decrypt your messages the keys and you have to make sure everybody is using the same key at the same time. Finally you have to make sure keys are never reused. Because if you reuse a key you've made the codebreakers job much easier.

Because of these problems One-time pads are very susceptable to social engineering and espionage to obtain the keys rather then breaking the cipher.

Most implementation of a One-Time Pad in computers use XOR on the bits instead of the Vigenère Square on the characters. The same principles still apply because I think the Vigenère Square works as a sort of alphabetical XOR. For another version, which was used during WWII, see One Time Pad.

Part of the World War II Cryptographic Simulation

Our primary system uses what are called 'One-Time Pads'. These pads are covered with random numbers which are then used in sequence to encipher each letter of the message. This means that the only way to decipher a message is to have the same one-time pad that was used to encipher it. Unlike the rotor machines used by virtually every other country in this war, there is no pattern behind these sheets; one-time pads are completely random. Thus, there is no way to 'crack' them.

A typical one-time pad looks something like this:

053 786 423 156 023 786 985 746 121 159 678 423 086

945 621 478 215 046 478 954 761 554 448 897 810 065

544 555 648 729 354 687 912 405 005 761 917 734 610

and so on. Each number is then used as the base for an alphabet. For example, the word THAT could be enciphered like this:

THAT written as numbers is 20 7 1 20.

I then look at the first 4 numbers on my pad, and add them to my message.

053 + 20 = 73
786 + 7 = 793
423 + 1 = 424
156 + 20 = 176

To complicate things we sometimes use non-carrying addition. We also might place a different letter as the base of the alphabet. So, instead of 053 equaling the first letter, A, it might equal J. Thus, if A was enciphered we would take away 10 to compensate for the J. We use Cyrillic, of course, but this example in your Latin script is probably easier to understand. Because each alphabet is completely random, there is literally no way to break this system (outside of having the codebook and knowing when each pad was used).

Suppose you have a really important secret that you need to transmit. Say, you want to plan a surprise party for one of your friends, but you know she has a working quantum computer in her basement and routinely intercepts your mail. Are you going to entrust the security of your invitations to the simple factoring of large primes? No, of course not. In extreme cases like this, standard public key cryptography just doesn't cut it. You need the unbreakable (or at least as unbreakable as your random is random) reliability and utter inconvenience of the one time pad!

But this isn't like the old days I hear you complain, I have a lot of super-sensitive data to transmit. Far too much to sit there encrypting and decrypting it by hand! Don't worry, I've got you covered. As chkno points out in kid sister encryption, every lame-ass cipher-kiddie eventually writes what they think is a slick XOR encryption tool. Here's mine. I'll even give you:

Super-duper-easy-to-follow instructions for preparing to reliably send exactly one secure message.

  1. Get an old computer, but not so old that it doesn't have a CD burner.
  2. Install a free operating system on your new old computer. Linux, OpenBSD, FreeBSD, YoMamaBSD, OpenBeOS, whatever. Just definitely not Windows, and probably not OS X either. I love Steve Jobs, but I trust him about as far as I could throw him.
  3. Unplug your new one time pad generation station from the network. Do it. Do it now. No ethernet, no modem, hell, if you can manage it get that sucker off the power grid. Consider moving to an underground bunker before you continue. This is about absolute paranoia, dagnabit. Everyone wants a piece of your data, and all hard-lines are suspect. If you got a throw-away computer with wireless, I hate you.
  4. Dump around 600 megabytes of random data to a file. Your best bet here is something like cat /dev/random > pad. Give a two year old child some coffee and let them play with the mouse and keyboard while this runs, so as to feed the entropy pool.
  5. Burn a copy of this file to two CD-Rs.
  6. Put the CDs in separate sealed envelopes. (No, no, seal them after you put the CDs in them...) Consider lining the envelopes with tin foil or something. If space aliens can read your mind, they can certainly read your optical media.
  7. Smash the computer to bits. Be thorough. Destroy every last chip. Grind it to dust, and scatter it in several different places.
  8. Keep one of the sealed CDs for yourself, and at a carefully arranged and concealed meeting, give the other to the friend you want to securely communicate with.

Equally idiot-proof guide to sending your exactly one secure message.

  1. Repeat steps 1-3 above.
  2. Open the envelope containing your copy of the one-time pad on CD.
  3. Copy the pad file to the computer, and destroy the CD. Be as thorough as when you destroyed that last computer.
  4. Using the perl script below (which you thoughtfully copied to the computer before unplugging it), XOR the data you want to send with the pad file. Mmm, crypty.
  5. Burn the new XORed file to another CD, and once again destroy the computer.
  6. Send the XORed file to your friend. Be as careless as you like here! E-mail it, fedex it, publish it in the newspaper, drop leaflets from the sky, etc. As long as you followed all the other steps carefully, this data is utterly useless to everyone but your friend. Take that, your many enemies!

Decryption of your exactly one secure message is left as an exercise for the reader's friend.

#!/usr/bin/perl
# One-time pad cryptography. Yeah, whoo. Pseudomammal > NSA.
# Little script, I hereby commit thee to the Public Domain. (June 24, 2003)

$padfile = $ARGV[0] and $targetfile = $ARGV[1] or die(<<EOF
One-time pad {en,de}cryption. (XOR swings both ways.)
Usage: onetime.pl <pad file> <target file>
I dump to stdout. Try: perl onetime.pl file.pad file.original > file.xor
EOF
);

open(PAD, $padfile) or die("Curses! I couldn't open $padfile.\n");
open(TARGET, $targetfile) or die("Drat! I failed to open $targetfile.\n");

(stat($padfile))[7] >= (stat($targetfile))[7] or die("Well that's a hell of"
. " a thing! Pad $padfile is smaller than target $targetfile.\n");


# The juicy bit.
while(read(TARGET, $targetbits, 1024)) {
        read(PAD, $padbits, length($targetbits));
        print $padbits ^ $targetbits; # I love you, Perl.
}

close(PAD);
close(TARGET);

# Thanks for playing! 

Log in or registerto write something here or to contact authors.