In cryptography, the One Time Pad is an encryption technique in which a secret key of length more than or equal to that of the plaintext message is used to encrypt the message. The secret key is randomly generated and it is pre-shared with the communicating parties. The secret key is then combined with the plaintext message to generate the ciphertext.
The ciphertext thus generated is information-theoretically secure provided the following conditions are met:
- The key is randomly generated.
- The length of the key is not less than the length of the plaintext message.
- No part of the key is re-used.
- The key is kept secret by the communicating parties.
Let’s look at an example. Let’s say Alice wants to send a secret message to Bob. The secret message is “attack.” Alice uses a randomly generated secret key “dtekwr.” The length of the secret key is the same as the length of the plaintext message and Alice ensures that the key is randomly generated and no part of the key is re-used. Alice then combines each character of the key with each character of the plaintext message. Let’s say addition modulo 26 is used.
So, ‘a’ will be added modulo 26 with ‘d’ or ‘3’. The first ‘t’ will be added modulo 26 with ‘t’ or 19 and so on.
Plaintext: a(0) t(19) t(19) a(0) c(2) k(10) Key: d(3) t(19) e(4) k(10) w(22) r(17) Ciphertext: d(3) m(12) x(23) k(10) y(24) b(1)
Hence, the ciphertext will be “dmxkyb.”
Using information theory, Claude Shannon proved that the One Time Pad has a property called perfect secrecy. As the key is randomly generated, has a length more than or equal to that of the plaintext message, the key is not re-used in whole or in part and the key is kept secure by the communicating parties, the generated ciphertext provides no additional information about the plaintext. Hence, the one-time pad is secure even if an adversary has infinite computational power.
But, in practical scenario, One Time Pads have the following problems:
1. The key should be truly random and not a pseudo-random value generated using a pseudo-random number generator.
2. The randomly generated key should have a length more than or equal to that of the plaintext message and no part of the key should be re-used. Moreover, the key should be kept secure by the communicating parties and after the use, the key should be disposed of correctly to ensure the key is never reused in whole or in part.
One Time Pads are mimicked by stream ciphers in practical applications.
I hope this helps. However, readers who want to know more about how different cryptographic algorithms work and how they are used in various secure network protocols can refer to the book “Cryptography And Public Key Infrastructure.”
0 Comments