Onetime pads in cryptography

  In cryptography, a one-time pad is a system in which a private key generated randomly is used only once to encrypt a message that is then decrypted by the receiver using a matching one-time pad and key. Messages encrypted with keys based on randomness have the advantage that there is theoretically no way to “break the code” by analyzing a succession of messages. Each encryption is unique and bears no relation to the next encryption so that some pattern can be detected. With a one-time pad, however, the decrypting party must have access to the same key used to encrypt the message and this raises the problem of how to get the key to the decrypting party safely or how to keep both keys secure. One-time pads have sometimes been used when the both parties started out at the same physical location and then separated, each with knowledge of the keys in the one-time pad. The key used in a one-time pad is called a secret key because if it is revealed, the messages encrypted with it can easily be deciphered. One-time pads figured prominently in secret message transmission and espionage before and during World War II and in the Cold War era. On the Internet, the difficulty of securely controlling secret keys led to the invention of public key cryptography.

One-time pads don’t make sense for mass-market encryption products. They may work in pencil-and-paper spy scenarios, they may work on the U.S.-Russia teletype hotline, but they don’t work for you. Most companies that claim they have a one-time pad actually do not. They have something they think is a one-time pad. A true one-time pad is provably secure (against certain attacks), but is also unusable.

Elementrix, now defunct, announced a one-time pad product a few years ago, and refused to recant when it was shown that it was no such thing. More recently, TriStrata http://www.tristrata.com  jumped on the world’s cryptography stage by announcing that they had a one-time pad. Since then, they’ve been thoroughly trounced by anyone with a grain of cryptographic sense and have deleted the phrase from their Web site. At least they’ve exhibited learning behavior.

The one time pad is a private key method of encryption, and requires the safe and secure distribution of the pad material, which serves as the key in our solution. The security of the key distribution comes down to how secure you want to be — for communicating point-to-point with one other person, we suggest a face-to-face hand-off of the pad material.” Remember that you need to hand off the same volume of bits as the message you want to send, otherwise you don’t have a one-time pad anymore.

Related posts:

1. Cryptography
2. Cryptanalysis and Attacks on Cryptosystems
3. Glossary for cryptography
4. Good cryptography is an excellent and necessary tool
5. Cryptographic Algorithms
6. Government can no longer monopolize state of the art cryptography

Related posts brought to you by Yet Another Related Posts Plugin.