One-Time Pad (OTP)

A one-time pad (OTP) is the strongest possible method of encryption, it is a type of symmetric encryption scheme that is theoretically unbreakable if used correctly. However, it is hardly used in real-life application due to some practical challenges. When adopting OTP, a randomly generated pad is used only once to encrypt a message that is then decrypted by the receiver using the same pad.

Characteristics of OTP

• Perfect security
  • Even with infinite computational resources, an attacker cannot gain any information about the plain text without access to the key.
• Key length
  • The key must be at least as long as the plaintext message to be encrypted. If the key is shorter or reused, the security of the OTP is compromised.

Why unbreakable?

• True randomness of the key
  • The key used in a OTP is truly random, meaning each bit or character is generated independently and with equal probability. Due to the randomness, there are no patterns or regularities that can make used by attackers.
• Equal length key as plaint text
  • The key is as long as the plaintext message, this ensures each bit or character of the plaintext is encrypted with a unique bit or character from the key.
• One time use of the key
  • The key is used once for a single encryption operation. Reusing the key would allow an attacker to potentially use statistical analysis to break the encryption.
  • Because each key is used only once, each cipher text is unique even the same plaintext is encryption multiple times (because next time a different key is used).

OTP is not secure if key is repeated

Let’s consider a OTP that uses XOR, and consider two plain texts $P_1$ and $P_2$ encrypted by the same key $K$. We can get $C_1=(P_1\oplus K)$ and $C_2=(P_2\oplus K)$. Now assume the attacker gets hold of two cipher texts $C_1$ and $C_2$. The attacker can build a new string $P$ where $P=C_1\oplus C_2$, which can be simplified.

$$\begin{array}{rl}P& =C_1\oplus C_2\\ P& =(P_1\oplus K)\oplus (P_2\oplus K)\\ P& =P_1\oplus P_2\text{(Because K⊕K is all zeros)}\end{array}$$

This also means that $P_1=P\oplus P_2$ and $P_2=P\oplus P_1$ Using this information, the attacker can try “crib dragging”. The idea is to guess a word that can appear in one of the plain texts. For example, in English, and the text is sufficiently large, it is reasonable to assume the word “the” will be there somewhere in the plain text. So the idea is to try “the” in all possible positions in one of the plain texts, XOR them with P and see where some readable can be obtained. The process continues like this.

Challenges of real-world application

• Key generation
  • Truly randomness: The key must be truly random for the OTP to be secure. Generating a truly random key of significant length requires reliable source of entropy, which is impractical given today’s technology.
  • Length of the key: Key length must be as long as the message to be encrypted. For large messages, this results in very large truly random keys, which can be impractical to generate and manage.
• Key distribution
  • Secure distribution: Key must be securely transmitted between the sender and receiver, where other encryption methods needs to be used to achieve the purpose.
• Key management
  • One-Time use: Each key is used once, after a key is used, it must be destroyed to prevent reuse. Both parties need to remain synchronised regarding which part of the key is being used for encryption and decryption.

How does OTP work

PLAINTEXT:    H  A  P  P  Y
KEY:          S  U  I  J  L

ASCII(P):     72 65 80 80 89
ASCII(K):     83 85 73 74 76
XOR OPS     ------------------ 
              27 20 25 26 21

1. Key generation A OTP requires the use of a random key that is at least as long as the plaintext message to be encrypted. The key is truly random and is used only once for a single encryption.
2. Encryption Each character or bit of the plaintext message is combined with the corresponding character or bit of the key using the XOR (exclusive OR) operation. The result is the cipher text. Because the key is random and used only once (when encrypting the same message next time, the key will be different), the cipher text reveals no information about the plaintext without knowledge of the key.
3. Decryption To decrypt the cipher text and recover the original plaintext, the receiver can use the same key for encryption to decrypt the cipher text by applying the XOR operation again.

After the encryption, even the same character or bit in plaintext (letter “P” in this example) will be encrypted into a different cipher character or bit since a truly random key is used instead of a key corresponds to a character or bit.

---

Back to parent page: Network Security and Cryptography

Cyber_SecurityINFO2222ESEC3616Network_securitySymmetric_cryptographyOTP