[Cryptography] one-time pads
Tom Mitchell
mitch at niftyegg.com
Mon Jan 20 13:41:35 EST 2014
On Mon, Jan 20, 2014 at 9:17 AM, John Kelsey <crypto.jmk at gmail.com> wrote:
> One-time pads replace a relatively well understood cipher design problem with an almost intractible key management problem. If you're not trying to keep secrets from adversaries living in the low Beyond, they're not much use.
>
> --John
I am curious what a OneTimePad looks like in the modern digital world.
In the old days one version was a "pad of worksheets" with adhesive on all
four edges (unlike a normal pad with adhesive on the top). The paper and
ink used are designed to be easy to destroy. Ink runs, paper turns to
mush if flushed or even flash paper that goes poof.
It required physical security from start through delivery to finish/
flush. This includes
the message: draft, encryption, transport of encoded content.... Pads would
look like a one time pad and modern travelers would find them exposed by
border agents like the TSA. Flash paper would (should) be stopped by sniffers.
Pads with adhesive on all edges would look obvious and "wrong" and be
confiscated.
Storage when unused requires a secret hide or serious lock box.
Old school agents might attempt to intercept the pad, free the
adhesive and photograph/
copy the content then repair the binding leaving no visible evidence.
Same for letter
intercepts (open, copy, reseal). Then intercepts need to be
collected and mated
to the pad.
One of the values of a OTP is the work page with the secret is gone and flushed
once the message is encoded (at both ends).
The top to bottom structure of the pad makes them a stream cypher although a
key in the corner can ID any page so pages can be tossed if the protocol is to
attach the page key i.e. not "Page 1, 2, 3,.." but a fixed length
field "(C}TEw[;wgU5*2c"
messages can be sent out of sequence but that implies the pad is busted open
commonly undesirable with a OTP (at both ends). Page key tricks are possible.
After folk address my naive summary above, what does a modern OTP look like?
--
T o m M i t c h e l l
More information about the cryptography
mailing list