[Cryptography] New White Paper: GhostLine - Information-Theoretically Secure Multi-Party Chat

Sun Sep 7 22:21:06 EDT 2025

On 7 Sep 2025, at 14:48, Ron Garret wrote:

>
> Sure.  But there are certain things that are just a waste of time, like creationism, flat-eartherism, lunar-landing denialism, and perpetual motion machines.  One-time pads fall into this category, for a very simple reason: if you had a secure way to distribute an OTP you could use that same mechanism to securely distribute a message and you would not need the OTP.  (This is not quite true.  There is one use case for an OTP, which is that you have a secure way to distribute it at one time, and you want to send a secure message using that OTP at a later time.  But this is an extremely rare circumstance, and it never applies to the stated use case for Ghostline.)
>
> So this is not arbitrary dismissal of an idea for superficial reasons, this is pointing out that the idea being advanced is not new, but rather one that is proposed by crackpots on the regular, and that there is a well-known and sound reason for dismissing it out of hand.
>
I disagree. Creationism, flat-eartherism, etc., are blatant nonsense and aren't worth any attention at all. But one-time pads have been and have been used in the real world. The German diplomatic service used them in the early 1920s (source: Kahn, "The Codebreakers", chap. 13), Soviet spies (Kahn, chap. 18, and yes, I know about Venona), the Washington-Moscow hotline (Kahn, chap. 19), during World War II by the US and Britain (SIGSALY: https://www.nsa.gov/portals/75/documents/about/cryptologic-heritage/historical-figures-publications/publications/wwii/sigsaly.pdf and https://www.cryptomuseum.com/crypto/usa/sigsaly/), and US military communications during that war ("The Friedman Legacy", https://www.govinfo.gov/content/pkg/GOVPUB-D-PURL-gpo52787/pdf/GOVPUB-D-PURL-gpo52787.pdf, p. 164). I'm sure there are many more examples, but those are the ones that come to mind.

Yes, they're hard to use properly—even producing the keying material is hard, to say nothing of avoiding key reuse (see Venona and Friedman), and distribution can be difficult in many situations. I've often referred to one-time pads as "theoretically secure and practically useless". But they have been and can be used—even the in the last World War II example I cite, the produced five copies of the tapes, to permit different communication patterns.

(Btw, if you're interested in the history of the Vernam-Mauborgne one-time pad, see https://mice.cs.columbia.edu/getTechreport.php?techreportID=1576&format=pdf&; if you're interested in the actual invention of it in 1882, see https://mice.cs.columbia.edu/getTechreport.php?techreportID=1460&format=pdf&. Both papers were formally published but paywalled; these versions are publicly available.)

        --Steve Bellovin, https://www.cs.columbia.edu/~smb