One-time Pad – The Key Management

We concluded the last chapter with a provocative question: If one-time pad is truly an uncrackable cipher (as claimed by Shannon’s mathematical proof), why is this 100% secure cipher not used widely today instead of the large number of other ciphers?

Let us demonstrate briefly how the simplest one-time pad encryption actually works. We have a message (let’s call it SIMPSON). Now we need a key. Let’s say, we will use a word again (for example, CINDERELLA). We will assign each letter its numerical value in the alphabet, i.e. A=0, B=1, C=2 … Z = 25. Next we will add the first letter of the message to the first letter of the key (18+2=21) and write down the resulting letter (letter U). In the same manner, we will add the second letter of the message to the second letter of the key, and so on… We encounter a problem in the penultimate place when we reach 14+17=31. No problem, the sequence will start again at A, B… once the computation goes past Z, and 31 will result in letter F. With these steps, our encrypted message will be UQZSWFR. We would follow the same pattern for decryption, except we would use subtraction instead of addition and also add the next A – Z before A (for negative results). This example has been prepared using the website http://rumkin.com/tools/cipher/otp.php, where you can easily experiment with more extensive messages and encryption properties.

Amazingly, when we send the word UQZSWFR to a selected recipient, no one (not even the recipient) is able to decrypt it if they do not know that we have encrypted it with the word CINDERELLA. It means, however, that we had to distribute the word CINDERELLA (in general a key which must be at least as extensive as the encrypted message) to the recipient secretly beforehand. But if we are able to distribute the word CINDRELLA secretly, why not send the word HOMER directly via this safe route?

The main weakness of one-time pad is the size of used keys. Indeed, no one (except for the latest discovery which we are saving for the final chapter in our series) has found such an arrangement of one-time pad key management that would allow its universal application. Does it mean that one-time pad is an awesome toy, but with no practical use?

One of trivial answers to the question why deliver the key secretly instead of a message of the same size directly is time. Sometimes it is vital to deliver a classified message promptly, via email, internet, phone. On the other hand, a secret courier may spend a significant amount of time by, for example, hiding and searching for the right place to cross the battle line or state border. He may therefore attempt to deliver a set of keys and use all the time he needs to do so, and the recipient may later use those keys to decrypt electronically received messages. Moreover, if the courier is captured, the keys contain no valuable information. This set of keys will simply not be used to encrypt messages.

However, progress cannot be stopped, and cryptography has not uttered its final verdict in regard to the one-time pad key management. In the next chapter, you may therefore look forward to a look behind the scenes inside a development department, where we will partially lift the veil off one of the latest discoveries in this area, promising a great potential.

As a concluding anecdote, let us mention a case where one-time pad has been used routinely.  The teleprinter communication between Washington, D.C. and Moscow during the Cold War, known as the “hot line”, was encrypted with one-time pad. Naturally, finances did not play a significant role in this case, and so military transport aircraft took off weekly and transported (literally) tons of then mechanically removable hard disks (each of them larger and heavier than the computer you are using to read this article) with recorded keys across the Atlantic Ocean. It is a true story that 50 years after their declassification, keys for two messages could not be found in the archives on either side of the Atlantic, and therefore, despite the encrypted versions in the hands of historians, we will never learn their exact wording.