What is One-Time Pad (OTP) cryptography?
One of the central goals of cryptography is to enable secure communication across an untrusted public channel. If you're interested in cryptography, learning about the one-time pad is a great place to start.
What makes the one-time pad unique is quite simple: the scheme provides absolutely unbreakable encryption, known as perfect secrecy, as long as certain requirements are met:
The pad (explained below) is kept 100% secret.
The pad is random.
A Simple Secure Conversation
To give you a conceptualization of how the one-time pad works, consider having to transmit a simple message to a friend across an untrusted phone line: either "yes" or "no". Using the one-time pad technique, you would meet in person beforehand and decide privately whether or not to tell the truth. During the call, when "yes" or "no" is transmitted over the untrusted line, the eavesdropper will not have any certainty regarding the message, while the message will be clearly transmitted to your friend.
The decision of whether or not to tell the truth is the one-time pad, and your friend uses this piece of information to either accept the message as is or reverse the message. This strategy can be applied to a message of any size - you simply have to generate and exchange the same size pad as the message you're trying to send.
One-time pad basics
To use a one-time pad, a random stream of bits, known as a "pad", is generated by two parties who wish to communicate. The parties meet in person and exchange the pads. Messages are encrypted by performing an XOR operation with pad to produce an encrypted ciphertext:
message : 0 1 1 0 1 0 0 0 0
pad : 1 1 0 1 0 1 0 1 1
ciphertext : 1 0 1 1 1 1 0 1 1The XOR operation produces a 1 if the bits differ (a 0 and a 1), and a 0 if the bits are the same (both 0 or 1). To decrypt, the receiving party performs an xor between the ciphertext and the pad to recover the original message (the plaintext):
ciphertext : 1 0 1 1 1 1 0 1 1
pad : 1 1 0 1 0 1 0 1 1
plaintext : 0 1 1 0 1 0 0 0 0And that's all there is to it!
Limitations
Despite the one-time pad being a powerful cryptographic technique, it isn't widely used except for extremely sensitive situations. Exchanging large keys in person is not always possible or economically feasible. If any part of the pad is reused, the scheme is vulnerable to statistical attacks and no longer provides perfect secrecy. Instead of using the OTP, the internet mainly relies on public-key cryptography for secure communications. These systems are based upon mathematical functions that are easy to compute in one direction, but computationally infeasible to reverse in a reasonable amount of time. While not theoretically unbreakable, these schemes are likely to be extremely secure.
If you're interested in learning more and generating a one-time pad for yourself, check out my Python implementation of the scheme, SneakerCrypt.
Thanks for reading! Stay tuned for more cryptography and cryptocurrency articles!
