WikiMath

---

The one-time pad

Presentation of the method

Suppose you want to encrypt a message you have in the form of a sequence of bits:

  0010010100011110011111110

and that one has moreover a pseudo-random number generator at disposal. We will generate as many random bits as there are in the message to be encrypted:

  1011000101110010001110100

We can hide our message in this noise by the technique known as the "one-time pad", where the cryptogram is the bit-by-bit exclusive OR (or, in an equivalent way, the modulo 2 addition) between the original message and this random sequence:

       0010010100011110011111110
   XOR 1011000101110010001110100
     = 1001010001101100010001010

Our cryptogram is therefore:

  1001010001101100010001010

Alice sends this message to Bob who, it is assumed, is capable of generating exactly the same noise:

  1011000101110010001110100

It performs the same operation: bit by bit exclusive OR between the cryptogram and this noise :

        1001010001101100010001010
    XOR 1011000101110010001110100
      = 0010010100011110011111110

We fall back, as we can see, on the original message. In fact, as this is the modulo 2 addition, and that we added twice our sequence of noise bits, we added either 0 or 2, the whole modulo 2: so we obviously go back to the original sequence.

Discussion

This is symmetrical encryption, since the same masking is used in Alice and Bob: the same key is used to encrypt and decrypt, i.e. to mask and unmask the message.

The second point to note in this method is its efficiency: if the generation of the secret key is fast, then the whole thing is not very complex, since the encryption/decryption only requires an addition (modulo 2), therefore linear. In short, we would have a good symmetrical encryption technique for the Internet of Things, if it were secure.

However, it is proved such by Shannon, if the following points are respected:

1. the mask is really random (i.e., cryptographically secure generator),
2. it has the size of the message (we didn't copy and paste end to end a small random mask, until we reached the size of the message),
3. it is used only once (disposable side of the mask).

This one-time pad is part of the so-called symmetric flow encryption methods. Other symmetric encryption techniques operate by block, such as triple DES or AES, but they are a little more complex to implement.

At this stage, we still have to see how to algorithmically create number sequences that, on the one hand, would be produced efficiently and, on the other hand, would have certain cryptographic security properties.

Practical work

Apply the disposable mask on the pyboard.