Cryptography Reference
In-Depth Information
Figure 1.2
One-time pad.
The key is a random sequence of 0's and 1's, and therefore the resulting cryp-
togram, the plaintext plus the key, is also random and completely scrambled
unless one knows the key. The plaintext can be recovered by adding (in base
2 again) the cryptogram and the key.
In the example above (shown in Figure 1.2), the sender, traditionally called
Alice, adds each bit of the plaintext (01011100) to the corresponding bit of the
key (11001010) obtaining the cryptogram (10010110), which is then transmit-
ted to the receiver, traditionally called Bob. Both Alice and Bob must have
exact copies of the key beforehand; Alice needs the key to encrypt the plain-
text, Bob needs the key to recover the plaintext from the cryptogram. An
eavesdropper, called Eve, who has intercepted the cryptogram and knows
the general method of encryption but not the key, will not be able to infer
anything useful about the original message. Indeed, Shannon proved that if
the key is secret, the same length as the message, truly random, and never
reused, then the one-time pad is unbreakable. Thus we do have unbreakable
ciphers.
1.5 Key Distribution Problem
There is, however, a snag. All one-time pads suffer from a serious practical
drawback, known as the key distribution problem. Potential users have to
agree secretly and in advance on the key, a long, random sequence of 0's
and 1's. Once they have done this, they can use the key for enciphering and
deciphering, and the resulting cryptograms can be transmitted publicly, for
example, broadcasted by radio, posted on the Internet, or printed in a news-
paper, without compromising the security of the messages. But the key itself
must be established between the sender and the receiver by means of a secure
