Cryptography Reference
In-Depth Information
two occurrences of
C
in row
K
Alice meant to send, hence Bob will be
uncertainwhich plaintext is being sent. In other words, Bob cannot decrypt this
ciphertext.
Every column contains every table entry precisely once
. A table without
this property cannot provide perfect secrecy. If some column (plaintext)
P
contains a table entry (ciphertext)
C
twice, then because there are
n
rows
and
n
possible ciphertexts, some table entry (ciphertext)
C
must
not
occur
in column
P
. If Alice sends ciphertext
C
to Bob then the attacker will know
that the corresponding plaintext cannot be
P
. In other words, from seeing
the ciphertext
C
, the attacker learns
something
about the corresponding
plaintext.
Squares with the above two properties are known to mathematicians as
Latin
squares
and have been popularised by puzzle solvers as
Sudoku squares
(which
are Latin squares that have additional properties). Table 3.2 provides an example
for the case
n
=
5.
For the square in Table 3.2 to actually form a one-time pad we need to make
sure that the key is chosen uniformly at random and is only used once.
VERNAM CIPHER
The most common one-time pad is the version that applies to binary plaintexts
and keys (as opposed to the versions applied to letters of the alphabet and numbers
from 1 to
n
that we have just described). This version is often called the
Vernam
Cipher
.
The Vernam Cipher can be described as follows:
• Let the plaintext be a string of bits
P
1
,
P
2
,...,
P
n
(where
P
i
means the
i
th bit of
the plaintext).
• Randomly generate a key that consists of
n
bits
K
1
,
K
n
.
• Encrypt plaintext bit
P
i
by XORing it to key bit
K
i
to obtain ciphertext
bit
C
i
(for an explanation of the XOR function, see Section 1.6.1 and the
K
2
,...,
Table 3.2:
Latin square one-time pad for protecting five plaintexts
P
1
P
2
P
3
P
4
P
5
K
1
1
2
3
4
5
K
2
2
3
4
5
1
K
3
3
4
5
1
2
K
4
4
5
1
2
3
K
5
5
1
2
3
4
