Cryptography Reference
In-Depth Information
Length of the key
. The requirement that a one-time pad key is as long as the
plaintext is prohibitive for most applications. This has particular ramifications
for two aspects of key management:
• Since these potentially enormous keys must be stored in an environ-
ment with maximum security, this has implications for
key storage
(see
Section 10.5).
• Somehow these potentially enormous keys must be made available to
anyone who requires access to them (this will be the sender and receiver
in our basic communications model of Section 1.4.3). This process is
known as
key establishment
(see Section 10.4). Since one-time pad key
establishment must be conducted using a secure technique that does not
leak any information about the key, common key establishment techniques
such as encryption using another key cannot be used. (Unless of course the
encryption of the key is done using a one-time pad, in which case we now
face the problem of securely establishing the key that was used to encrypt
our first key!)
Random generation of the key
. A one-time pad key must be truly randomly
generated and hence cannot be generated using a deterministic generator (see
Section 8.1), which is the way most keys are generated in practice. Thus
key
generation
for a one-time pad is an expensive key management process (see
Section 10.3).
One-time use
. Having gone through a costly key generation, establishment and
storage process, the resulting key can then only be used on one occasion.
Note that if a key establishment mechanism exists for one-time pad keys that are
as long as the plaintext then it is reasonable towonder why that mechanismcannot
then be used to securely transfer the plaintext itself. Why bother with a one-time
pad?However, itmay be easier to distribute the key in advance by a convenient and
secure means, potentially before the plaintext is even known. Historically, one-
time pad keys were distributed to agents using carefully engineeredmanual 'drops'
(for example, meeting on a park bench inVienna at a pre-arranged time). An agent
was then ready to receive secret messages at whatever time in the future they were
sent. We will discuss more modern versions of key establishment techniques in
Section 10.4, however they tend to be similar to this historical example in the sense
that they rely on relatively complex key establishment operations being conducted
in advance, thus allowing on-the-fly encryption to subsequently take place.
ONE-TIME PADS IN PRACTICE
The key management overheads required to support a one-time pad are clearly
toomuch for routine cryptographic application. However, there are two situations
in which these might not be so unrealistic:
In high-security environments
. If costly key management techniques can be
justified due to the value of the data being protected, use of a one-time pad
