Chapter 22 – The One-Time Pad Cipher 357The Unbreakable One-Time Pad Cipher
There is one cipher that is impossible to crack, no matter how powerful your computer is, how
much time you have to crack it, or how clever of a hacker you are. We won’t have to write a new
program to use it either. Our Vigenère program can implement this cipher without any changes.
But this cipher is so inconvenient to use on a regular basis that it is often only used for the most
top-secret of messages.
The one-time pad cipher is an unbreakable cipher. It is a Vigenère cipher where:
- The key is exactly as long as the message that is encrypted.
- The key is made up of truly random symbols.
- The key is used one time only, and never used again for any other message.
By following these three rules, your encrypted message will be invulnerable to any cryptanalyst’s
attack. Even with literally an infinite amount of computing power, the cipher cannot be broken.
The key for the one-time pad cipher is called a pad because they were printed on pads of paper.
The top sheet of paper would be torn off the pad after it was used to reveal the next key to use.
Why the One-Time Pad is Unbreakable
To see why the one-time pad (OTP) cipher is unbreakable, let’s think about why the regular
Vigenère cipher is vulnerable to breaking. Our Vigenère cipher hacking program works by doing
frequency analysis. But if the key is the same length as the message, then every possible
ciphertext letter is equally probable to be for the same plaintext letter.
Say that we want to encrypt the message, “If you want to survive out here, you've got to know
where your towel is.” If we remove the spaces and punctuation, this message has 55 letters. So to
encrypt it with a one-time pad, we need a key that is also 55 letters long. Let’s use the key
“kcqyzhepxautiqekxejmoretzhztrwwqdylbttvejmedbsanybpxqik”. Encrypting the string looks like
this:
Plaintext ifyouwanttosurviveouthereyouvegottoknowwhereyourtowelis^
Key kcqyzhepxautiqekxejmoretzhztrwwqdylbttvejmedbsanybpxqik^
Ciphertext shomtdecqtilchzssixghyikdfnnmacewrzlghraqqvhzguerplbbqc^Now imagine a cryptanalyst got a hold of the ciphertext (“shomtdec...”). How could she attack
the cipher? Brute-forcing through the keys would not work, because there are too many even for a
computer. The number of keys is 26 ^ (number of letters in the message), so if the message has 55
letters, there would be a total of 26 ^ 55, or 666,091,878,431,395,624,153,823,182,526,730,590,
376,250,379,52 8,249,805,353,030,484,209,594,192,101,376 possible keys.