F T N S A

What are we told about the One Time Pad? - Is it a Myth or is it Reality?

  • Home OTP v. Permutation Download PDF File Conclusion & Comments

  • Comments and Opinions

    "It's not what you say, but how you say it. Please keep it civil."   -  Wandee Thaweetham


    We will publish your emails here (if you agree) and the reply we gave and hope that this will get a discussion started. As stated above, keep your comments civil as long as you reply to a comment made by a reader. We have grown a thick skin during the time we discussed the OTP and the selection of your words can be stronger when addressing our comments or the previous web pages. Thanks.


    Our contact email:wandeethaweetham@gmail.com

    or:byetongthawee@gmail.com


    Natanael_L - Moderator at reddit.com

    Comment 1:

    The attacker never has to search through more possible options than the size of your private key + pad (+ plaintext, sometimes).

    Reply 1:

    Looking at the OTP that doesn't seem a problem, because we know it will not reveal one solution to a cipher but all possible solutions. If our system doesn't apply to the rules which are required of an OTP, it demands to show a mathematical or logical proof that the cipher characters in our system don't hold the probability of 1/26 (English alphabet) or 1/256 (the extended ASCII set).

    _____________

    Comment 2:

    The attacker can just use statistics to guess what characters your pool is likely composed of. And yes, mathematically they're part of the key.

    Reply 2:

    It seems very ambiguous to say that the attacker can just use statistics to guess what characters your (our) pool is likely composed of. An attacker knows from the start that we use the ASCII extended set (the hex numbers each character represents to be more accurate) and that this set of 256 characters has been extended to the length of n and that n can represent any rational number. The composition of that extended pool (string) will be random as far as an attacker can guess. The attacker doesn't know which characters have been inserted and there are no statistics that would support that. It would be like making the claim that there are statistics that would permit an attacker to gain knowledge of the key characters selected by an operator when creating a cipher in the original OTP.

    _____________

    Comment 3:

    You aren't very clear in how you're creating new characters for each permutation. It only makes me think you're using something like an enigma with re-keying based on the message. Which is just a tad bit harder to crack. It would be much easier to analyze with proper code or graphs or similar to show how exactly it works, from start to end.

    Reply 3:

    We thought we had been clear by stating that a plaintext of n characters in length each character will be mapped against a different permutation, which will not be repetitive. Should that not have come across the way it should the PDF file we provid for download will clear that up. So, please accept our apologies for not being that clear in the first place.
    The enigma is a different beast of encryption system but certainly cannot be compared to the way we encrypt a message. The enigma has a limited amount of possible permutations (the number of it is pretty impressive but nevertheless limited) and hence becomes repetitive if enough plaintext will be encrypted using it. Analyzing our system is possible by looking into the PDF file, where we have placed an example and the mathematics how it operates.

    _____________

    Comment 4:

    Just to clarify again - if you're capable of encrypting a megabytes worth of text (like a reasonably large book), using a key + pool + IV which ISN'T a megabyte large combined, then it is impossible for the NOT to be statistical evidence of what the likely key and message is.
    When the key is smaller than the plaintext, then all invalid keys will most likely produce only illegible noise, while the correct key is likely the only one producing a complete legible message.

    Reply 4:

    From the PDF file we provide it should be clear that each plaintext character has its own mapped cipher character (like in the OTP each plaintext character has its own key character) and that this character has always a probability of 1/256 . So it doesn't matter if our message is a megabyte or ten megabytes, the length of the message isn't important but the fact that the cipher is of the same length.

    _____________

    Our Comment:

    There have been other issues raised by Natanael_L which pointed out the problem of language and the statistical properties it holds and how easy it would be to break our cipher, which concluded in a sentence that told us that we didn't have an idea how these statistics did work. We didn't take it personal, but what it made clear to us was that our system hasn't been understood and the real question we put in front of the readers, if they could provide information that would show that our system isn't an OTP didn't come across.

    All the objections raised here on this page are objections one wouldn't raise if it was clear that we were discussing a one-time pad. Here one could point to Claude Shannon and the mathematical proof to silence any objections. So let us clear up here what a one-time pad is and the definition that is used to describe it; because many of the comments we received explained to us what constitutes an OTP and all they started with the comment: that by definition.... Inasmuch as we appreciate dichotomy in view as far as the practicality of our system goes, but the definition of the OTP should be clear and leave no room for re-interpretation. We have explained the functioning of an OTP in detail on the website and also in the attached PDF file and will not repeat it here and only clarify the expressions PAD and ONE-TIME. The word pad was added to the system when people started to write down the keys on a paper pad, which replaced the paper strip (which was a loop initially but later replaced by an endless tape) used by the inventor.

    The expression one-time refers to the process the key is selected and the conditions applied to it; towards each message character (the alphabet we use is of no consequence) we add a key character that has to be truly random not to be repeated in part or whole. That is the one-time part of the OTP; nothing more and nothing less and truly random is to be understood as non computable. Looking at the structure we just have created it is plain obvious that the key on its own is of no use to friend or foe and that it requires additional steps to ensure that a recipient can read a message we want to transmit, without having to send the plaintext (message) itself. Common view now tells us that this can only be achieved by using modular arithmetic (see our web pages or the PDF file) and that this causes a problem because it creates a key distribution problem. Bruce Schneier formulates the problem as follows:
    What a one-time pad system does is take a difficult message security problem .... and turn it into a just-as-difficult key distribution problem. It's a "solution" that doesn't scale well, doesn't lend itself to mass-market distribution, is singularly ill-suited to computer networks, and just plain doesn't work.*)
    Bruce Schneier

    *) We would like to thank Bruce for permitting us to quote from his publications.


    We agree with Bruce that using the OTP the way he suggests, makes it a useless tool in our days. The problem we have is with the suggestion that modular arithmetic has to be part of an OTP and that there is no other way to create a cipher and forcing us to have a second transmission or pre-defined key that needs to be exchanged between sender and recipient. By using for each plaintext character a permutation cipher which is used only one time, we achieve the same result as we do by using modular arithmetic. We couldn't find any comment in the papers published by Claude Shannon that stipulated modular arithmetic to be a universal law that is unchangeable but only the mathematics that let's us state that C = M xor K. A single permutation cipher for each plaintext character achieves this since the length of the message is always 1 and the probability for each cipher character always 1/n (n being the amount of letters our alphabet holds). We were looking for replies that would supply a mathematical proof that a system based on permutations (a single permutation for each plaintext character) doesn't work. That mathematical proof had to take into account that the length n of the permutation was not known and that the permutation itself based on the ASCII extended set had been edited (replacing control characters for peripherals with remaining characters and adding additional characters to increase the length of the string).

    On the next page (click at the arrow at the right) we included some mathematics, which we tried to keep away from our website and out of the PDF file. The reason for it is the fact that some of the comments referred to entropy, randomness and probability. So, if you are interested in our explanations click on the arrow to the right or else move to the next commentator.

    _____________

    Next Page

    Page Selection

    Copyright (c) 2014/2017 - Wandee Thaweetham, Chanthaburi, Thailand - Last update 10th January 2017