F T N S A

Formatted Text not some Algorithm

  • Home Download PDF File Conclusion & Comments

  • The One Time Pad



    A system is perfectly secure or perfectly secret if knowing the cipher text gives no more information about the message that one would know without intercepting the encoded message at all, meaning, if P(M = m) = P(M = m | C = c) for any c ∈ C and any m ∈ M, regardless of what probability distribution is chosen on M. This is the same as stating that P(C = c) = P(C = c | M = m) for any c and m.   - Claude Shannon (1949)




    "Most problems have a simple solution when we look at them from the right angle."   

    - Wandee Thaweetham

    The OTP has a reputation of being something unique in the field of encryption because of the mathematical proof produced by Claude Shannon at the end of the 1940's to be the only system that offers perfect secrecy. We are told that it is a system that can't be compared to other systems; at least that is the story we are told by experts who seem to have a reputation and deep inside knowledge into cryptology like Bruce Schneier. Let's take a close look at the OTP and a permutation cipher and find out if the uniqueness of the OTP is true or only an illusion turned into an axiom that by close observation isn't that self-evidently true anymore.

    One-Time Pad/Permutation Example

    In the image to the left we encrypt the word 'HELLO' using the OTP and we will focus on the key or keys; the four rules we mentioned on the previous page and try to find out if there are any inconsistencies we might notice.

    1. The key must be truly random. In our example to the left we use five bags that contain the English alphabet and our operator will stir the characters within the bag before picking a key character. Since we can't predict the sequence (randomisation) of the characters within the bag after stirring them, we will accept that the character picked resulted from a random process.

    2. The key must be as large as the plaintext (or larger). For the moment we will accept that message length = plaintext length = ciphertext length ( ℓ = length = 1 for a single character and ℓ = length = 5 for the complete word). When we look at the permutation cipher we will find a different definition.

    3. The key can never be reused in whole or part. Here we are parting from that definition since in a 26 letter alphabet each character, when used during encryption, becomes part of the key (XMCKL) and reusing a character again would violate this rule. Once all characters would have been used it would be the end for our encryption using the OTP

    4. The key must be kept secret. As with rule number two we will accept the statement however, we maintain that the word secret depends on the person that defines it and it is not an expression that has a unique definition as some of the opponents of the one-time pad point out (the key must be burned, eaten or destroyed using other means after use to make it impossible to re-create the plaintext).

    Now let us take a look at the permutation cipher and see if we can notice some similarities when comparing it with the OTP. We encrypt the word 'HELLO' and to our surprise (or not) we notice that our cipher matches with the exception of the double character L (second character), which doesn't match. That shouldn't come as a surprise when looking at the OTP above and how it operates. Whenever an operator picks a key character and matches it against a plaintext character, it will always be done from a full set of an alphabet and the character will be placed under the plaintext character. In doing it this way the operator executes the same procedure that occurs in a permutation cipher. The operator is mapping the plaintext character against a permutation and a character of the alphabet that only might be result of a mental exercise and only exist in his mind or a physical process like in our example above using five bags with each containing a full set of the alphabet (depending on the modus used to select the random characters). But it always has to be a full set of the alphabet to fulfil the requirements of the OTP (1/26 probability) and the random character moved to the position the plaintext character is situated on the alphabet (English alphabet A to Z). An operator that would have picked the same key character for the character 'L' would have ended up with the same result as shown in our permutation cipher to the left.

    When an operator creates a new permutation of this alphabet and it doesn't matter which of the 26 characters is picked, by shifting that one character underneath the position of the plaintext character on the alphabet that starts with A and ends with Z our OTP has become a permutation cipher. This process is repeated every time a plaintext character is encrypted and each of these single steps creates a new permutation where message length = key length = cipher length = 1 (length = ℓ). What we have established now is that as long as ℓ = 1 and the same key character is not matched with the same plaintext character when encrypting a message of n characters (n = the numbers of characters in the message), we have perfect secrecy because the probability is always 1/26. An operator not being paranormal or knowing the physical process in detail that was used to create the key(s) has no way of knowing which key character is matched to the plaintext character; and that also explains the reason why modular arithmetic was introduced to create a second set of random characters (cipher). Each on its own equates to C = M and K = M (C for cipher; M for message and K for key). However by using the OTP in this way we have created a new equation which now says that C = M xor K and that tells us that by obtaining via intercepting the transmissions for C and K we have solved M.

    One-Time Pad/Permutation Example

    For readers that still have a problem with the concept we have placed a permutation cipher to the left that changes during each step of the encryption. The modus used is simple but will generate unique permutations in each step. After selecting our first plaintext letter H and mapping it with the character in our permutation, which is E, we remove from the permutation the characters from position A (1) to E (8) and place them at the end of the permutation. With that we have created a new permutation and we proceed the same way until we reach the character O. Now let's compare the cipher with the cipher created in the OTP and we have to agree that they match now. We could have changed the second cipher character in the OTP, shown above, and for the double L in our plaintext used C as key character and we would have achieved the same cipher that we created in our permutation cipher based on one single permutation.

    By using a permutation that isn't repetitive and which changes after each step of the encryption process we remove the need for an operator. If sender and recipient are in the possession of this permutation they have removed the need for a second secure transmission for the key and only have to exchange the cipher; the channel doesn't need to be secure and it wouldn't matter if it was intercepted or not. How to create a permutation that isn't repetitive is outlined in our PDF file, which will be available from the 2nd of January 2017. The system we developed (not a product for sale) will not fail when the new brands of computer, quantum and memcomputers will appear on the scene.


    Conclusion

    For the moment let us state that the OTP is a permutation cipher, that during encryption changes the permutations which are used during the encryption process. The permutations are created by an operator, choosing a random character from a randomised alphabet and the character is called a key character. The key character is matched with the message text character (plaintext character) that is situated on an alphabet of n length (in the English alphabet n = 26 and the order is A to Z). Modular arithmetic is used and the values of the positions both characters hold on the ordered alphabet are added together. The value after applying modular arithmetic is used to pick a character on the ordered alphabet and this character is called the cipher character. (OTP example above)

    With that we have created a situation where the key character and the cipher character need to be transmitted to a second party to enable that party to re-create the permutation and extract the message character (plaintext character); and that has to be done every time we create a new cipher. An adversary intercepting the transmissions and in possession of both characters (key/cipher) is able to extract the message character (plaintext character). Only in the possession of the key character or the cipher character the probability (English alphabet) will always be 1/26.

    But a permutation cipher, which the OTP is, which changes during each step of the encryption (encrypting one character per permutation) only requires the exchange of the cipher if sender and recipient are in the possession of the start permutation. Here there would be only the need for a seed permutation that would permit the recipient to create for each new plaintext message the start permutation. As long as this seed permutation stays secret and there is no way for an adversary to re-create the seed permutation by guessing or via a brute force attack, we have perfect secrecy as mathematically proven by Claude Shannon. In our PDF file we demonstrate how to create a seed permutation and we will also move away from recording characters and change to a modus operandi which will not allow statistical analysis to be used by linguists to break the ciphers.


    Page Selection

  • Home Download PDF File Conclusion & Comments
  • Copyright (c) 2014/2016 - Wandee Thaweetham, Chanthaburi, Thailand