OneTimePad¶
links: AC1 TOC - Security & Cryptography - Modern Cryptography MOC - Index
General definition¶
- the key is as long as the message (and also the ciphertext has the same length)
- the OneTimePad is only secure if used once (with a given key)
- It provides perfect secrecy
\(K := M := C := \{0, 1\}^L\)
Using OneTimePad twice¶
Adversary can learn the \(XOR\) of the two messages (where they differ) if a OneTimePad (key) is used twice: \(c \oplus c' = (m \oplus k)\oplus (m' \oplus k) = m \oplus m'\)
Limitations of Perfect Secrecy¶
- Any perfectly secret encryption scheme must have a key space that is at least as large as the message space: \(|K|\geq|M|\)
- The OneTimePad is not protected against integrity (e.g. is vulnerable to Non-Malleability)
Definitions¶
- XOR (bitwise exclusive-or): \(a \oplus b\)
XOR | 0 | 1 |
---|---|---|
0 | 0 | 1 |
1 | 1 | 0 |
links: AC1 TOC - Security & Cryptography - Modern Cryptography MOC - Index