Skip to content

OneTimePad

links: AC1 TOC - Security & Cryptography - Modern Cryptography MOC - Index


General definition

  • the key is as long as the message (and also the ciphertext has the same length)
  • the OneTimePad is only secure if used once (with a given key)
  • It provides perfect secrecy

\(K := M := C := \{0, 1\}^L\)

Using OneTimePad twice

Adversary can learn the \(XOR\) of the two messages (where they differ) if a OneTimePad (key) is used twice: \(c \oplus c' = (m \oplus k)\oplus (m' \oplus k) = m \oplus m'\)

Limitations of Perfect Secrecy

  • Any perfectly secret encryption scheme must have a key space that is at least as large as the message space: \(|K|\geq|M|\)
  • The OneTimePad is not protected against integrity (e.g. is vulnerable to Non-Malleability)

Definitions

  • XOR (bitwise exclusive-or): \(a \oplus b\)
XOR 0 1
0 0 1
1 1 0

links: AC1 TOC - Security & Cryptography - Modern Cryptography MOC - Index