Randomized algorithms and the one time pad

$ \begingroup $ No, the encoding algorithm used in erstwhile slog encoding does not need to be either probabilistic or random. The most common historical OTP algorithm is a simple substitution zero. In digital encoding, the OTP algorithm most normally used is XOR. Neither algorithm introduces any uncertainty. It ‘s the key material that must be random. And how that key material is generated is critical. It must be derived from a cryptographically secure source of randomness .
satisfactory sources of randomness are amazingly difficult to come by. Computers, despite their reputations, are designed to be precisely accurate and repeatable. The most guarantee random numbers come from hardware using stochastic processes such as the timing of radioactive decay, thermal component noise, and other such sources. Most commercial computers do n’t contain a hardware random number generator, however, so they collect different bits of things that are considered unvoiced to predict, and combine them in concert into a large collection of hard-to-predict bits. This action is often called “ gather randomness ”. To stretch a small number of hard-to-predict bits into a usefully boastfully total of random bits, pseudo-random phone number genesis algorithms are sometimes used, which accept the minor number of bits as a sow and produce a larger count of bits of end product. Pseudo-random count generators are frequently built from testify batten cryptanalytic routines such as AES or SHA-2 .
And if you ‘re using AES to stretch a small number of bits into a long string of bits, you are basically encrypting with AES, starting with a random total as the key. That ‘s why a “ one meter pad ” using a computer-generated identify stream is rarely ampere effective as an actual erstwhile pad. The good news is that it ‘s still vitamin a effective as AES, which is considered strong.

The bad news is that because people do n’t understand randomness identical well, they think that any series of values they themselves ca n’t predict will serve as an adequate cardinal for a erstwhile diggings .
To help understand why erstwhile pad sour the way they do, I recommend studying very world attacks. One of the best document attacks is the Venona visualize, recently declassified by the NSA, where they deciphered the erstwhile pads used by soviet spies. The reason they were able to decipher them is that soviet agents actually reused the keys, turning them into two-time pads. It is generally accepted that because generating the key material was boring, time consume, and expensive, and distributing it securely was extremely bad and unmanageable, that they economized by reusing the key. That led to the break in the code, which in turn identified such ill-famed spies as Julius and Ethel Rosenberg and David Greenglass, and provided absolute proof of their guilt in delivering the secrets of the atomic bomb calorimeter to the Soviet Union .
That cryptanalysis of course revealed the keys of the erstwhile pads, and those were besides studied. It was determined from the distribution of the letters used that a typist plainly banged back and forth on a keyboard, from one side to the other, to generate the keys. It ‘s hard to imagine a more boring job .

Leave a Reply

Your email address will not be published.