Ask the Expert

A simple substitution cipher vs. one-time pad software

Why is a simple substitution cipher a bad choice for one-time padding?

    Requires Free Membership to View

I'm not entirely sure I understand your question, so let's look at what's meant by a simple substitution cipher and then what's meant by a one-time pad or one-time pad software.

In encryption, a substitution cipher replaces units of plaintext with ciphertext according to a regular system. The recipient of the ciphertext can decipher it by performing an inverse substitution. The unit can be anything from a single letter, letters or a mixture of both. Although the plaintext units themselves are altered, they remain in the same sequence in the ciphertext. (This contrasts with a transposition cipher where the units are left unchanged, but their order is rearranged.)

A simple substitution cipher operates on single letters. Using the example below, we can turn the word BADGE into WQRUT in ciphertext:

ABCDEFGHIJ. . .
QWERTYUIOP. . .

The disadvantage of this method is that with any message of reasonable length, fifty letters or more, frequency analysis can be used to deduce the meaning of the most common symbols, allowing a cryptanalyst to build partial words and progressively break the message.

Now, a one-time pad is similar to a substitution cipher, but the plaintext letters are combined not substituted, and it has been proven to be mathematically unbreakable. The recipient of the ciphertext requires a copy of the one-time pad to reverse the process. There are many different ways to apply one-time pads. Here's an example using letters for the one-time pad key:

PlaintextBADGE
10364
OTP KeyQWERT
162241719
Result172272323
CiphertextRWHXX


Using the example above, you take the first letter in the plaintext message and add it to the first random letter from the one-time pad. This number is then converted to the corresponding letter of the alphabet, with the alphabet wrapping around to the beginning if the addition results in a number beyond 26. Using this one-time pad, the word BADGE becomes RWHXX.

Because each one-time pad has a different key, the ciphertext of the word BADGE in this case will be different every time. In the above example, you can also see that frequency analysis is impossible as X occurs for both the letter G and E. With a simple substitution cipher, the word BADGE will always become WQRUT.

The drawbacks with the one-time pad are:
  • The key has to be as long as the plaintext, thus leaking some information about the message.
  • The key has to be genuinely random, which is hard to achieve for large keys.
  • The key can only be used once and must be kept entirely secret from all except the sender and receiver, creating a distribution problem.
If these problems are not overcome, particularly the randomness of the key, the one-time pad is no longer unbreakable. Even if it is theoretically secure, it may be insecure in practice.

This was first published in February 2009

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: