Is it true that only one-time pads guarantee unbreakable encryption?
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
A one-time pad is the only encryption system that is mathematically proven to be unbreakable. But alas, no company sells one-time pads as an encryption system, because they are just not worth the effort.
Here is how it all works
A one-time pad is nothing more than a big buffer of random numbers. Since we're talking about computer systems, let's just assume that it's a CD full of random bits. However, this doesn't need to be so. In WWII, they used tables of 1-26, so they work well with letters. If you are interested in this, you definitely should read Leo Marks' book Between Silk and Cyanide.
If you want to encrypt a message, you take a set of random bytes from your table, and you mix them with your message. On a computer, we typically XOR them onto the data, but arithmetic would work as well. If you were using Marks' tables, you'd add them. So if your message letter was an A and the random byte was a four, that would become an E. It's a very simple process.
Now then, here come the hard parts. First of all, you must never re-use a one-time pad. Really. Never. The Russians made this mistake a few times, and the American intelligence agencies broke a lot of their messages, because they used one-time pads twice. There is a fascinating discussion of this on the Web, called the Venona project.
Next, you need to destroy your one-time pads as soon as they are used. Leo Marks printed his on thin squares of silk, so they could be easily and quickly burned, as well as easily hidden. If your adversary gets a hold of the pads, you might as well not have bothered.
For more info on this topic, check out these SearchSecurity.com resources:
Dig Deeper on Disk Encryption and File Encryption
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.