A one-time pad is the only encryption system that is mathematically proven to be unbreakable. But alas, no company sells one-time pads as an encryption system, because they are just not worth the effort.
Here's how it all works
A one-time pad is nothing more than a big buffer of random numbers. Since we're talking about computer systems, let's just assume that it's a CD full of random bits. However, this doesn't need to be so. In WWII, they used tables of 1-26, so they work well with letters. If you are interested in this, you definitely should read Leo Marks' book Between Silk and Cyanide.
If you want to encrypt a message, you take a set of random bytes from your table, and you mix them with your message. On a computer, we typically XOR them onto the data, but arithmetic would work as well. If you were using Marks' tables, you'd add them. So if your message letter was an A and the random byte was a four, that would become an E. It's a very simple process.
Now then, here come the hard parts. First of all, you must never re-use a one-time pad. Really. Never. The Russians made this mistake a few times, and the American intelligence agencies broke a lot of their messages, because they used one-time pads twice. There is a fascinating discussion of this on the Web, called the Venona project.
Next, you need to destroy your one-time pads as soon as they are used. Leo Marks printed his on thin squares of silk, so they could be easily and quickly burned, as well as easily hidden. If your adversary gets a hold of the pads, you might as well not have bothered.
You also have to take care in the construction of the pads as well as their distribution. The pads have to be completely random. They can't be pseudo-random, generated from some seed value (but more on that later).
You must securely distribute them to your partner. You also have to remember that since they get used up at the same rate as your traffic -- for every megabyte of traffic between you and your partner, you have to exchange a megabyte of pad; this is a continual process. Pads are a regular supply you have to maintain. The reason that the Russians riskily used their pads a second time on occasion was the difficulty of securely keeping their diplomats and agents with enough pads to cover their message rates. I'm sure that by now, you also have realized that you have to do this for every person you talk to, as well. You also have to keep track of which pad was used for which message with which person.
This is why one-time pads just aren't used. They must be constructed with care. They must be distributed in advance. They must be completely protected before they are used. They must be completely destroyed after they are used. They must be securely distributed. In many cases, it's much simpler to hire a secure messenger, since the size of the pads is the size of all the traffic that gets sent.
Basically, one-time pads are too much trouble. They may be mathematically perfect, but they are operationally unwieldy. There's a saying that in theory, theory is the same as practice, but in practice, this turns out not to be the case. This is pretty much a description of one-time pads.
So how would you make this easier?
One way, as I hinted at before, would be to exchange not a huge amount of random data, but a small amount of random data and then use some mathematical algorithm to expand that out. That's exactly what a stream cipher is. It is also effectively what a block cipher does in a chaining mode, but not precisely -- I find the details of these things fascinating, but most people don't, so I'm simplifying. Getting back to English from jargon, you're taking a small amount of random data (the key) and using an algorithm to produce a stream of random data, which you use like a one-time pad. The strength of that system is a combination of the strength of the algorithm and how hard it is to guess that key. There has been a lot of work on this problem over the last few decades, and we think we have things good enough. If you use one of the older acceptable algorithms with 16-byte (128-bit) keys, our best estimates are that it would take an adversary with a planet full of computers a millennium (on average) to break a single message. If the adversary only has half a planet full of computers, then it'll take two millennia.
If that isn't good enough for you, then one of the newer ciphers (with 32-byte [256-bit] keys) would require a few galaxies full of computers to break. To be complete, I'm assuming there is no glaring mathematical flaw in these algorithms. Until someone makes some sort of science-fictional technology, these algorithms are perfectly acceptable.
Now that we've gotten the messages taken care of imperfectly but acceptably, how do you get the keys transferred? We've managed to cut the keys down from the size of the message to a fixed 16 to 32 bytes, but they still have to be moved from place to place. The difficulty of doing this is what makes one-time pads impractical, but this is still an issue to be solved. Otherwise you still need the secure messenger to carry secrets around, but far less often.
The answer to that is public key cryptography. Well, all right, that's one answer. It's possible to make a system that bootstraps from a single key per participant (Kerberos is such a system), but public key cryptography makes things so much simpler that there's no reason to bother with anything else.
Public key cryptography makes it possible to exchange these message keys without needing secure messengers at all. You can look up the key of the person you want to talk to in some known place, and use it. There is even a form of public key cryptography that allows ad-hoc exchanges to be done.
You might wonder why we don't use public key cryptography alone, and it comes down to practicalities again -- that darn real world going and messing up a perfectly good theory. Public key cryptography is some ten thousand times slower than the other algorithms, so we use both -- the slow one for the magic of key transport and the fast one for bulk data security.
Here is a factoid for you: At PGP Corporation, we were testing some computers to see how many messages they could process how quickly. First we did it with messages that were 10 KB in size. Then we did it with messages that are 100 KB in size. We saw approximately a loss of performance of 10%. That's right -- you can process roughly 90 100K messages in the same time as a hundred 10K messages. The reason is that the public key part of the system is a lot slower than everything else.
This basic form that I've described is how all the modern cryptography systems work. You start with a public key, use that to send a bulk key and use that to encrypt the message. Unlike a one-time pad, it isn't unbreakable, but breaking it requires cleverness and a spare planet full of computers. On the other hand, it's simple enough to deploy that it's built into your Web browser for Web traffic. If you want to encrypt e-mail or files or disk storage this way, any number of companies (including mine) will sell you such a system rather reasonably.
Let me sum up. If you want to use one-time pads, you have to commit to proper use procedures -- protecting them, storing them, shredding them after us and never reusing them. You have to commit to getting a continual supply of pads in some sort of subscription and remember that if you run out of pads, you have to stop talking. They may be mathematically perfect, but I don't think anyone in their right mind would use them, except for special purposes. ( Don't forget to check out Leo Marks' book.) The encryption systems we use today are secure enough (and can be upgraded if more security is needed). Even with them, they are have enough operational wrinkles that the creative work being done in security systems all revolves around making their operational aspects easier, not in making them more secure. Sure, one-time pads are mathematically secure, but even nation states can't use them reliably.
