Q
Problem solve Get help with specific problems with your technologies, process and projects.

Is it true that only one-time pads guarantee unbreakable encryption?

A one-time pad is the only encryption system that is mathematically proven to be unbreakable. But alas, no company sells one-time pads as an encryption system, because they are just not worth the effort.

Here is how it all works

A one-time pad is nothing more than a big buffer of random numbers. Since we're talking about computer systems, let's just assume that it's a CD full of random bits. However, this doesn't need to be so. In WWII, they used tables of 1-26, so they work well with letters. If you are interested in this, you definitely should read Leo Marks' book Between Silk and Cyanide.

If you want to encrypt a message, you take a set of random bytes from your table, and you mix them with your message. On a computer, we typically XOR them onto the data, but arithmetic would work as well. If you were using Marks' tables, you'd add them. So if your message letter was an A and the random byte was a four, that would become an E. It's a very simple process.

Now then, here come the hard parts. First of all, you must never re-use a one-time pad. Really. Never. The Russians made this mistake a few times, and the American intelligence agencies broke a lot of their messages, because they used one-time pads twice. There is a fascinating discussion of this on the Web, called the Venona project.

Next, you need to destroy your one-time pads as soon as they are used. Leo Marks printed his on thin squares of silk, so they could be easily and quickly burned, as well as easily hidden. If your adversary gets a hold of the pads, you might as well not have bothered.

• Guest Commentary: IPSec and SSL: Complementary approaches to ensure digital data protection and integrity
• Guest Commentary: IPSec and SSL: Complementary approaches to data protection, part two

• This was last published in September 2003

#### Have a question for an expert?

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

#### Start the conversation

Send me notifications when other members comment.

## SearchCloudSecurity

• ### Google Cloud security gets boost with Secret Manager

Google Cloud's new Secret Manager service augments its cloud security capabilities with an eye toward the needs of DevOps teams.

• ### Microsoft misconfiguration exposed 250M customer service records

Microsoft exposed 250 million customer support records on five Elasticsearch servers that had misconfigured Azure security rules,...

• ### Lyft's open source asset tracking tool simplifies security

Security teams need information and context about data in order to keep it safe. Learn how Cartography, Lyft's open source asset ...

## SearchNetworking

• ### Build a source of truth into your network automation strategy

Many network automation approaches rely on a source of truth repository to provide data on network behavior. But building this ...

• ### SD-WAN explained: The ultimate guide to SD-WAN architecture

Evaluating SD-WAN architecture can be confusing, especially as the market grows. This guide helps IT pros learn SD-WAN basics, ...

• ### VMware acquisition of Nyansa combines LAN, WAN analytics

The VMware acquisition of Nyansa is expected to provide network traffic analytics that cover the SD-WAN and the wired and ...

## SearchCIO

• ### Preparing for the new forms of cybersecurity threats in 2020

In the first part of a series on the new forms of cyberthreats in 2020, we're diving into the many infiltration points being ...

• ### What is the state of CIO tenure today?

CIO tenure remains significantly lower than other C-suite positions, and according to experts, it's a result of the age of ...

• ### The evolution of RPA, from macros to process transformation

RPA evolved from technology debuted in the 1950s and '60s and was developed to today's standards by the industry's leading ...

## SearchEnterpriseDesktop

• ### Windows 7 sunset gives PC market a boost in 2019

Does the growth of the PC market in 2019 reflect an increased appetite for the devices? Experts discuss the PC's role in the ...

• ### EG Enterprise v7 focuses on usability, user experience monitoring

New features in EG Enterprise v7, set to launch soon, enable simulated and real user monitoring, automated diagnosis and new ...

• ### Managing Windows Defender Device Guard in Windows desktops

IT pros must understand how Windows Defender Device Guard uses a locked-down approach to desktop security and how this method ...

## SearchCloudComputing

• ### 5 cloud database comparison tips to guide your data strategy

Catch up on these tips that compare the strengths, weakness and available integrations of popular public cloud database and ...

• ### Reduce cloud latency for remote employees and offices

Latency remains an issue for cloud users with remote facilities. See how SD-WAN and satellites can improve network performance ...

• ### AWS multi-account management best practices with Control Tower

With the help of AWS Control Tower, organizations who own and operate multiple cloud accounts can manage them all under one roof ...

## ComputerWeekly.com

• ### Police sent information about potential Fujitsu staff perjury in subpostmaster prosecutions

The police have been asked to consider information from a High Court judge questioning evidence given by Fujitsu staff in ...

• ### NHSX reports progress in screening transformation

Digital unit outlines work that has been done to address the shortcomings of screening IT programmes

• ### RAN sharing and convergence juice up Orange for 2020

Telco Orange’s roadmap for Europe in 2020 reveals the power of convergence and the need for ecosystem partnerships

Close