Q
Problem solve Get help with specific problems with your technologies, process and projects.

# 'The seduction of the one-time pad'

using RSA to send them with PGP, but there is again a problem.

Considering PGP, if I want to send OTP message to another person via e-mail, PGP will first compress this OTP message. Here is the problem: Since OTP file/message is highly random in nature (obviously it should be), you can't compress it even to 1%. I experimented by creating pseudo random data generated by keystroke hooks, mouse movements, memory digest, tickcount digest, system information, etc. using a block cipher (Blowfish) and hash digest (SHA-1). I checked the file I generated for randomness by ENT. It gave good results. I decided to encrypt 2.49 MB of pseudo random data by PGP and used a 512-bit RSA key. I found the PGP message size came out to be 3.39 MB -- even when a 512-bit key is used. If I had chosen RSA 4096-bit key and then calculated the result, it is of no use to send few KB of OTP messages via e-mail the whole day.

Considering the perfect security offered by OTP, where the key size of true random data may equal or exceed the message size, can the modern symmetric algorithms of 128-bit and 4096-bit asymmetric algorithms resist cryptanalysis by government agencies? I don't think the government agencies will find any difficulty in breaking a 128-bit encryption.

A few years ago, I gave a talk called, "The seduction of the one-time pad." In it, I discuss how the pursuit of perfect security with one-time pads leads people to make suboptimal security decisions. People spend a lot of effort chasing the one-time pad, and then end up with security that is only good enough. Starting with security that is good enough and sticking to it is almost always the best thing to do.

I'm afraid you've succumbed to that seduction. Don't feel badly about it, most of us do at one time or another. But let me discuss what you did.

You are right that random data is not compressible. This is pretty much the definition of random data. Since compression algorithms like Zip work by finding repeats of data and then putting in shorthands they aren't going to find them in random data. Anything they do find should have just occurred randomly and is not going to offset the extra data that has to be put in for the compression structures. So compressed random data is most likely going to be larger than the base data itself.

Now then, let's look at how to transfer pads to your partners. Since the pads have perfect security, the true security of the system is actually the security of the courier. Let's imagine that you have an actual person delivering them. The security of the system is essentially the chance that the adversary can copy the pads without the courier noticing. That's the way to attack that system. (We'll ignore the storage security issues, as well as the issues of how well your random data was generated.)

If your courier is PGP, then the security of the transfer is the security of your PGP envelope. If that has a 512-bit RSA key, and underneath that a 128-bit cipher, then the weak point of the system is the 512-bit RSA key, which has about the same strength as a 56-bit symmetric key. So, when you encrypt that pad, you have lowered its security to that of a 56-bit key. It would be simpler and just as secure to just use a 56-bit key.

This was last published in April 2004

#### Have a question for an expert?

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

#### Start the conversation

Send me notifications when other members comment.

## SearchCloudSecurity

• ### How enterprises should handle GDPR compliance in the cloud

GDPR compliance in the cloud can be an intimidating concept for some enterprises, but it doesn't have to be. Rob Shapland ...

• ### Compromised cloud credentials still plaguing enterprises

Why are enterprises still struggling with identity and access management in the cloud? Experts at RSA Conference discuss the ...

• ### How TLS mutual authentication for cloud APIs bolsters security

Secure access to cloud APIs is necessary but challenging. One viable option to combat that is TLS mutual authentication, ...

## SearchNetworking

A rare government alert that Russian hackers are targeting routers in the United States and the United Kingdom has security ...

• ### Analyst balks at blockchain distributed ledger in networking

Blockchain distributed ledger technology is untested, unproven and overly complex, making it unsuitable for networking, ...

• ### Network-as-a-service market blossoms as demands grow

The network-as-a-service market is attracting more attention, as enterprises look for ways to outsource some of their ...

## SearchCIO

• ### RSA 2018: Juniper CEO stresses training, automation in cybersecurity

During his RSA Conference keynote, Juniper CEO Rami Rahim encouraged leaders to be "agents of change" that embrace automation in ...

• ### Will the next act in the ongoing evolution of IT be its last?

The evolution of IT keeps on keeping on -- for now. But as technology becomes more integral to the business, the IT department ...

• ### Digital factory strategy needed to support omnipresent IT

Digital factories, framed as a business process re-engineering strategy for our tech-centric economy, reflect how the IT function...

## SearchEnterpriseDesktop

• ### Workflow automation software improves LA court productivity

Court's in session, and the jury is unanimous: Automation software can help IT departments provide simpler workflows for end ...

• ### How to create a custom Windows 10 image for deployment

IT pros can build a Windows 10 image with custom apps, Start menu tools and more that they can easily deliver throughout the ...

• ### Four Windows 10 built-in security features to know

IT needs an effective plan to maximize security for Windows 10 and get the most out of its built-in features.

## SearchCloudComputing

• ### IaaS and PaaS blurred lines increase lock-in risks

There are three distinct cloud service categories: IaaS, PaaS and SaaS. However, IaaS and PaaS are getting a little too close, ...

• ### Single pane of glass for multi-cloud management still elusive

Unified management for multi-cloud remains a work in progress. Vendors have yet to produce the perfect single-pane-of-glass tool ...

• ### Microsoft takes holistic approach to IoT security concerns

Azure Sphere extends security from the cloud to the device. It's the most holistic approach on the market and provides another ...

## ComputerWeekly.com

• ### TechUK calls on government for Climate Change Agreement deadline extension for datacentres

TechUK claim decision to stop new datacentre operators from joining Climate Change Agreement programme from October 2018 could ...

• ### Global cyber crime worth \$1.5tn a year, study reveals

Cyber criminal operations worldwide are generating revenues that equal the GDP of Russia though a web of profit that involves ...

• ### Data protection is critical for all businesses

Companies that misuse data or fall victim to breaches not only risk financial loss, but also reputational damage. There are many ...

Close