[ Home  |  FAQ-Related Q&As  |  General Q&As  |  Answered Questions ]

    Search the Q&A Archives

regarding one time pads,can someone show with an example...

<< Back to: Cryptography FAQ (01/10: Overview)

Question by suhas
Submitted on 1/15/2004
Related FAQ: Cryptography FAQ (01/10: Overview)
Rating: Rate this question: Vote
regarding one time pads,can someone show with an example how, if the same pad is used  for encrypting two different plain texts, it can be broken very easily

Answer by Anal Srivastava
Submitted on 4/19/2004
Rating:  Rate this answer: Vote
One time pad can be broken if the attacker has atleast 1 plaintext-ciphertext pair. Its pretty simple. One time pad takes XOR of a random sequence of bits (called key) with the plaintext to produce the cipertext, so we can describe this mathematically as

C = P xor K

where C = ciphertext
      P = plaintext
      K = key

if we xor with the plaintext on both sides, we get

P xor C = P xor P xor K

P xor P on the rhs will yield 0, and anything xored with 0 returns the same

so we have effectively

K = P xor C

now if the attacker has even one plaintext-ciphertext pair then he can produce the key that was used for encryption.

For any other cipertext encrypted using the same key, its easy to get the palintext, simply xor the key with the ciphertext, the result would be the plaintext.

Following works out an example, (for simplicity only 4 bits are taken)

lets assume M = 0101, K = 1101
then C = 1000

Suppose attacker knows M & C
then key = 0101 xor 1000 = 1101 which is the original key.

now any new ciphertext (encrypted with the same key) can be decrypted.


Your answer will be published for anyone to see and rate.  Your answer will not be displayed immediately.  If you'd like to get expert points and benefit from positive ratings, please create a new account or login into an existing account below.

Your name or nickname:
If you'd like to create a new account or access your existing account, put in your password here:
Your answer:

FAQS.ORG reserves the right to edit your answer as to improve its clarity.  By submitting your answer you authorize FAQS.ORG to publish your answer on the WWW without any restrictions. You agree to hold harmless and indemnify FAQS.ORG against any claims, costs, or damages resulting from publishing your answer.


FAQS.ORG makes no guarantees as to the accuracy of the posts. Each post is the personal opinion of the poster. These posts are not intended to substitute for medical, tax, legal, investment, accounting, or other professional advice. FAQS.ORG does not endorse any opinion or any product or service mentioned mentioned in these posts.


<< Back to: Cryptography FAQ (01/10: Overview)

[ Home  |  FAQ-Related Q&As  |  General Q&As  |  Answered Questions ]

© 2008 FAQS.ORG. All rights reserved.