Slashdot Mirror

← Back to Stories (view on slashdot.org)

One-Time Pad From Caltech Offers Uncrackable Cryptography

Posted by timothy on from the unless-you-crack-the-glass dept.

zrbyte writes "One-time pads are the holy grail of cryptography — they are impossible to crack, even in principle. However, the ability to copy electronic code makes one-time pads vulnerable to hackers. Now engineers at the California Institute of Technology in Pasadena, have found a way around this to create a system of cryptography that is invulnerable to electronic attack. Their solution is based on a special kind of one-time pad that generates a random key through the complexity of its physical structure, namely shining a light through a diffusive glass plate."

6 of 192 comments (clear)

  1. Re:Impossible? by barlevg · · Score: 4, Informative

    That's generally the only way to crack a true one-time pad: steal the pad.

  2. Re:Impossible? by barlevg · · Score: 4, Informative

    Right: it sounds like it's TWO MATCHED OTPs (or, rather, one-time slabs), so Eve would need both Alice's slab AND Bob's slab to crack the communication. And if Alice and Bob are both in physical possession of the slabs, then Eve is better off using $5 cryptography to get at the message. The issue, of course, is that one-time pads aren't exactly practical, because, by definition, they're one-use-and-then-destroy. If you use an OTP more than once, it becomes vulnerable to cracking.

  3. Re:Impossible? by Hans+Adler · · Score: 5, Informative

    Who would have thought that the f... article addresses this devilishly ingenious workaround?

    "And even if Eve steals the glass, they estimate that it would take her at least 24 hours to extract any relevant information about its structure.

    This extraction can only be done by passing light through the glass at a rate that is limited by the amount of heat this creates (since any heating changes the microstructure of the material). And the time this takes should give the owners enough time to realise what has happened and take the necessary mitigating actions."

  4. Re:Not too long until an iceberg attack is reveale by Sockatume · · Score: 5, Informative

    That's not the case with a properly used one-time pad. Normally you break a cipher by finding correlations due to the repeated use of a finite encryption key on different parts of a comprehensible plaintext. If either the message is random, or the encryption key is random and nonrepeating, then the message cannot be deciphered.

    Unless you steal the pad, or force the user to repeat it.

    --
    No kidding!!! What do you say at this point?
  5. Re:Impossible? by L4t3r4lu5 · · Score: 4, Informative

    Eve is better off using $5 cryptography to get at the message.

    Rubber Hose Cryptanalysis Just FYI.

    --
    Finally had enough. Come see us over at https://soylentnews.org/
  6. Re:Impossible? by slim · · Score: 4, Informative

    No, the two devices don't match. Each device contains a different several GB of random numbers (or I suppose, random transformations), encapsulated in the structure of the glass.

    The two owners meet, and using both their devices, produce a "combined key". The combined key can be stored in a public repository. The shared OTP can be extracted from the combined key using either device.

    The two parties exchange confidential data encrypted with bytes from the OTP until the OTP is all consumed. Then they must meet up again to create a new OTP.

    There's nothing novel about the cryptography. What might be novel is the physical properties of the device used to allow someone to carry their personal list of random numbers around.