Slashdot Mirror
One-Time Pad From Caltech Offers Uncrackable Cryptography
zrbyte writes "One-time pads are the holy grail of cryptography — they are impossible to crack, even in principle. However, the ability to copy electronic code makes one-time pads vulnerable to hackers. Now engineers at the California Institute of Technology in Pasadena, have found a way around this to create a system of cryptography that is invulnerable to electronic attack. Their solution is based on a special kind of one-time pad that generates a random key through the complexity of its physical structure, namely shining a light through a diffusive glass plate."
That's generally the only way to crack a true one-time pad: steal the pad.
So, the message can only be read by the light of a moon the same shape and season that the message was written on?
And over there we have the labyrinth guards. One always lies, one always tells the truth, and one stabs people who ask t
Right: it sounds like it's TWO MATCHED OTPs (or, rather, one-time slabs), so Eve would need both Alice's slab AND Bob's slab to crack the communication. And if Alice and Bob are both in physical possession of the slabs, then Eve is better off using $5 cryptography to get at the message. The issue, of course, is that one-time pads aren't exactly practical, because, by definition, they're one-use-and-then-destroy. If you use an OTP more than once, it becomes vulnerable to cracking.
Who would have thought that the f... article addresses this devilishly ingenious workaround?
"And even if Eve steals the glass, they estimate that it would take her at least 24 hours to extract any relevant information about its structure.
This extraction can only be done by passing light through the glass at a rate that is limited by the amount of heat this creates (since any heating changes the microstructure of the material). And the time this takes should give the owners enough time to realise what has happened and take the necessary mitigating actions."
Uncrackable glass plates? Forget cryptography, you should get into the windshield business!
That's not the case with a properly used one-time pad. Normally you break a cipher by finding correlations due to the repeated use of a finite encryption key on different parts of a comprehensible plaintext. If either the message is random, or the encryption key is random and nonrepeating, then the message cannot be deciphered.
Unless you steal the pad, or force the user to repeat it.
No kidding!!! What do you say at this point?
Eve is better off using $5 cryptography to get at the message.
Rubber Hose Cryptanalysis Just FYI.
Finally had enough. Come see us over at https://soylentnews.org/
Nope. The OTP is truly unbreakable.
The only problem with it is that you need to secretly transmit the pad to the recipient. How do you do that? With a one-time-pad...?
No sig today...
A one time pad is impossible to crack in theory, but may be crackable if the method for generating the pad is flawed. Creating true randomness is a tricky proposition, and I don't see why its safe to believe that "shining a light through a diffusive glass plate" will generate true randomness.
What if you drop the glass plate? You're sure to crack it then.
Was it really used? Or am I hazily recalling some spy novel stuff from Irwin Wallace or Alistair MacLean and mistaking it for real history?
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
The real key here is that there is no advantage to the device at all.
In the cryptographic protocol that the authors (all physicists) believe to be novel, but which every cryptographer is aware of:
1. The authors have a perfectly secure channel (separate from the one established in the protocol).
2. They exchange as much information over that channel as the device stores.
3. The later established channel can only use that number of bits.
For real excitement they xor together their OTPs. Sorry guys but this is called a pre-shared key and the crypto world is quite aware of it. Good luck with the window dressing getting you past the PC of a physics venue.
Slashdot: where don knuth is an idiot because he cant grasp the awesome power of php
No, against a one-time pad, bruteforce won't work, because the key is never re-used so you've no basis to know that any output from your decryption is more valid than any other.
The first 1024 bytes of Hamlet, XOR'd with 1024 truly random bytes, is indistinguishable from random bytes.
XOR that with the same bytes again, and you get 1024 bytes of Hamlet back. ... and as an attacker, you've no way of knowing which one of those, if any, was the original plaintext.
XOR it with most random streams of bytes, and you'll get something that looks equally random.
XOR it with a particular different list of bytes, and you get 1024 bytes of Moby Dick.
XOR it with another list of bytes, and you get a version of Hamlet in which "Bernardo" is replaced with "Slashdot".
This seems a little bit more appropriate.
Slashdot: where don knuth is an idiot because he cant grasp the awesome power of php
No, the two devices don't match. Each device contains a different several GB of random numbers (or I suppose, random transformations), encapsulated in the structure of the glass.
The two owners meet, and using both their devices, produce a "combined key". The combined key can be stored in a public repository. The shared OTP can be extracted from the combined key using either device.
The two parties exchange confidential data encrypted with bytes from the OTP until the OTP is all consumed. Then they must meet up again to create a new OTP.
There's nothing novel about the cryptography. What might be novel is the physical properties of the device used to allow someone to carry their personal list of random numbers around.
All she does is sneak into his hotel room when he's asleep, generate his pad using his crystal and make a copy of it.
Sounds like a metaphor for something kinky...
If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
I have heard of some that try to utilize some sort of seemingly random event that is naturally occurring. However even these can be modeled over time.
A good post, but I'm not sure you understand hardware based random number generation. At least one way to do it is have a small amount of radiactive material. Although it decays predictably in the long term (half life) it is random in the short term. By measuring the radioactive decay truly random numbers can be obtained.
Can you model this? Sure, but your model will either be a software based random number generator or it will be a hardware token. In either case it will *not* be the item in question at the time in question and will not allow you to determine what numbers were generated.
No system is foolproof, but all the interesting cracks in cryptography that I'm aware of come through side channels or demonstration that a method was not truly random. Human card shuffling is certainly not random -- not only is the process controlled by the shuffler, but there are distinct non-random patterns to it that allow stage magicians to take a stack decked that is shuffled and still produce the desired result.
I think my favorite side channel attack was picking up the attenuated signal from the unencrypted side of a cryptograpy machine -- the British didn't have to crack the encryption used by the French embassy, they just read the plain text!
OTP are sexy and cool because they provide unbreakable encryption. As long as they are generated correctly (truly random) and distributed without tampering or exposure. The first is hard enough, but distribution on any scale means that not all of them will be free of tampering and exposure.
You are wrong.
The "one time" in "one time pad" means you never use a piece of key twice. The OTP needs to be as long (or longer than) the plaintext, and when you've used up your OTP, you need to get together and share a new one.
You can make an OTP last longer by compressing before encrypting, or by using OTP encyption to exchange temporary keys, to be used with other encryption methods.
Clearly you *could* re-use your OTP, perhaps starting from the beginning when you run out of bytes. But each time you do that you weaken your security.
What about a MITM attack? Doesn't need Bob verify that the plates are actually the ones that Alice manufactured? You don't need to copy the plates to barge into the channel.
Ezekiel 23:20