The One-Time Pad: The Only Truly Unbreakable Encryption

A classical cipher cannot be truly secure unless it uses an extremely large key, but using such a key is impractical. However, the one-time pad is an exception — it is the most secure cipher available. It guarantees perfect secrecy, meaning that even if an attacker has unlimited computing power, they cannot extract any information about the plaintext except its length.

Although the one-time pad is not practical for everyday use, understanding why it is secure is important. In the 1940s, American mathematician Claude Shannon proved that for a cipher to achieve perfect secrecy, its key must be at least as long as the message. The reasoning behind this is straightforward:

If an attacker had unlimited computing power, they could try all possible keys. However, a properly used one-time pad ensures that every possible plaintext remains equally likely, making it impossible to determine the original message from the ciphertext.

Example:

Plaintext Message: HELLO

Step 1: Convert the plaintext to numbers
We'll use a simple substitution where A=0, B=1, ..., Z=25. So:

H = 7
E = 4
L = 11
L = 11
O = 14
Plaintext as numbers: 7, 4, 11, 11, 14

Step 2: Generate a random key (one-time pad)
The key must be the same length as the message (5 characters in this case) and completely random. Let’s say the key is: KXQWZ

Convert the key to numbers:

K = 10
X = 23
Q = 16
W = 22
Z = 25
Key as numbers: 10, 23, 16, 22, 25

Step 3: Encrypt the message
Encryption is done by adding the plaintext numbers and key numbers modulo 26 (since there are 26 letters in the alphabet):

H (7) + K (10) = 17 mod 26 = 17 (R)
E (4) + X (23) = 27 mod 26 = 1 (B)
L (11) + Q (16) = 27 mod 26 = 1 (B)
L (11) + W (22) = 33 mod 26 = 7 (H)
O (14) + Z (25) = 39 mod 26 = 13 (N)
Ciphertext as numbers: 17, 1, 1, 7, 13

Ciphertext as letters: RBBHN

Step 4: Decrypt the message
To decrypt, the recipient (who also has the one-time pad KXQWZ) subtracts the key numbers from the ciphertext numbers (mod 26):

R (17) - K (10) = 7 mod 26 = 7 (H)
B (1) - X (23) = -22 mod 26 = 4 (E)
(Note: -22 + 26 = 4)
B (1) - Q (16) = -15 mod 26 = 11 (L)
(Note: -15 + 26 = 11)
H (7) - W (22) = -15 mod 26 = 11 (L)
N (13) - Z (25) = -12 mod 26 = 14 (O)
(Note: -12 + 26 = 14)
Decrypted numbers: 7, 4, 11, 11, 14

Decrypted message: HELLO

Why is it Impossible to Break?

• Randomness of the Key: The key used in an One-Time Pad must be truly random, as long as the message, and never reused. If the key is random, then every possible plaintext is equally likely, making it impossible for an attacker to determine the actual message.
• Key Length Equals Message Length: Since the key is the same length as the message, every bit of plaintext is masked by a different bit of the key. This ensures that no patterns exist in the ciphertext that could reveal information about the plaintext.
• Unbreakability by Frequency Analysis: In conventional ciphers, letter frequencies or patterns can help break encryption. Since One-Time Pad keys are random, the ciphertext has no statistical relationship with the plaintext, making frequency analysis useless.
• Mathematical Proof of Perfect Secrecy: According to Claude Shannon's proof, One-Time Pad satisfies perfect secrecy because:

P(Plaintext | Ciphertext) = P(Plaintext)

This means knowing the ciphertext does not change the probability of any given plaintext. No amount of computing power can reduce the uncertainty of the plaintext.

• Resistance to Brute-Force Attacks: Trying all possible keys in a brute-force attack yields all possible plaintexts with equal probability. Since there’s no way to determine which one is correct, the attacker gains zero useful information.

Limitations of One-Time Pad:

• Key Management: Securely generating, distributing, and storing long, random keys is impractical.
• Key Reuse Weakens Security: If a key is reused, an attacker can compare multiple ciphertexts to extract information.
• True Randomness: Pseudorandom number generators (PRNGs) do not provide the required randomness.

Conclusion:

When used correctly—with truly random, single-use keys—the one-time pad is unbreakable. However, its impractical key management makes it unsuitable for most applications. Since the key must be as long as the message and never reused, encrypting a 1TB drive requires another 1TB drive for the key. Despite this, it has been historically used by British SOE in WWII, Soviet spies, and the NSA, and remains in use for specific purposes today.