tags:

views:

66

answers:

2
+2  Q: 

Can information encoded with a one time pad be distinguished from random noise?

I understand that the cyphertext from a properly used one time pad cypher reveals absolutely no data about the encrypted message.

Does this mean that there is no way to distinguish a message encrypted with a one time pad from completely random noise? Or is there some theoretical way to determine that there is a message, even though you can't learn anything about it?

+1  A: 

If your one-time pad is completely random, then anything XOR'd with it also is (assuming your message has no/low correlation with the contents of the one-time pad).

Chris Jester-Young  2010-03-24 18:45:05
Of course you could randomly generate a pad of all-0 bits, which would be completely random and have no correlation with the message, but still be distinguished from random noise.
Gabe  2010-03-24 19:24:43
@Gabe: Seems a little circular. Shouldn't true random number generators generate "noise"? It's incredibly unlikely that you'll get 4096 bits of zeros but much more likely that your random data when XOR'ed with the message will generate an English-readable word/sentence of 512 characters. Even one that makes good sense.
Andrew Flanagan  2010-08-04 16:30:10
Andrew: I never said it was likely, just that it could happen!
Gabe  2010-08-04 17:28:04
+4  A: 

There is no way to determine if a string has been encrypted with a OTP. You can produce any string of the same size by choosing an appropriate key.

For example (from the Wikipedia One Time Pad article), the plaintext "HELLO" can be encrypted with the key "XMCKL", giving ciphertext "EQNVZ". But it is possible to find keys which produce any 5 character plaintext, such as "LATER". There is no way to determine the original plaintext without the original key.

A OTP can be 'broken' if it is reused (and therefore is no longer a one time pad). The Venona Project is an example of what can happen when OTPs are reused.

A major drawback to OTPs is that you must securely distribute a key equal in size to the plaintext to be encoded.

Fred  2010-03-24 19:15:46

related questions

How to implement password protection for individual files?
Encrypting appSettings in web.config
Usefulness of SQL Server "with encryption" statement
How can I use a key blob generated from Win32 CryptoAPI in my .NET application?
CodeReview: Tiny Encryption Algorithm for arbitrary sized data
Simple encryption implementation in C
Which hard disk encryption software to choose?
Passing untampered data from Flash app to server?
How do I prevent replay attacks?
Is there a best .NET algorithm for credit card encryption?
Encrypt data from users in web applications
How to encrypt one message for multiple recipients?
Two-way password encryption without ssl
What's the answer to this Microsoft PDC challenge?
GPG: How does key signing work and how is it done?
Secure Online Highscore Lists for Non-Web Games
Programmatically encrypting a config-file in .NET
How do I use 3des encryption/decryption in Java?
Encryption in C# Web-Services
Suitable alternative to CryptEncrypt
Can a proxy server cache SSL GETs? If not, would response body encryption suffice?
C# - CryptographicException: Padding is invalid and cannot be removed
How can I encode xml files to xfdl (base64-gzip)?
How do I add SSL to a .net application that uses httplistener - it will *not* be running on IIS
Encrypting Passwords