Slideshare uses cookies to improve functionality and performance, and to provide you with relevant advertising. If you continue browsing the site, you agree to the use of cookies on this website. See our User Agreement and Privacy Policy.

Slideshare uses cookies to improve functionality and performance, and to provide you with relevant advertising. If you continue browsing the site, you agree to the use of cookies on this website. See our Privacy Policy and User Agreement for details.

Successfully reported this slideshow.

Like this presentation? Why not share!

- One time password(otp) by Anjali Agrawal 941 views
- Otp by draihl 716 views
- One Time Password by mahdi ataeyan 1354 views
- Typical Vulnerabilities of E-Bankin... by Positive Hack Days 9590 views
- One time pad Encryption: by Asad Ali 2122 views
- One Time Password - A two factor a... by Swetha Kogatam 3802 views

1,824 views

Published on

A brief introduction to the One-Time Pad. Presented at the December 2008 DC405 meeting.

Published in:
Technology

License: CC Attribution-ShareAlike License

No Downloads

Total views

1,824

On SlideShare

0

From Embeds

0

Number of Embeds

3

Shares

0

Downloads

64

Comments

0

Likes

2

No embeds

No notes for slide

- 1. One-Time Pad Encryption Presented By proidiot DC405 December 19, 2008
- 2. What is OTP?● One-Time Pad (OTP) is a very simple encryption algorithm based on modular arithmetic.● Each key must be completely random and used only once.● OTP is “perfectly secure” (a.k.a. “Shannon secure”) because the ciphertext provides provides no information about the plaintext other than the maximum possible size.
- 3. How Does OTP Work?1. Truly random keys are transferred beforehand (often in bulk in the form of a “pad”).2. The sender creates the ciphertext by using modular arithmatic on the plaintext and key a character at a time in order to calculate the corresponding character in the ciphertext. (Inside computers, this is often accomplished by a bitwise XOR on the data.)3.The sender immediately destroys his copy of the key, and then sends the ciphertext by any means to the receiver.4. The receiver performs the same modular arithmetic with the ciphertext and key.5.The receiver then destroys his copy of the key.
- 4. A Basic OTP Implementation in C++
- 5. Why Would I Want to Use OTP?● OTP is one of the easiest encryption mechanisms to implement (in fact, people often do it by hand).● If the keys are truly random, only used once, destroyed after use, and are transferred and kept in complete secrecy, then the ciphertext cannot be cracked (and thus “perfect secrecy” is achieved).● If the above conditions are met, there is also perfect deniability.
- 6. ...Then Why Do We Use Anything Else???● In practice, it is usually easy for others to compromise the key during transfer, while it is being stored, after it has been improperly destroyed, or all of the above.● True randomness in the key is almost impossible to achieve in practice.● Keys can only be used once.● Since there is no provision for message integrity, a man- in-the-middle could occur with neither party capable of knowing it.
- 7. “Shannon Secure”● In 1949, Claude Shannon of Bell Labs published a proof that if the keys are used only once, are completely random, and kept secure, then OTP is perfectly secure.● This caused the term “Shannon Secure” to be coined to refer to systems that can achieve perfect security in theory.● It has also been proven that anything that is Shannon Secure must have single-use keys that are used only once.
- 8. Quantum Computing and OTP● True randomness is difficult to achieve as even the very few non-quantum sources of true entropy are subject to strong bias resulting from measurement.● Quantum mechanics, however, gives us entropy sources that are not subject to quite as much meausrement bias.● Additionally, quantum entaglement would allow transfer of keys with perfect message integrity.● Unfortunately, there is still no good way to secure the storage of the keys.
- 9. What Can We Learn from OTP?● True randomness in encryption keys is vital.● While one-time use is ideal, the closer to one-time use (such as time-sensitive keys) the better.● While extremely complicated encryption algorithms arent necessary for perfect security, algorithms that assist with the storage and transfer problems of OTP keys (such as public key mechanisms) can mean a huge step forward for practical security.● Secure deletion of keys is also vital.

No public clipboards found for this slide

×
### Save the most important slides with Clipping

Clipping is a handy way to collect and organize the most important slides from a presentation. You can keep your great finds in clipboards organized around topics.

Be the first to comment