User:Davidwr/One-time-pad

Drafted 2013-11-18 by the English Wikipedia user "davidwr".

This is a Wikipedia user page. It is not an article or draft article.

Note: I strongly suspect I'm not the first person to come up with this idea, as it is pretty obvious even to a non-cryptology-expert like myself. I'm putting this here just in case someone tries to "invent" this and patent it later. Yes, some patent offices will let obvious things like this slip by.

A poor-man's one-time pad.

Goal:

Have the benefits of a one-time pad without the need to send the entire pad to the recipient.

Basic premise:

Have a pad that is either an existing thing, a mathematical formula, or some other thing which has a label or description which is much shorter than the pad itself, or some combination of the above.

Obvious problems:

With the exception of cases where a key part of the pad is a "thing" and only a few copies of that "thing" exist, the pad cannot be reliably destroyed. This can be mitigated by having the pad further encrypted using conventional secret-key encryption.

Even without the ability to destroy the key, a one-time pad is still useful for messages which only need to be kept secret for a short period of time.

Example:

A trivial example of a "thing" is a large file whose data is random enough that it won't be easily identified by an attacker. The problem with a "thing" is it typically has finite size. This isn't an issue if it's at least as big as the total size of all messages which will be "encrypted" against it.

A trivial example of a mathematical formula is "pi minus 3" pi minus 3, written in base 26, 52, 62, 256, or whatever base is big enough to cover the input data (letters, mixed-case letters, mixed-case letters + numbers, and 8-bit binary data respectively), is for all practical purposes random. The problem with pi is that it is likely to be guessed by an attacker.

Combinations of these also fall into this category.

For example, "pi" in base 2 (or any arbitrary base) can be used as an incrementer to go through a big randomish file to generate a one-time pad: If the currently-being-examined digit if pi is 0, use the next byte (or arbitrary-sized chunk) of the big randomish file. If it is a one, skip to the next byte (or arbitrary-sized chunk, or even different-but-arbitrary-sized chunk) of the big randomish file. The non-skipped sections consititute the one-time pad.

Here is a real-world example, using "pi minus 3" in base 10 to generate the "skips" and sin(1 radian) in base 10 to generate a one-time pad consisting of base-10 digits. For both, just the digits to the right of the decimal will be used.

Pi minus 3 = 0.141592...

sin(1 radian) = 0.841470984807896506652502321...

Skip 1 digit ("8"), use 4, pad=4. Skip 4 digits ("1470"), use 9, pad=49. Skip 1 digit ("9"), use 8, pad=498. Skip 5 digits ("48078"), use 9, pad=4989. Skip 9 digits ("650665250"), use 2, pad=49892 Skip 2 digits ("32"), use 1, pad=498921 and so on ad infinitum.

To transmit this pad to the receiver, send the following message through a secure channel: "skip is pi minus 3 in base 10, decimal part only, pad is sin(1 radian) in base 10, decimal part only, start both at the beginning."

This particular example has a flaw that it is likely to be guessed, much like a password of "1234" or "password" is likely to be guessed.

Discussion:

In practical cases, the real one-time pad would be generated from a combination of "things," mathematical constants and/or formulas, and at some point the information would be encrypted with a shared-secret form of encryption.

Also, in practical cases, the same key-generator would not be used indefinately. For casual uses, it may be re-generated every few months, for extremely sensitive uses it would be re-generated as often as practical, limited only by the need to send at least part of the new key-generation scheme through a different secure channel, such as by personal delivery by a trusted courier.

This can be improved upon in many obvious ways which are too numerous to mention. If you really want a list, ask 10 classrooms full of high-school honor students to brainstorm. You will get many results but even that list will be incomplete.