Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
One-time pad
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
===Key distribution=== {{further|Key distribution}} Because the pad, like all [[shared secret]]s, must be passed and kept secure, and the pad has to be at least as long as the message, there is often no point in using a one-time pad, as one can simply send the plain text instead of the pad (as both can be the same size and have to be sent securely).<ref name="schneierotp"/> However, once a very long pad has been securely sent (e.g., a computer disk full of random data), it can be used for numerous future messages, until the sum of the messages' sizes equals the size of the pad. [[Quantum key distribution]] also proposes a solution to this problem, assuming [[Fault tolerance|fault-tolerant]] quantum computers. Distributing very long one-time pad keys is inconvenient and usually poses a significant security risk.<ref name="Numbers Stations"/> The pad is essentially the encryption key, but unlike keys for modern ciphers, it must be extremely long and is far too difficult for humans to remember. Storage media such as [[thumb drive]]s, [[DVD-R]]s or personal [[digital audio player]]s can be used to carry a very large one-time-pad from place to place in a non-suspicious way, but the need to transport the pad physically is a burden compared to the key negotiation protocols of a modern public-key cryptosystem. Such media cannot reliably be erased securely by any means short of physical destruction (e.g., incineration). A 4.7 GB DVD-R full of one-time-pad data, if shredded into particles {{Convert|1|mm2||abbr=on}} in size, leaves over 4 [[megabit]]s of data on each particle. {{citation needed|date=November 2010}} In addition, the risk of compromise during transit (for example, a [[pickpocket]] swiping, copying and replacing the pad) is likely to be much greater in practice than the likelihood of compromise for a cipher such as [[Advanced Encryption Standard|AES]]. Finally, the effort needed to manage one-time pad key material [[Scalability|scales]] very badly for large networks of communicants—the number of pads required goes up as the [[Quadratic growth|square]] of the number of users freely exchanging messages. For communication between only two persons, or a [[star network]] topology, this is less of a problem. The key material must be securely disposed of after use, to ensure the key material is never reused and to protect the messages sent.<ref name="Numbers Stations"/> Because the key material must be transported from one endpoint to another, and persist until the message is sent or received, it can be more vulnerable to [[computer forensics|forensic recovery]] than the transient plaintext it protects (because of possible data remanence).
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)