LOGBOOK

HELP

Quiz Entry - updated: 2026.07.14

What happens if you reuse a One-Time Pad key for two different messages?

Reusing a OTP key completely destroys its security — an attacker can XOR the two ciphertexts together to eliminate the key and obtain the XOR of the two plaintexts.

Reusing the pad: C1 XOR C2 = M1 XOR M2, the key cancels

* Reuse the pad and the key cancels: C1⊕C2 = M1⊕M2, recoverable by crib-dragging. *

The attack:

C1 = M1 ⊕ K
C2 = M2 ⊕ K
C1 ⊕ C2 = (M1 ⊕ K) ⊕ (M2 ⊕ K) = M1 ⊕ M2

The key K cancels out! Now the attacker has M1 ⊕ M2, and using frequency analysis and known-plaintext techniques (known as "crib dragging"), they can often recover both messages.

Real-world failure: The VENONA project — the NSA broke Soviet spy communications because some OTP key pages were reused. This shows that even the theoretically perfect cipher fails catastrophically with key reuse.

Tip: This same principle applies to all stream ciphers — never reuse a keystream, whether it's from an OTP or a PRNG-based stream cipher.

Go deeper:

From Quiz: KRYPTOG / Symmetric Cryptography | Updated: Jul 14, 2026