What is the One-Time Pad (OTP) and why does it achieve perfect security?
The One-Time Pad is a stream cipher where the keystream is a truly random key as long as the message, used only once — it's the only cipher proven to be perfectly secure.
Think of it as the limiting case of a stream cipher where the keystream is truly random rather than pseudo-random. That single change is what lifts it from computational security (safe only against a bounded attacker) to information-theoretic security (safe against any attacker, forever) — but it's also what makes it impractical, because the key is now as unwieldy as the message.
How it works:
- Key K is a truly random bit sequence, same length as message M
- Encrypt:
C = M ⊕ K - Decrypt:
M = C ⊕ K
Why it's perfectly secure:
- Every possible plaintext is equally likely for any given ciphertext
- There's no pattern or structure an attacker can exploit
- Proven by Claude Shannon (1949) — provides information-theoretic security
Practical limitations:
- Key must be as long as the message (impractical for large data)
- Key must be truly random (not pseudo-random)
- Key can never be reused (hence "one-time")
- Key distribution is as hard as distributing the message securely
Historical use: The Moscow–Washington hotline ("red phone") reportedly used OTP during the Cold War.
Go deeper:
One-time pad (Wikipedia) — the proof, the key-distribution catch, and real-world use.