Vernam’s Cipher

September 7th 2009

Gilbert Vernam was a digital systems designer from the early 20th century. He invented the stream cipher, what browsers often use today to encrypt messages exchanged with protected web sites. In his days, however, the mechanism of choice was the relay: an electromagnetic switch. Vernam also described the one-time pad, and noted the danger in reusing the key stream.

What, then is a Vernam cipher? Is it a stream cipher or a one-time pad? I’ve seen the term used both ways.

Now we can check the source. Steve Bellovin recently blogged on Vernam’s work, and posted a PDF of Vernam’s original  paper. Vernam wrote the paper for an AIEE conference (that’s one of the precursors of today’s IEEE – Bellovin negotiated permission to post the historic paper).

If we look at the historical description, Vernam does not restrict his cipher to the one-time pad case. Thus, a Vernam cipher in practice might – or might not – be a one-time pad. [revised 9/7/09]

Continue Reading »

Posted under History of Technology & Security | No Comments »

That’s not a one-time pad!

August 3rd 2008

A while back I wrote a post to explain the one-time pad encryption technique. It goes along with other pages that explain some fundamental cryptographic concepts.

It’s amazing how subtle a one-time pad really is. On one level they’re deceptively simple: you simply match up the text of your message with a collection of “random bits” you share with the recipient. To decrypt, the recipient matches up a copy of those “random bits” to retrieve the message.

The trick is in the definition of “random bits.” Continue Reading »

Posted under Security | No Comments »

Stream Cipher Reuse: A Graphic Example

May 31st 2008

Take a look at the following image. You should see two different ‘messages’ here.

Smiley overlaying the \

Two messages

This particular mis-mash of messages reflects the failure of otherwise strong cryptography: the improper implementation of a one-time pad or a stream cipher. Continue Reading »

Posted under Security | No Comments »

One-Time Pads

June 9th 2007

The one-time pad is the only encryption technique that has been mathematically proven to be uncrackable. While hard to use, it has often been the choice for highly sensitive traffic. Soviet spies used one-time pads in the 1940s and -50s. The Washington-Moscow “hot line” also uses one-time pads. However, the technique is hard to use correctly.

Continue Reading »

Posted under Security | No Comments »

Next »