one-time pad or vernam cipher.ppt

8/10/2019 One-Time Pad or vernam Cipher.ppt

1/19

One-Time Pad Or Vernam Cipher

Sayed Mahdi Mohammad Hasanzadeh

[email protected]

Spring 2004
mailto:[email protected]:[email protected]


2/19


3/19

exclusive or Operatora b c = a b

0 0 0

0 1 1

1 0 1

1 1 0


4/19

Example message =IF then its ASCII code =(1001001 1000110)

key = (1010110 0110001) Encryption:

1001001 1000110 plaintext 1010110 0110001 key

0011111 1110110 ciphertext Decryption:

0011111 1110110 ciphertext 1010110 0110001 key

1001001 1000110 plaintext


5/19

Why OTP is provably secure? The security depends on the randomness of

the key.

It is hard to define randomness. In cryptographic context, we seek two

fundamental properties in a binary randomkey sequence:

Unpredictability: Balanced (Equal Distribution):


6/19

Why OTP is provably secure? Unpredictability:

Independent of the number of the bits of

a sequence observed, the probability ofguessing the next bit is not better than. Therefore, the probability of a certainbit being 1 or 0 is exactly equal to .

Balanced (Equal Distribution): The number of 1s and 0s should be

equal.


7/19

Mathematical Proof the probability of a key bit being 1 or 0

is exactly equal to .

The plaintext bits are not balanced. Letthe probability of 0 be x and then theprobability of 1 turns out to be 1-x.

Let us calculate the probability ofciphertext bits.


8/19

Mathematical Proofmi

prob.ki prob. ci prob.

0 x 0 0 x0 x 1 1 x

1 1-x 0 1 (1-x)

1 1-x 1 0 (1-x) We find out the probability of a ciphertext bit being 1

or 0 is equal to ()x + ()(1-x)= . Ciphertext looks

like a random sequence.


9/19

OTP is basic idea for stream cipher Encryption : mi: plain-text bits. ki : key (key-stream ) bits ci : cipher-text bits. Decryption : Provably Secure.


10/19

Generator Properties Randomness

Provable security

Bit rate

Key length

Complexity of algorithm Memory

Resistant against every attack


11/19

Drawback in OTP

Key-stream should be as long asplain-text.

Key distribution & Management

difficult.


12/19

Solution Stream Ciphers in which key-

stream is a solution Stream cipher generated in

pseudo-random fashion fromrelatively short secret key.


13/19

Stream Cipher Property

Randomness : Closely related to

unpredictability.Pseudo-randomness :PR sequences

appears random to a

computationally bounded adversary.Stream Ciphers can be modeled as Finite-

state machine.


14/19

Stream Cipher Model

Si

F

G

Si+1

kimi ci

Si : state of the cipher

at time t = i.

F : state function.G : output function.

Initial state, output and state

functions are controlled by the

secret key.


15/19

Stream Cipher Types

Synchronous Stream Cipher

Self-Synchronizing Stream Ciphers


16/19

Synchronous Stream Ciphers Key-stream is independent of plain and

cipher-text.

Both sender &receiver must besynchronized.

Resynchronization can be needed.

No error propagation.

Active attacks can easily be detected.


17/19


18/19

Self-Synchronizing Stream Ciphers Key-stream is a function of fixed number t of

cipher-text

bits. Limited error propagation (up to t bits).

Active attacks cannot be detected.

At most tbits later, it resynchronizes itself

when synchronization is lost.

It helps to diffuse plain-text statistics.


19/19

Self-Synchronizing Stream Ciphers

one-time pad or vernam cipher.ppt

Documents