What's New
Site Map
How To
Tips & Tricks
Q & A
New in VB6
Free Stuff
Awards Received
News Letter
Tutorial: Breaking One-Time Pads
This tutorial explains how to break one implementation of a one-time pad.


Breaking One-Time Pads

The previous tutorial claimed that a one-time pad is perfectly secure. That is true. As long as the pad is perfectly random and only the message sender and receiver have the pad, no attacker can ever figure out the plaintext from the ciphertext.

However, if the pad is not truly random, then the one-time pad system is compromised.

One of the exercises in the previous tutorial told you to use Visual Basic's Rnd statement to generate one-time pads. Rnd is not really a random number generator. It may look random to a casual inspection, but it is really not. If you look at the numbers it produces long enough, you'll find that they eventually repeat.

You can seed Rnd so it generates a particular series of numbers like this:

    Rnd -1
    Randomize seed_value

If you repeat these steps later with the same seed value, Rnd will produce the same sequence of numbers.

Knowing that, it's easy to break a one-time pad system built using Rnd. The attacker initializes Rnd using different seed values and then tries to decipher the message using the series of numbers Rnd produces. Rnd can only have a few billion possible internal states so the attacker only needs to try a few billion seeds before getting one that produces the same sequence you used to generate your one-time pad.

When the attacker guesses the wrong one-time pad, the plaintext is mostly garbage. The letter frequencies will be about the same for each letter. When the attacker guesses the right one-time pad, the plaintext will look like English. Some letters like E will be much more common than others so it is easy for the computer to know when it has found the right solution. Back to top


  1. Write a program that takes as input a ciphertext message written using a Rnd-generated one-tim pad. The program should try different seeds for Rnd until it finds a one-time pad that recovers the plaintext.
Back to top
Back to main cryptography tutorial

 Subscribe to the VB Helper newsletter! 
Copyright © 1997-2001 Rocky Mountain Computer Consulting, Inc.   All rights reserved.
www.vb-helper.com/crypto5.htm Updated