The previous tutorial claimed that a onetime pad is perfectly secure. That is true.
As long as the pad is perfectly random and only the message sender and receiver
have the pad, no attacker can ever figure out the plaintext from the ciphertext.
However, if the pad is not truly random, then the onetime pad system is compromised.
One of the exercises in the previous tutorial told you to use Visual Basic's Rnd statement
to generate onetime pads. Rnd is not really a random number generator. It may look random
to a casual inspection, but it is really not. If you look at the numbers it produces long
enough, you'll find that they eventually repeat.
You can seed Rnd so it generates a particular series of numbers like this:
Rnd 1
Randomize seed_value
If you repeat these steps later with the same seed value, Rnd will produce the same sequence of numbers.
Knowing that, it's easy to break a onetime pad system built using Rnd. The attacker initializes Rnd
using different seed values and then tries to decipher the message using the series of numbers Rnd produces.
Rnd can only have a few billion possible internal states so the attacker only needs to try a few billion
seeds before getting one that produces the same sequence you used to generate your onetime pad.
When the attacker guesses the wrong onetime pad, the plaintext is mostly garbage. The letter frequencies
will be about the same for each letter. When the attacker guesses the right onetime pad, the plaintext
will look like English. Some letters like E will be much more common than others so it is easy for the
computer to know when it has found the right solution.
Back to top
 Write a program that takes as input a ciphertext message written using a Rndgenerated
onetim pad. The program should try different seeds for Rnd until it finds a onetime pad
that recovers the plaintext.
Back to top
Back to main cryptography tutorial
