The previous tutorial claimed that a one-time pad is perfectly secure. That is true.
As long as the pad is perfectly random and only the message sender and receiver
have the pad, no attacker can ever figure out the plaintext from the ciphertext.
However, if the pad is not truly random, then the one-time pad system is compromised.
One of the exercises in the previous tutorial told you to use Visual Basic's Rnd statement
to generate one-time pads. Rnd is not really a random number generator. It may look random
to a casual inspection, but it is really not. If you look at the numbers it produces long
enough, you'll find that they eventually repeat.
You can seed Rnd so it generates a particular series of numbers like this:
If you repeat these steps later with the same seed value, Rnd will produce the same sequence of numbers.
Knowing that, it's easy to break a one-time pad system built using Rnd. The attacker initializes Rnd
using different seed values and then tries to decipher the message using the series of numbers Rnd produces.
Rnd can only have a few billion possible internal states so the attacker only needs to try a few billion
seeds before getting one that produces the same sequence you used to generate your one-time pad.
When the attacker guesses the wrong one-time pad, the plaintext is mostly garbage. The letter frequencies
will be about the same for each letter. When the attacker guesses the right one-time pad, the plaintext
will look like English. Some letters like E will be much more common than others so it is easy for the
computer to know when it has found the right solution.
Back to top
Back to top
- Write a program that takes as input a ciphertext message written using a Rnd-generated
one-tim pad. The program should try different seeds for Rnd until it finds a one-time pad
that recovers the plaintext.
Back to main cryptography tutorial