related topics {math, number, function} {system, computer, user} {@card@, make, design} {war, force, army} {work, book, publish} {law, state, case} {acid, form, water} {service, military, aircraft} {language, word, form} {game, team, player} {rate, high, increase} {math, energy, light} {disease, patient, cell}

In cryptography, the one-time pad (OTP) is a type of encryption, which has been proven to be impossible to crack if used correctly. Each bit or character from the plaintext is encrypted by a modular addition with a bit or character from a secret random key (or pad) of the same length as the plaintext, resulting in a ciphertext. If the key is truly random, as large as or greater than the plaintext, never reused in whole or part, and kept secret, the ciphertext will be impossible to decrypt or break without knowing the key. It has also been proven that any cipher with the perfect secrecy property must use keys with effectively the same requirements as OTP keys.[1] However, practical problems have prevented one-time pads from being widely used.

The one-time pad was invented in 1917 and patented a couple of years later. It is derived from the Vernam cipher, named after Gilbert Vernam, one of its inventors. Vernam's system was a cipher that combined a message with a key read from a paper tape loop. In its original form,[citation needed] Vernam's system was not unbreakable because the key could be reused. One-time use came a little later when Joseph Mauborgne recognized that if the key tape were totally random, cryptanalytic difficulty would be increased.

The "pad" part of the name comes from early implementations where the key material was distributed as a pad of paper, so the top sheet could be easily torn off and destroyed after use. For easy concealment, the pad was sometimes reduced to such a small size that a powerful magnifying glass was required to use it. Photos accessible on the Internet show captured KGB pads that fit in the palm of one's hand,[2] or in a walnut shell.[3] To increase security, one-time pads were sometimes printed onto sheets of highly flammable nitrocellulose.

There is some ambiguity to the term due to the fact that some authors use the terms "Vernam cipher" and "one-time pad" synonymously, while others refer to any additive stream cipher as a "Vernam cipher", including those based on a cryptographically secure pseudorandom number generator (CSPRNG).[4]