One other thing. The reason you cannot reuse a onetime pad is easy to show. Given a plaintext P and a key K you obtain a ciphertext C by using XOR: C = P XOR K You transmit C and your partner knows K. He recovers P by XORing again. C XOR K = P XOR K XOR K = P XORing twice gives you the original. Let's say you were stupid enough to send another transmission, Q, using the same K. D = Q XOR K Your attacker presumably heard C and D, and wants to know what P and Q are. He can get you easily with the following by XORing the two ciphertexts, as follows: C XOR D = P XOR K XOR Q XOR K = (P XOR Q XOR Q) XOR K XOR Q XOR K = P XOR Q XOR Q XOR K XOR Q XOR K = P XOR Q It is trivial to attack the XOR of plaintexts P and Q using frequency analysis. Note that this is NOT the same thing as the Prizm boys imply. I need NOT know the plaintext in advance, I only need to intercept TWO ciphertext transmissions. From that I get BOTH plaintexts. I can get the key after that if I want, but who gives a fuck about the key? I already own you and the missiles are on their way. Edited 03032003 02:11 PM
