All at Sea over Ciphers

[GeeKay]

This post refers to the (excellent) primer on codes and ciphers, namely The Code Book by Simon Singh. The question itself concerns the one-time pad cipher, the one form of encryption which is claimed to be truly unbreakable, that's to say proof against any known form of cryptoanalysis. . . short of telepathy? 

One aspect about this cipher is bamboozling me, however. Namely it's this: would it be possible to crack a given one-time pad cipher if one was already in possession of the key? Singh offers this example:

 

Key:            P L M O E Z Q K J Z L R T E A V C R C B Y

Plaintext:   a  t  t  a  c  k  t h e v a  l  l  e  y a  t d a  w n

Cybertext: P E  F O G J J R N U L C E I  Y V V U C X  L

 

Unfortunately, I cannot see how a hacker with full knowledge of both the cybertext and the key would be able to generate the above plaintext. Unlike the key of a Vigenere cipher, for instance, the above key has no obvious structure, contains no recognisable words. It is entirely random, which means it's incapable of providing clues about the plaintext to a would-be hacker. And yet, Singh goes on to state that possession of the key would enable just such a hacker to break the code. But how exactly? Being structureless means the key would resist frequency analysis, for example. Chaos is chaos, after all. The only possibility that comes to mind is that the one-time pad is itself a Vigenere cipher, but this is only a wild guess on my part. Whatever, something fundamental is missing in my understanding of codes and ciphers which I'm simply not getting ☹️

So any help here would be greatly appreciated. Many thanks!  

 

 

 

 

 

 

[swansont]

2 hours ago, GeeKay said:

cannot see how a hacker with full knowledge of both the cybertext and the key would be able to generate the above plaintext. Unlike the key of a Vigenere cipher, for instance, the above key has no obvious structure, contains no recognisable words. It is entirely random, which means it's incapable of providing clues about the plaintext to a would-be hacker.

Just by inspection one can see that the key and cybertext are identical when the plaintext or key is “a”

It looks like it is a Vigenere cipher, where A has no shift, B shifts by 1, C by 2, etc.

But the hacker wouldn’t know what the shift is for A. That would have to be known when encoding and decoding

[Ghideon]

46 minutes ago, swansont said:

It looks like it is a Vigenere cipher

Correct*.

3 hours ago, GeeKay said:

Whatever, something fundamental is missing in my understanding of codes and ciphers which I'm simply not getting

To decipher Vigenère you use the chiphertext, the key and also a table. in this case:

a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z 
b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z,a 
c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z,a,b 
d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z,a,b,c 
. 
. 
. 
z,a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y

Wikipedia has a description and an example:

Quote

A table of alphabets can be used, termed a tabula recta, Vigenère square or Vigenère table. It has the alphabet written out 26 times in different rows, each alphabet shifted cyclically to the left compared to the previous alphabet, corresponding to the 26 possible Caesar ciphers .... 
Decryption is performed by going to the row in the table corresponding to the key, finding the position of the ciphertext letter in that row and then using the column's label as the plaintext.

See https://en.wikipedia.org/wiki/Vigenère_cipher and https://en.wikipedia.org/wiki/Tabula_recta

https://en.wikipedia.org/wiki/Tabula_recta#/media/File:Vigenère_square_shading.svg

 

*) I verified that the encryption / decryption matches standard Vigenère (using online tool https://cryptii.com/pipes/vigenere-cipher)

Edited November 22, 2022 by Ghideon
correction & clarification

[GeeKay]

So the OTP is a Vigenère cipher, after all. Simon Singh does a good job explaining Vigenère ciphers in the book - good enough for a tyro like me to understand the tabular process. The take-home message then is that a third-party can get an OTP's plaintext from the (revealed) key by the above method. Thanks also for the links.