cipher;cryptography;secret-key;key-management;stream cipher">
###
Question 93. What is a One-time
Pad?

A *one-time pad*, sometimes called the *Vernam cipher*
[Ver26], uses a string of bits that is generated completely at
random. The keystream is the same length as the plaintext message
and the random string is combined using bitwise exclusive-or with
the plaintext to produce the ciphertext. Since the entire keystream
is random, an opponent with infinite computational resources can
only guess the plaintext if he sees the ciphertext. Such a cipher
is said to offer perfect secrecy and the analysis of the one-time
pad is seen as one of the cornerstones of modern cryptography
[Sha49].

While the one-time pad saw use during wartime, over diplomatic
channels requiring exceptionally high security, the fact that
the secret key (which can be used only once) is as long as the
message introduces severe key-management problems. While perfectly
secure, the one-time pad is impractical.

Stream ciphers (see Question 86) were developed as an approximation
to the action of the one-time pad, and while contemporary stream
ciphers are unable to provide the satisfying theoretical security
of the one-time pad, they are at least practical.