3
$\begingroup$

It is my understanding that one-time pad encryption is the only unbreakable encryption, but suffers from the management of huge keys, and the secure distribution of those keys.

Could one-time pads be used without key distribution to create secure communication?

Example Scenario:

  1. Adam encrypts his message to Bob with a one-time pad (OTP) Adam generated and then sends the ciphertext to Bob.

  2. Bob encrypts Adams ciphertext using a second OTP Bob generated and then sends it back to Adam.

  3. Adam attempts to decrypt the message using the original OTP he generated, then sends the results back to Bob.

  4. Bob decrypts the message using his OTP.

  • 0
    Though this idea is useless with OTPs, it *is* very useful with regards to other commutative encryptions. See, for example, my comments to [this answer](http://mathoverflow.net/questions/29323/math-puzzles-for-dinner/29456#29456) (use [rot13.com](http://www.rot13.com/index.php) to read comments)2011-01-17

1 Answers 1

7

Let $M$ be the plain text, and let Adam's and Bob's one-time pads be $A$ and $B$. If I have understood you correctly, what you suggest is:

Adam sends Bob $M \oplus A$
Bob sends Adam $M \oplus A \oplus B$
Adam sends Bob $M \oplus B$

This doesn't work, because an eavesdropper can recover the plain text by

$M = (M \oplus A) \oplus (M \oplus A \oplus B) \oplus (M \oplus B)$

  • 0
    Perfect. Easy to understand why my idea is no good.2011-01-17