[metaxy2]

It really highlights the amazing security level of one time pads, that they can be comfortably doing secret announcements on a public radio channel with provably perfect security. (Assuming an adequate PRNG--for such small messages they could easily be using a hardware PRNG; I wonder.) Only issue is that you have to have all of your recipients keep track (and not leak) a pad that is at least as long as the data you intend to send.

[mdhb]

Some other properties one time pads that might be less well known but are obvious when you think about them in the context of their use case.

They are very cumbersome to use in real life, encrypting and decrypting is done by hand, it’s error prone as a result and very slow. Nobody likes using them at all.

The part you mentioned about the keeping track of and not leaking it also isn’t really an issue so much in reality.

What you hear on the radio isn’t actually that sensitive on its own hence why it’s happily sent in the clear without the key material to decipher it.

The pads themselves are however highly guarded secrets, usually passed along via a dead drop, only ever exposed to the minimum of people and designed to be very easy to destroy quickly and are a bit flimsy as a result.

But destroying the pad is a part of the whole “how to receive a message securely” process that they go through so it never exists to be used as evidence beyond the time that it’s actually useful.

Also the people handling them are highly trained and trusted individuals who are extremely motivated to be very sensible while working with them as the entire reason you would use a method like this in particular is usually because you will be tortured and shot if discovered.

This is ironically also why it doesn’t make sense usually for that person to have access to and know how to use a shortwave radio. If you get caught with that equipment your fate might be the same either way.

Some fun trivia: the British as far back as the 50s I believe did have some success where they had developed a system that allowed them to essentially use direction finding techniques but for radios that were tuned to a specific frequency even if they weren’t transmitting. It was known as Operation Rafter and is on Wikipedia.

One more example I’ll throw out there if you want to read a cool story is an account of how the ANC (the political group associated with Nelson Mandela) developed their own covert communications system with a lot of similar properties when they were trying to overthrow the apartheid government in South Africa during the 80s and 90s.

It’s a great read https://omalley.nelsonmandela.org/index.php/site/q/03lv03445...

[MOARDONGZPLZ]

> The pads themselves are however highly guarded secrets, usually passed along via a dead drop, only ever exposed to the minimum of people and designed to be very easy to destroy quickly and are a bit flimsy as a result.

One other note here is that OTPs don’t have to be distributed in this manner. An OTP can use something already distributed and readily available to end users, such as a Gideon Bible or something (making sure to get the right edition, printing, etc) that everyone in a hotel room has access to. The key is having access to something, making sure it’s long enough for the series of messages to be encoded/decoded, and that no one else knows what it is.

[mdhb]

I’m not actually a crypto guy and I know of stories where people have done this in serious environments (check the link I posted above for an example) but my understanding is that non random letter distributions like you will find in a book for example will potentially change the level of security you can expect from a OTP substantially against a sophisticated enemy and as a result the randomness is actually very important regardless of key length.

I might be wrong, it’s not my area of expertise.

[MOARDONGZPLZ]

Oh yes, very true. An OTP must have particular properties that words in a book don’t have to be provably secure. However, common materials that the communicators have access to without specific distribution can be useful for OTPs in their own way (though not provably secure).

Good clarification.

[less_less]

> An OTP must have particular properties that words in a book don’t have to be provably secure. However, common materials that the communicators have access to without specific distribution can be useful for OTPs in their own way (though not provably secure).

Using a passage from a book directly as an OTP is not secure at all. It's similar to the result of reusing an OTP: it gives an attacker two messages in (e.g.) English whose sum (using a book as an OTP) or difference (reused OTP) is known. Since the entropy of English is around a bit per character (more or less), and the deltas reveal almost lg(26) ~ 4.7 bits per character, knowing the sum or difference can determine most of the contents of the message in either case.

Reading every n'th letter in the book is probably marginally harder to break, but I still wouldn't rely on it for anything serious.

[uclibc]

Instead of using every n'th letter, how about using a pseudo random number sequence generated by a simple math equation, like the one posted here a few days ago[1], and add that to every letter. With that the data should be shuffled basically beyond recognition though the effort needed to decode has increased even more.

[1] https://news.ycombinator.com/item?id=39091867

[rtkwe]

What you're describing is a book cypher and is a separate thing from an One Time Pad. They can be fairly secure but they're not inherently as secure as one time pads.

[rawling]

> They are very cumbersome to use in real life, encrypting and decrypting is done by hand, it’s error prone as a result and very slow. Nobody likes using them at all.

There's no need for that to be true.

[mdhb]

Don’t worry, it largely hasn’t been for a very long time.

[ezconnect]

I think the British also invented a way to discover non paying public TV broadcast receiver driving around in van with the equipment.

[mike_hearn]

Supposedly the detector vans were a myth. A few appear to have been built, but they were essentially useless after 1950 as the interference from car ignitions started to become more of an issue. But the public didn't know that and the idea of it worked wonders for compliance. The BBC ran campaigns that implied huge fleets of them, but maybe there were only a few in reality.

At some point the BBC were forced under FOIA to admit they'd never prosecuted anyone using evidence from detector vans.

[actionfromafar]

Maybe THAT is the reason why there is so much hush-hush about the detector vans?!

If they used a technique which essentially was considered military secret not too long ago. (Compared to the time when the vans started to appear.)