Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.1 6/24/83; site gatech.UUCP
Path: utzoo!watmath!clyde!akgua!gatech!spaf
From: spaf@gatech.UUCP (Gene Spafford)
Newsgroups: net.crypt
Subject: Re: One-time pads
Message-ID: <4050@gatech.UUCP>
Date: Sun, 19-Feb-84 19:25:36 EST
Article-I.D.: gatech.4050
Posted: Sun Feb 19 19:25:36 1984
Date-Received: Mon, 20-Feb-84 08:52:19 EST
References: <2540@azure.UUCP>
Organization: The Clouds Project, School of ICS, Georgia Tech
Lines: 38

As has been pointed out, it is certainly probable that some run of
truly random digits will result in a readable text, but what is read
may have no relation to the actual message.  In fact, that type of
situation is more likely to occur than the case of a string of zeros
leaving the text unencrypted (consider how many strings of length N
have valid meanings, as opposed to the one "true" meaning).

However, suppose you are the person reading the encrypted message.  If
you see text which happened to be readable and described a recipe for
Aunt Pat's oatmeal cookies, you probably would ascribe to the
randomness of the encryption. (You might also decide to see if it was a
code of some sort (as opposed to cypher)).  On the other hand, if you
saw something like the formula for a new nerve gas, you'd definitely
try to have your chemists put it together and give it a try.  Your
chances might not be good that it was actually a formula for nerve gas,
but if it was, you'd have it.  (Actually, with the kind of randomness
we all know and love: 1) Aunt Pat's cookies could be more lethal; 2)
Aunt Pat's recipe could be encrypted into a valid formula for nerve gas
of which the sender never knew!)

If I send my password via a one-time code and it gets transformed into
some other string of characters, what do you lose by trying that
string?  Nothing, but there is a very small chance that what you have
is a correct password.  In fact, with a truly random sequence, and a
six bit character code with all bits significant, the probability of
finding a six character password unchanged by the encryption is on the
order of 1 in 2 ** 36.  That's not very good, but it may be enough.
However, that kind of probability is usually much more than sufficient
for most applications.

As an aside, a good story embodying some of the thought in this
discussion is "The Library" by Jorge Luis Borges in "Labyrinths."

-- 
Off the Wall of Gene Spafford
The Clouds Project, School of ICS, Georgia Tech, Atlanta GA 30332
CSNet:	Spaf @ GATech		ARPA:	Spaf.GATech @ CSNet-Relay
uucp:	...!{akgua,allegra,rlgvax,sb1,unmvax,ulysses,ut-sally}!gatech!spaf