用一次性一密本编码的信息可以与随机噪声区分开来吗?
据我所知,正确使用的一次性密码的密文绝对不会泄露有关加密消息的任何数据。
这是否意味着无法区分使用一次性密码本加密的消息和完全随机的噪声?或者是否有某种理论方法可以确定是否存在消息,即使您无法了解任何信息?
I understand that the cyphertext from a properly used one time pad cypher reveals absolutely no data about the encrypted message.
Does this mean that there is no way to distinguish a message encrypted with a one time pad from completely random noise? Or is there some theoretical way to determine that there is a message, even though you can't learn anything about it?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
无法确定字符串是否已使用 OTP 加密。通过选择适当的密钥,您可以生成相同大小的任何字符串。
例如(来自 Wikipedia One Time Pad 文章),明文“HELLO”可以是使用密钥“XMCKL”加密,给出密文“EQNVZ”。但可以找到产生任何 5 个字符明文的密钥,例如“LATER”。如果没有原始密钥,就无法确定原始明文。
如果重复使用 OTP,则它可能会被“破坏”(因此不再是一次性密码本)。 Venona 项目 是重用 OTP 时可能发生的情况的一个示例。
OTP 的一个主要缺点是您必须安全地分发与要编码的明文大小相同的密钥。
There is no way to determine if a string has been encrypted with a OTP. You can produce any string of the same size by choosing an appropriate key.
For example (from the Wikipedia One Time Pad article), the plaintext "HELLO" can be encrypted with the key "XMCKL", giving ciphertext "EQNVZ". But it is possible to find keys which produce any 5 character plaintext, such as "LATER". There is no way to determine the original plaintext without the original key.
A OTP can be 'broken' if it is reused (and therefore is no longer a one time pad). The Venona Project is an example of what can happen when OTPs are reused.
A major drawback to OTPs is that you must securely distribute a key equal in size to the plaintext to be encoded.
如果您的一次性便笺簿是完全随机的,那么与之进行异或运算的任何内容也是随机的(假设您的消息与一次性便笺簿的内容没有/低相关性)。
If your one-time pad is completely random, then anything XOR'd with it also is (assuming your message has no/low correlation with the contents of the one-time pad).