There was a recent news story on BBC about a pigeon leg found with an encrypted message from WW2. This story describes the use of what is known as a “One Time Pad.” Manual message encryption may be performed by using a message and a key of the same length. The characters are assigned numerical values, and added together modulo the length of the character set. For instance, if ‘A’ from your message is assigned a 1 and ‘C’ is from your key is assigned a 3, the coded message would use 1+3=4 which is a ‘D’. If you reach the end of the alphabet, you wrap around, so ‘Z’ (26) plus 1 goes back to ‘A’. Our clocks work this way. We know that in time, 11 + 3 hours = 2 o’clock in the 12 hour format, and that 2100 + 5 hours = 0200 in the 24 hour format. This is modulo addition.

The One Time Pad is the encryption key. The pad may contain different keys for different days. A disadvantage is that if an enemy gets a key, then your encoded messages are compromised. The cool thing about a one time pad is that if it is truly random, the encoded message can not be broken. The encryption is not produced by a mathematical process, so even a very fast computer can’t crack it.

Here is a simple example. I can tell you that tomorrow I will tell you a number, and you should add 5 the the value to know the true number. Tomorrow I tell you the number is 11. You know that the answer is 16. There is no possible way for anyone else to know that the right answer is 16 unless they heard me tell you that the key is 5.

One person has already claimed to have cracked the WW2 message, but this is because he might have had the correct key.

So here is a practical, modern application of this process. Let’s say I want a password reminder list, but I feel unsafe about keeping it on my laptop while I travel, even if the list is protected somehow. If I One Time Pad encrypt my passwords with a key that I can remember, but not write down, I should be able to openly carry a list around with me and decrypt my passwords if I need to. I can do it manually, on paper, just like the soldiers did it during the war in the battlefield. You can remember your key if it is a sentence or some long word. That will not be a random key, but if your password is a bunch of random characters, the coded item is totally safe.

I worked this out in Excel. Here is a simple example, and here is a PDF printout of the spreadsheet.

Here are some important details about Excel.

I find the numerical value of the character in cell F8 using

=CODE(F8)-33

I removed the first 32 ASCII characters for my encoding set so that I only use upper and lower case letters, all the numbers, and punctuation characters, just like you would use in a password. I also removed the space character.

Modulo addition is performed on cells G8 and J8 using the following

=MOD(G8+J8,94)

This is cell G8 added to cell J8, modulo 94. There are 94 characters in my complete character set.

I find the character associated with the numerical value using the following.

INDEX (B3:B96,M8+1)

My character set is in cells B3 to B96, and I want the one corresponding to the value of cell M8 plus 1.

Dear Blog viewers, my One Time Pad spreadsheet does seem to work, and I think I have the facts straight, but please let me know if I have any of the facts or mathematics wrong here and I will correct any mistakes.

A One Time Pad is similar, in principle, to the random lists of Enigma daily key settings. And Modulo addition reminds me how the Enigma rotors rotate the pattern around every 26 letters. And we know the story on how hard that was to crack. I just read an interesting article about password vulnerability in the most recent Wired. http://www.wired.com/gadgetlab/2012/11/ff-mat-honan-password-hacker/

Great point. If you turn my character set in to a wheel and spin forward according to the character you need to encrypt, that is the same as modulo addition. Modulo subtraction is nothing but spinning it back the other way. My understanding is that Enigma was only cracked after a device was captured. I will check out the Wired article. Thanks.

Enigma is NOT an OTP system. In OTP every character has a unique random addition or substraction. Enigma used a key over and over again for different messages (granted, a lot of keys were possible). That combined whit standard message format gave an insight into wich key was used

you can just throw the entire ansi code stuff out the window.. you can use any kind of set of characters you make up if you just use the lookup function

example in cell G8 put =LOOKUP(F8,B3:B96,A3:A96)

etc

also in L8 put =LOOKUP(M8,A3:A96,B3:B96)

etc

same results, except you dont need to start counting from 0 or subtracting 33 just to deal with the ansi character ordering.. you can put letters/numbers/symbols in any order you want or large or small as you want this way

Thanks for your comment.