# On the Security and Composability of the One Time Pad

Motivated by a potentially ﬂawed deployment of the one time pad in a recent quantum cryptographic application securing a bank transfer, we show how to implement a statistically secure system for message passing, that is, a channel with negligible failure rate secure against unbounded adversaries, using a one time pad based cryptosystem. We prove the security of our system in the framework Introduction It is well known that the one time pad (OTP) is perfectly concealing, i.e. that given an arbitrary ciphertext where M denotes the message space. Therefore one time pad based encryption is the obvious choice when dealing with unbounded adversaries. However, the one time pad on its own does not suﬃce to implement secure message passing, as it is malleable in the sense that plaintext bits can be ﬂipped by ﬂipping the corresponding ciphertext bit. Recently, a bank transfer of EUR 3000 was secured by quantum cryptography , i. e., a quantum key agreement scheme was used to establish a shared secret and a one time pad encrypted money transfer form was sent. However, in the experiment the integrity of the message was not secured which can have devastating consequences ): Say, the bank transfer form itself contains no authentication mechanism and there is a known position where the amount of money is speciﬁed in digits. Then an adversary can ﬂip bits at these positions. Such a change cannot be noticed at the bank and the resulting cleartext would look like the original message, but showing a different amount of money. Hence the security of a bank transfer as described in cannot be concluded from the security of the (authenticated!) quantum key agreement protocol alone.

## Free download research paper

**Related**

- car security system model
- what is information security
- Security bounds for quantum cryptography with finite resources
- Network Security Issues, Tools for Testing Security
- Challenges in wireless security

SUBMICRON CMOS TECHNOLOGY-lecture notes

Minimalist Cryptography for Low Cost RFID Tags