Back to Contents...

(c) 2000,2015 Peter McCollum

Encryption via a One-Time Pad

This section presents an example of how message encryption was typically done using a "one-time pad" (OTP). An old-timer kindly provided the information and pictures for this section.

A one-time pad is essentially a pad of paper on which each page has a unique set of random letters. The sender and receiver have identical pads. Each letter on the pad is used to determine a single letter of the enciphered message. Since the letters on the pad are random, there is no formula that can be determined by studying the letters. Assuming that the pad is not compromised, and each page is used only once, the OTP system is unbreakable.

The key letters on the pad, and the messages themselves, are typically written in 5-letter groups. This helped the communicators to collate and verify the length of the message, and if something was misunderstood, the receiving person could ask for a certain group to be repeated, etc.

"OTP is a very simple yet completely unbreakable symmetric cipher. To use a one time pad you need 2 copies of the "pad" which will vary in size from something around 8 x 10 inches, or approximately half that size. There are two pads issued to each user. One for encipher and one for decipher, and the key text is printed in red for encipher and black for decipher. Each page of the pad is sealed and must not be opened until actually enciphering or deciphering. Typically the pads are set up in blocks of five letter random groups. The key text may not be reused and pages should be destroyed after each use."

To use the OTP, a method is needed for correlating a letter of plain text with the next letter of the key text (from the pad), to produce a letter of enciphered text. The method used is called a "Vigenere's Tableau", or Vigenere's square (see the first picture, below). The table has the alphabet in the left-most column, and also across the top (printed in black in the picture). For each row, there is a shifted-reverse alphabet (printed in red). So, the "A" row lists the alphabet backwards, beginning with Z. The "B" row begins with Y and ends with "...CBAZ", etc.

To encipher the first letter in a message, go to the row corresponding to the plain-text letter, then go to the column indicated by the first letter on your OTP. The letter at the row-column intersection is the enciphered letter. Note that the Vigenere's table itself does not contain any 'secret' information - it simply provides the mechanism for combining plain and key text into enciphered text.

For example, suppose that the message is "Dead drop Alpha three AM tonight" :

DEADD ROPAL PHATH REEAM TONIG HTXXX ----- this is the plain text

BNJEX KQPBC LZCXV PKTUY QFHNG QWERT ----- this is the key text (from OTP)

VIQSZ YVVYM ZTXJX TLCFP QGFEN CKYLJ ----- this is the enciphered text

One of the two disks that comes with the GRA-71 burst coder device has an extra reversed alphabet enscribed on it, thus allowing it to be used in place of a printed table. The red mark on the coder is aligned with the red letter on the wheel indicating the desired row of the table, then the 2nd and 3rd members of the triad are read from the white letters directly below the red mark.

The two pictures below are the front and back of an actual Vigenere's table (this table can also be called a "Beaufort square", since the alphabets are reversed). The front side is the complete table, while the back is a set of certain 3-letter combinations ("triads") taken from the main table. The triads on the back of the card are chosen because they are relatively easy to remember: AIR, FOG, BAY, HAS, SUN, etc. The more triads that can be memorized, the faster the radio operator can finish his job.

"A memory aide appears on the back of the card. Very helpful until you get good at it. A good radio operator could take a look at the plain text, and key text, and encipher as he sent."

 

The front side of a Vigenere's table card.

 

The reverse side of the Vigenere's table card.

 

Creating Random Sequences for OTP Use

For decades, spy agencies have created many thousands of one-time pad pages. To achieve true security, each and every page must be unique and must be truly random. The concept of “truly random” is important – if the OTP is created using a technique that is only “pseudo-random”, then the cipher system is vulnerable to attack by mathematical methods.

There are a variety of recognized methods for generating a truly random sequence. One method that was practical before the 1950's was a “spinning disk” system: A motor spins a disk that has the alphabet letters equally spaced around the perimeter, and the human operator triggers a flash-tube type of light source, thus illuminating a single letter visible through a small window. This technique is random because the operator can only see the disk when illuminated, and the timing of operating the light will be very unpredictable relative to the speed of the spinning disk.

By the 1950's, new methods became practical which made it possible to automate the process with electronics. Two of the general methods are:

  1. Use an electronic instrument to measure the precise time interval between two randomly-occurring events.

  2. Measure the instantaneous amplitude of an electronic white noise source.

Following is a description of an exercise to build an implementation of method 1) above, using only technology that was available in the 1950's.

Two main pieces of equipment were needed: a way to measure a time interval, and a source of randomly-occurring events. The first requirement was met by using a Hewlett-Packard model 522B electronic counter. In the “time interval” mode, the instrument counts cycles of an internal 100 KC clock. Signals routed to front-panel connectors are used to start and stop the count.

Next, a source of random-time events is needed, so that the 522B can measure the associated random time interval. I chose to use a type 5980 Geiger-Mueller tube for this purpose. A Geiger tube produces a pulse when it detects a particle/wave of ionizing radiation. It is a principle of physics that the time for a given event of radioactive decay cannot be predicted. Therefore a Geiger tube naturally produces a sequence of random-time events. To produce reliable pulses from the Geiger tube, I placed it near a small Radium source: a WWII-vintage toggle switch handle, which has a Radium and phosphorous tip such that it would glow in the dark. The hands from an old Radium-dial wristwatch would serve equally well.

The Geiger tube and several supporting components are mounted in a box that includes a pushbutton switch. When connected to the 522B counter, the button produces a pulse to the “Start” connector, and the Geiger tube's pulse drives the “Stop” signal. So, the user pushes the button to initiate counting at a 100 KC rate, and the Geiger tube subsequently stops the count at some later random time, which is completely out of the user's control. The user then observes the least-significant digit on the counter.

For this exercise, the system produces truly-random digits 0 through 9. It is also feasible to read the lower two digits of the counter, and thus acquire random values in the range of 00 through 99. Some cipher systems are based on digits, but many are based on alphabetic sequences. The technique described here can still be used, but the time-interval counter must be modified to produce a base-26 count, such that the numbers 0 through 25 are assigned to the letters A through Z. Since the numbers/letters are generated electronically, it would also be possible to fully automate the process by connecting the counter to a teletype printer. A circuit could be devised to insert spaces between 5-letter groups, and insert carriage returns where needed.

This is the apparatus for generating random sequences of digits. On top of the HP-522B counter is an HP-711A power supply, which provides about 700 VDC to operate the Geiger tube.

This box contains the Geiger tube and a few support components. The two coaxial cables are connected to the Start and Stop inputs on the counter. The red and black wires are the power input for the circuit. Pushing the button outputs a pulse at the left-side connector. The Geiger tube produces random pulses out of the right-side connector.

The electronics inside the box. The oblong black object is the type 5980 Geiger tube. Below and to the right is a toggle switch handle that has a Radium tip. Moving it closer to the Geiger tube would increase the pulse rate, which might be useful in a fully-automatic number generating system.

This is a typical display on the counter. In this example, the random digit is 6.

This document [ HERE ] from the University of Michigan in 1956 describes a simpler apparatus that also uses the HP-522B counter, but instead of a Geiger tube, it relies on the unpredictable timing of the operator pushing the button. This method is equally effective at producing random digits, but it cannot be automated.



Use of the OTP in the Asia Theater

The following info was provided by Russell Shepherd:

 

I am only knowledgeable of the systems used by the Republic of China (Taiwan) and the US army Special Forces (Asia). The Chinese used a code book in which the kanji characters were listed by their page number, column number & line number. For example, the character for 'man' might be represented by 7234; or page 72, column 3, line 4. I assume this book was not so highly classified, since memorizing a large number of characters would be very difficult.

 

The crypto pads were physically similar to the literal pads with the exception of using four number groups in place of the five letter groups. [The term 'literal pads' refers to the type shown above, which used alphabetic characters. Russ says this was called the 'Diana system'.] The pads were sealed like the literal (Diana) pads were. The number-based system was called 'Calypso'.

 

Upon receiving a group of numbers you would enter it under the group in the decode pad and then do a 'false subtraction' on it. For example, pad group 9321 minus 7234 equals 2197. ['False subtraction' means to subtract without borrowing.]

 

The Chinese also sent their numbers in a 'cut numbers' fashion to speed up transmission time.

One .---- was .-

Two ..--- was ..-

Three ...-- was ...--

Four ....- was ....-

Five ..... was .....

Six -.... was -....

Seven --... was --...

Eight ---.. was -..

Nine ----. was -.

Zero ----- was -

 

The American Special Forces, and I am sure other units in Asia used the same type of numbered pads. The letters of the alphabet were just given a numerical value.

 

Next section...