Here is the space you can let loose, scream, shout or in any other way express what you think about our suggestions and website. However, if you refer to comments from other readers keep it civil. When you refer to us never mind, we have grown a thick skin over the last few years and we won't censor your comments, as long as they stay on the subject and don't involve advice on personal relationships. There are other websites that give advice on these subjects. To contact us use the contact page on the Home page.

The article in the link below might get you into the right mood to post a comment, since it is very critical of OTPs and applications build around it. Tenor in it is that in general people developing and selling these kind of applications deal in snake oil and use crypto magic; meaning their solution is based on a secret they don't want to reveal. Not very flattering for us since it accuses us of acting like peddlers, moving from village to village and town to town, trying to deceive people and rip them off.

Online blog: 25th of March 2015, Dr Joseph Bonneau

Our Comment:

Readers who have read our Blog refering to the OTP, will know that there is no hidden secret, no snake oil or crypto magic. The only secret involved, is a short reusable secret shared between parties using our approach and to prove our point, pencil and paper are enough. Should you, the reader have found a way to predict the exchanged secret, the selection of mapped characters or the cipher characters, we are keen to hear from you.

The second article also points out the problems an encryption via OTP might cause. It also tries to imply that a correctly operated OTP doesn't provide security for its users, because of the method the cipher is transmitted. In the article the peddlers dealing in snake oil are replaced by hucksters, which again isn't a flattering label for developers of OTP applications.

Online blog: 18th of Sept. 2020, Matt Blaze

Our Comment:

The second article is focusing more on the operational pitfalls and points to the reuse of key material by mentioning the Venona project run by the US and the British intelligence community. However, it starts of with the exposure of a Russian spy ring in the US by the FBI. The conclusion is given in the last paragraph, which we have displayed underneath in full, since it contains an advice for the readers of the article.

One time pads can be a cryptographic landmine. They have a very attractive property - provable security! - but at the cost of unforgiving operational assumptions that can be hard to meet in practice. OTPs have long been a favorite of hucksters selling supposedly "unbreakable" encryption software. So remember this story next time someone tries to sell you their super-secure one-time-pad-based crypto scheme. If actual Russian spies can't use it securely, chances are neither can you.

What both article have in common is the dislike of OTP encryption and the belief that it is something users of encryption should avoid. Both tell their readers that this kind of encryption is based on strong assumption, which would be difficult, if not impossible to meet. Naturally all the proof provided leads us to Shannon and his mathematical proof of perfect secrecy ^*1). It's justified to say that they start their proof with an assumption; that assumption is a plaintext, which in its own right can be measured. In a comment on his Twitter account Matt Blaze also mentioned the alleged snake oil in OTP applications, when writing about the same application Joseph Bonneau criticizes in his article. ^*2)

Readers who are interested in mathematics and would like to know more about Unicity and Entropy can follow the links, but for the rest of us let's start the discussion.