Score:2

What is the correct order of operations for one-time pad cipher when using subtraction and mod 10 arithmetic?

cn flag

What would be the proper order of operations for OTP encryption/decryption when using subtraction and mod 10? E.g. P - K = C or K - P = C

Most of the sources I have seen do not cover this topic or I didn't grasp the principles behind this encryption well enough. From what I gather it shouldn't matter as long as the pad key numbers (K) are truly random.

For instance:

PLAINCODE:  65417
OTP PAD(-): 47757
-----------------
CIPHER:     28760 

EDIT: From some tests I see that. When used for encryption, whether P + K or K + P to decrypt the original message you need to do C - K, otherwise K - C will not return P. When used for encryption, P - K since C + K will return P, otherwise K + C will not return the original plaincode.

Can someone please explain whether using subtraction or addition for encryption one has a security advantage over the other.

Paul Uszak avatar
cn flag
Why the subtraction? The common and most intuitive method is addition for encryption, and subtraction only for decryption. Irrelevant from a security perspective, but perhaps a little easier on the brain. Have you seen http://users.telenet.be/d.rijmenants/en/onetimepad.htm? Probably the best resource on OTPs anywhere.
SubXi avatar
cn flag
Hey. I did yeah. It is a really the best resource out there, but I didn't find an answer to my question there (I might have missed it). I just wanted to better understand the different variants of the OTP encryption and whether they are equal in terms of encryption strength.
Score:3
ng flag

I advocate for $K-P\to C$ and $K-C\to P$ so that encryption and decryption are identical, as in the binary OTP. Each digit is processed modulo 10.

    OTP PAD K:  47757            OTP PAD K:  47757
  - PLAINTEXT:  65417          - CIPHERTEXT: 82340 
    -----------------            -----------------
  = CIPHERTEXT: 82340          = PLAINTEXT:  65417

Update: from functionality and security perspectives, $P-K\to C$ and $C+K\to P$ is perfectly fine; as well as $P+K\to C$ and $C-K\to P$. What I advocate has a single benefit: the same method/code is used for encryption and decryption.

The reason these three variants allow decryption and are perfectly secure is the same: the set $\{0,1,2,3,4,5,6,7,8,9\}$ is a group under addition modulo $10$ (if the group is not commutative, we need to change $K-C\to P$ into $(-C)+K\to P$ ). Therefore, there is nothing to learn about $P$ from $C$ when not knowing $K$.

SubXi avatar
cn flag
What about when different operations are performed for both encryption (P - K = C) and decryption (C + K = P). Is there any benefit using one over the other?
SubXi avatar
cn flag
Hey, thanks for the explanation! Makes perfect sense.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.