Homepage
Crypto
Index
Glossary
Enigma
Hagelin
Fialka
Nema
AT&T
Datotek
Gretag
HELL
ITT
Motorola
Mils
OMI
Philips
Racal
Siemens
STK
Tadiran
Telsy
Teltron
Transvertex
TST
USA
USSR
UK
Yugoslavia
Voice
Hand
OTP
EMU
Mixers
Phones
FILL
Codebooks
Algorithms
Spy radio
Burst encoders
Intercept
Covert
Radio
PC
Telex
People
Agencies
Manufacturers
• • • Donate • • •
Kits
Shop
News
Events
Wanted
Contact
About
Links
   Logo (click for homepage)
One-Time Tape   OTT
Teleprinter version of the OTP

One-Time Tape, or OTT, is an automated digital variant of the so-called One-Time Pad, or OTP. When correctly applied, OTT-encrypted messages are unbreakable. OTT is best explained as a practical implementation of the OTP Cipher for use with telegraph equipment, also known as Teleprinters or Telex, using a 5-bit digital code (often ITA-2, baudot) for the exchange of data.
 
A key tape is generated by recording the data of a random number generator (noise). The Vernam Principle is then used to combine each plaintext character with a single character from the key tape. As a simple XOR-operation is used for this process of 'mixing', the same key tape can be mixed again with the ciphertext at the receiving end, in order to recover the plaintext again.

Machines that use OTT, are commonly called mixers. A good example is the ETCRRM that was used for many years on the Washington-Moscow teleprinter hotline during the Cold War.
  
Siemens M-190 mixer machine

Another good example of a Mixer, that was also used on the Washington-Moscow Hotline, is the Siemens M-190. Over the years, a variety of mixer machines have been developed and produced world-wide by various manufacturers. They were generally used at the top level of a command chain, for messages that had to remain secret indefinitely. They are generally unclassified.

 Mixer machines on this website
 
Principle
Most mixers, or OTT machines, use data from a teleprinter machine or from a paper-tape reader as input. Such data is generally stored in 5-bit digital format, commonly in ITA2 code (baudot), but other data formats are also possible. Plain text is either entered directly on the keyboard of the teleprinter (online), or is stored on a punched paper-tape first and replayed later (offline).

<i>Mixing of the <b>plain text</b> and the <b>key</b></i>

The above illustration explains how the mixer works. Each letter of the Plaintext is added to a letter from a Key tape, using an exclusive-OR, or XOR, operation. In mathematics this is known as modulo-2 addition. In cryptography it is known as the Vernam Cipher. It has the advantage of being reversible: by adding the key stream to the ciphertext, the original plaintext is retrieved.

 More about the Vernam Cipher
 
OTT generation
When using OTT equipment, or mixers, a sufficient supply of key tapes was mandatory in order to keep up with the constant flow of messages. Key tapes were initially produced manually with so-called manual tape punchers, but this had numerous drawbacks, such as the long time it took to produce a single tape and the lack of randomness in the human mind when pressing the buttons.
 
To overcome these drawbacks, the process was automated and machines were developed for creating the (pseudo) random key streams and punching them onto 5-level paper tape. Initially, mechanical methods were used for producing the key stream, but as these too lacked sufficient randomness, noise generators were introduced.

The image on the right shows the 5224, one of the first key tape generators that were available on the market, made by Reichert Elektronik in Germany (now: Mils in Austria). It has a built-in white noise generator and produces two tapes.
  

In order to ensure that both key tapes are identical, they are punched simultaneously in a single tape puncher. Futhermore, the machine has 10 counters, to keep track of the number of zeros and ones that are generated. In a truely random system, they should be distributed evenly.
 
Although noise generators were already in use during WWII for creation of one-time keys for the SIGSALY transatlantic secure voice link between the UK and the US, most OTP and OTT systems that were used during the war and shortly thereafter, used mechanically generated (and therefore deterministic) pseudo random keys.

The Siemens T-43 mixer, for example, used two Siemens T-52 Geheimschreibers in series for the generation of its key tapes. If the codebreakers at Bletchley Park had known this, it would have been relatively easy for them to break the cipher.
  

In 1952, Dr. Werner Liebknecht, a developer at C. Lorenz AG in Stuttgart (Germany) was the first one to publicly file a patent for a Random Number Generator (RNG) based on a white noise source. It produced evenly spread non-deterministic numbers that were idealy suited for the generation of One-Time Tapes. The patent was bought by Willy Reichert in Trier (Germany) who used it to build the first commercially available OTT generator on the market: the Würfel (Dice).

 More about the 5224
 
OTT distribution
Like with the manual OTP cipher, OTT systems suffer from the same key distribution problem. Especially in applications where communication takes place on a large scale, such as in the Army, one has to ensure that a sufficient supply of fresh (unused) key tapes is available at all times.
 
Although this may seem a simple requirement, it often caused logistics problems with Army units in remote locations and aboard ships. Key distribution would be seriously hampered, or indeed be completely impossible, in the event of a war, e.g. when operating behind enemy lines.

Key-tape shortages have led to several security incidents and compromises in the past. Some operators re-used an old key-tape, or used it in reverse direction. There are even stories about operators who taped a one-metre piece of key-tape together and used it as an endless loop...
  

For this reason, most Armies abandonned the use of OTT machines and replaced them by cipher machines with a built-in key generator. Such key generators generally consisted of a (pseudo) random number generator (PRNG) that was seeded by a much shorter KEY. Good examples of such machines are the Philips Ecolex X, the Philips Aroflex and the KL-51 (RACE). Although such machines are often advertised as a more practical implementation of the OTP, they do not meet the requirements of an OTP and are never absolutely safe. They are just much more practical.

Nevertheless, OTT machines remained in service for many years, for messages that had to remain secret indefinitely, such as at the highest level at NATO, in diplomacy and on the Washington-Moscow Hotline. Today, the principle of the OTP/OTT is often implemented with computers, but this poses a real security threat as there is no such thing as a secure personal computer.
 
References
  1. AIVD, One-Time Pad and OTP concealment
    Dutch General Intelligence and Security Service. October 2010.

  2. Detlev Vreisleben, Personal collection of One-Time Pads
    Photographed by Crypto Museum. Köln (Germany), 20 March 2010.

  3. Wikipedia, One-time pad
    Retrieved January 2013.

  4. Dirk Rijmenants, Secure Communications with the One Time Pad Cipher
    Paper (English) 2009-2014. Version 6.2, 18 December 2014.

Further information

Any links shown in red are currently unavailable. If you like the information on this website, why not make a donation?
Crypto Museum. Created: Saturday 08 September 2012. Last changed: Friday, 30 December 2016 - 09:29 CET.
Click for homepage