Is there an encryption algorithm that is fully secure?

Yes, it's called One Time Pad, and we don't use it in SSL/TLS because key-exchange is problematic at scale.

I will point out that with the rapid decline in the price of various types of storage, One Time Pad's use for smaller communications such as e-mails is more practical now than it ever has been simply because the cost of giving someone something like a large USB Flash Drive with a large "pad" on it didn't exist in a practical sense a few years ago. Still, as the price approaches zero, this becomes trivial to do. As storage costs continue to approach zero, this could become more useful for a wide variety of uses in the future, but the key-exchange problem will still exist.


The only theoretical algorithm that can fulfill that is OTP, one-time pad.

See the question How is the One Time Pad (OTP) perfectly secure?.

We don't use it in anything common for a few reasons:

  • Its security depends on having as much truly random data as we have data to transmit, and that random data has already been sent to both parties securely, and is never reused.

    • This is impossible because we don't actually have truly random data.

    • Even with nearly random data, which is difficult to obtain and requires sampling certain aspects of the real world in as unbiased a fashion as possible, this is very expensive - 4 GB of key to watch 4 GB of secure video.

    • Each transmitter/recipient pair should have independent random data.

  • It does not provide any data integrity features in and of itself, while many of our other algorithms and implementations do.

    • @CodesInChaos has mentioned that Polynomical MACs can be used in conjunction with OTP to provide this

We do use OTP in a few rare contexts, but generally only to send a key for one of the more common algorithms.


In fact, the one-time pad (OTP) encryption technique is the only proven unbreakable encryption system. It is simple to use, it only uses the XOR operation, and is so secure that the ciphertext is literally uncrackable if done correctly.

The dark side is that it requires a lot of pre-shared data which gets used up as you encrypt data. When you run out, you have to share more of this data if you want to keep communicating with that person.

This pre-shared data is the key used for encryption and unencryption. If someone were to intercept a message between you and your target person, they may not be able to get your plaintext out, but if they can keep that message from getting to your target, and do so in a way that you aren’t aware of, they can completely break your communication channel.

Tags:

Encryption

Recent Posts