Frank Miller's one-time pad
In December 1917, a twenty-six-year-old engineer at AT&T named Gilbert Vernam fed two spools of punched paper tape into a modified teletype machine in the company’s New York offices. One spool held the message; the other held the key — a random sequence of characters, one for each letter of the plaintext. The machine combined them character by character using a simple binary rule and printed a ciphertext. Vernam patented it in 1919, and a US Army captain named Joseph Mauborgne quickly supplied the crucial restriction: the key tape had to be truly random and used only once. Throw it away after transmission, and the ciphertext was theoretically unbreakable.
It was not quite an invention. Thirty-five years earlier, a Sacramento banker named Franklin Miller had published a small book: Telegraphic Code to Insure Privacy and Secrecy in the Transmission of Telegrams, 1882. Copies went to the Library of Congress, the New York Public Library, and the University of Chicago library, where they sat undisturbed for more than a century.
Miller was a Yale graduate who had taken a bullet at the Second Battle of Bull Run and spent the postwar decades quietly becoming a California banker and a trustee of Stanford University. His codebook was marketed mainly as a commercial convenience — a way to compress wordy telegrams into short numeric codes. But buried in its instructions was the essential idea: if the scrambling key is as long as the message, truly random, and never reused, the ciphertext tells an eavesdropper absolutely nothing. Not “not much.” Exactly nothing.
Claude Shannon supplied the formal proof in 1949 in a Bell Labs paper titled “Communication Theory of Secrecy Systems.” If the key is uniformly random and as long as the plaintext, every possible decryption of the ciphertext is equally plausible. A eavesdropper learns nothing — not because the computation is hard, but because the mathematics are indifferent to any computation whatsoever. Shannon called this perfect secrecy. The one-time pad is the only cipher that has ever achieved it.
The problem, foreseeable from the start, is human. During the chaos of the German invasion in 1941–42, Soviet cipher clerks made a catastrophic error: some one-time pads were printed in duplicate and reused across multiple messages. American and British analysts working under the project codenamed VENONA spent decades exploiting that single lapse, eventually decrypting a small but significant fraction of wartime Soviet diplomatic traffic. The cipher was perfect. Its users were not.
Miller’s priority was lost entirely until 2010, when Steven Bellovin, a computer scientist at Columbia University, pulled the 1882 book from the stacks of the Library of Congress while researching Victorian telegraph codebooks. He opened it, read a few pages, and said: “My God, that’s a one-time pad.”
Miller had died in 1925, twenty-four years before Shannon published the proof that would have confirmed what his book had quietly described. He left no record suggesting he considered the insight particularly remarkable. The first mathematically perfect cipher in history was proposed by a wounded Civil War veteran who had moved on to banking and appears to have mentioned it to no one.
Every encryption system in use today — AES, RSA, every TLS handshake your browser completes — offers only computational security: hard to break, given current mathematics, given current machines. The one-time pad is different. It offers certainty. The key is that nobody can afford to use it properly.
Sources
- Frank Miller (cryptographer) — Wikipedia — Miller’s biography, his 1882 publication, and Bellovin’s 2010 rediscovery.
- One-time pad — Wikipedia — Vernam’s 1917 machine, Mauborgne’s contribution, the four security requirements, the VENONA failure.
- How a California Banker Received Credit for His Unbreakable Cryptography 130 Years Later — IEEE Spectrum — Bellovin’s reaction at the Library of Congress, Miller’s Civil War service, the scope of his obscurity.