This means you have to extend your concepts of brute-force and guessing to include determining which cleartext message is the correct one. If the message is that short, then indeed there is no way to determine from the message alone. Yet even this example gives us tons of info -- we know the attack won't come near midday or midnight, so we only have 2 times to prepare for an attack. This isn't as good as knowing exactly when, but it's better than having no idea of when.
This feels like a skill used by those who guess on tests.
It's not just two messages. The key (sometimes called a keystream) is as long as the message itself, so one can construct any message just by selecting the appropriate key and no information is revealed about whether or not this plaintext is correct.
An attacker may as well just try to guess the message directly and thus dispensing with the pointless process of guessing a keystream and XORing it with the ciphertext.
This is the feature of One Time Pads that gives them a kind of provable security that is not possible to prove for any system in which the key shorter than the message.
You're making a fool of yourself. Try again to look at the basic concept. For EVERY POSSIBLE cleartext of the correct length, there is a key that decodes your ciphertext to it. Every. Possible. Cleartext.
Pick whatever method you use to decide if a cleartext 'makes sense'. EVERY POSSIBLE message that fits your criteria will be output during the brute forcing process.
You don't seem to realize just how nigh-infinite the number of different keys there are. If I give you a kilobyte blob of one-time-pad data, it could be any [sub-minute-long] sentence that has ever been spoken or ever will be spoken in the history of the human race, in any language.
.
I can explain it a different way, that will explain how you can kill the signal. Okay so the original message has 0s and 1s.
1. What happens if we take a 1 and have a 50% chance of flipping it: we get a 0 50% of the time and a 1 50% of the time.
2. What happens if we take a 0 and have a 50% chance of flipping it: we get a 0 50% of the time and a 1 50% of the time.
3. What happens if we know someone had a 0 or 1 and had a 50% chance of flipping it: we get a 0 50% of the time and a 1 50% of the time.
4. What happens when we try to figure out the original bit: Well both 0 and 1 have the same output, so it is fundamentally impossible to figure it out without knowing if they flipped it.
5. Repeat for every bit. Store which ones you flipped. Congratulations, you have a one-time-pad utilizing the XOR method of application.
.
Also you're right that adding noise as in addition won't mask a signal, but we're not 'adding'. We're looking at the signal, and the completely random noise, and marking down whether they match or not. If I tell you that bits 1, 2, 3, 5, and 8 matched my coin flips that doesn't tell you a single thing about what my data was.
Shannon proved it rigorously. It's also intuitive if you understand how a OTP works. This is probably the most solid proof in all of cryptography.
http://en.wikipedia.org/wiki/One-time_padThe final discovery was by Claude Shannon in the 1940s who recognized and proved the theoretical significance of the one-time pad system. Shannon delivered his results in a classified report in 1945, and published them openly in 1949.[3] At the same time, Vladimir Kotelnikov had independently proven absolute security of the one-time pad; his results were delivered in 1941 in a report that apparently remains classified.
This feels like a skill used by those who guess on tests.