Security Basics mailing list archives
Re: One-Time Pad software?
From: FocusHacks <focushacks () gmail com>
Date: Sat, 3 Feb 2007 01:08:34 -0600
Thanks for the information, guys. As far as one-time pads being the same length as the cleartext, I know how it works. If a spy of days past had a very long message to encrypt, he may need to use more than one page of his paper pad. By the same token, if I have a large binary file to encrypt, but have stored several small files of random data to use as my pad (and the receiving party has the same files and knows in which order to utilize them), I would expect a tool to be able to handle the task. It's not convenient to generate a perfect-length pad file for every ciphertext message I wish to transmit. Looping a 20k file over a larger cleartext message would not be OTP, it'd be a simple running key algorithm that'd be a lot easier to break with simple heuristics. Sure, it'd be a 20 kilobyte key, a lot less trivial than looping an eight-letter lowercase word as a key, but it wouldn't be nearly as good as a genuine OTP. The reason I'm thinking small files is because on solid state media (for instance, volatile storage in a PDA), it's easy to securely erase one file at a time, which is much like burning the piece of paper you just used. correctly implemented, OTP is both computationally trivial to perform, yet "perfectly secret", so long as the pad remains secure. I'll definitely look into some of the tools listed, and I'll start tinkering around on my own, I have a few ideas now. Cheers! --Noah On 2/2/07, Atom Smasher <atom () smasher org> wrote:
On Fri, 2 Feb 2007, FocusHacks wrote: > I am looking for software implementations of one-time pad encryption. > Ideally, these would be cross platform, and command line open-source > would be even better. This is mostly for fun, and I've considered just > sitting down and writing my own, which I may very well do anyways, once > I see what else is out there. =========================== command line; open source (GPL); fun: http://www.freebsd.org/cgi/url.cgi?ports/security/pad/pkg-descr http://www.freshports.org/security/pad/ http://web.archive.org/web/20011030104813/www.lammah.com/pad/ i've played with it... it's a fun toy, and may be useful for more. not too many command line options, but the ones it has are very useful. also useful is that the ciphertext can be broken into more than just 2 shares, and that you can specify a pad or have one generated on the fly. -- ...atom ________________________ http://atom.smasher.org/ 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808 ------------------------------------------------- "Your password must be at least 18770 characters and cannot repeat any of your previous 30689 passwords. Please type a different password. Type a password that meets these requirements in both text boxes." -- Microsoft takes security seriously in Knowledge Base Article Q276304.
-- http://www.FocusHacks.com - The Ford Focus Modification Site! http://www.focushacks.com/focushacks-gpg.txt - My GPG encryption key
Current thread:
- One-Time Pad software? FocusHacks (Feb 02)
- Re: One-Time Pad software? Thierry Zoller (Feb 02)
- Re: One-Time Pad software? profeten (Feb 02)
- Re: One-Time Pad software? Atom Smasher (Feb 05)
- Re: One-Time Pad software? FocusHacks (Feb 05)
- Re: One-Time Pad software? Atom Smasher (Feb 05)
- Re: One-Time Pad software? FocusHacks (Feb 05)
- <Possible follow-ups>
- Re: One-Time Pad software? profeten (Feb 05)
- Re: One-Time Pad software? FocusHacks (Feb 14)