Suppose you have a really important secret that you need to transmit. Say, you want to plan a surprise party for one of your friends, but you know she has
a working quantum computer in her basement and routinely intercepts your mail.
Are you going to entrust the security of your invitations to the simple factoring of large primes? No, of course not. In extreme cases like this, standard public key
cryptography just doesn't cut it. You need the unbreakable (or at least as unbreakable as your random is random) reliability and utter inconvenience of the one time pad!
But this isn't like the old days
I hear you complain, I have a lot of super-sensitive data to transmit. Far too much to sit there encrypting and decrypting it by hand!
Don't worry, I've got you covered. As chkno points out in kid sister encryption, every lame-ass cipher-kiddie eventually writes what they think is a slick XOR encryption tool. Here's mine. I'll even give you:
Super-duper-easy-to-follow instructions for preparing to reliably send exactly one secure message.
- Get an old computer, but not so old that it doesn't have a CD burner.
- Install a free operating system on your new old computer. Linux, OpenBSD, FreeBSD, YoMamaBSD, OpenBeOS, whatever. Just definitely not Windows, and probably not OS X either. I love Steve Jobs, but I trust him about as far as I could throw him.
- Unplug your new one time pad generation station from the network. Do it. Do it now. No ethernet, no modem, hell, if you can manage it get that sucker off the power grid. Consider moving to an underground bunker before you continue. This is about absolute paranoia, dagnabit. Everyone wants a piece of your data, and all hard-lines are suspect. If you got a throw-away computer with wireless, I hate you.
- Dump around 600 megabytes of random data to a file. Your best bet here is something like cat /dev/random > pad. Give a two year old child some coffee and let them play with the mouse and keyboard while this runs, so as to feed the entropy pool.
- Burn a copy of this file to two CD-Rs.
- Put the CDs in separate sealed envelopes. (No, no, seal them after you put the CDs in them...) Consider lining the envelopes with tin foil or something. If space aliens can read your mind, they can certainly read your optical media.
- Smash the computer to bits. Be thorough. Destroy every last chip. Grind it to dust, and scatter it in several different places.
- Keep one of the sealed CDs for yourself, and at a carefully arranged and concealed meeting, give the other to the friend you want to securely communicate with.
Equally idiot-proof guide to sending your exactly one secure message.
- Repeat steps 1-3 above.
- Open the envelope containing your copy of the one-time pad on CD.
- Copy the pad file to the computer, and destroy the CD. Be as thorough as when you destroyed that last computer.
- Using the perl script below (which you thoughtfully copied to the computer before unplugging it), XOR the data you want to send with the pad file. Mmm, crypty.
- Burn the new XORed file to another CD, and once again destroy the computer.
- Send the XORed file to your friend. Be as careless as you like here! E-mail it, fedex it, publish it in the newspaper, drop leaflets from the sky, etc. As long as you followed all the other steps carefully, this data is utterly useless to everyone but your friend. Take that, your many enemies!
Decryption of your exactly one secure message is left as an exercise for the reader's friend.
#!/usr/bin/perl
# One-time pad cryptography. Yeah, whoo. Pseudomammal > NSA.
# Little script, I hereby commit thee to the Public Domain. (June 24, 2003)
$padfile = $ARGV[0] and $targetfile = $ARGV[1] or die(<<EOF
One-time pad {en,de}cryption. (XOR swings both ways.)
Usage: onetime.pl <pad file> <target file>
I dump to stdout. Try: perl onetime.pl file.pad file.original > file.xor
EOF
);
open(PAD, $padfile) or die("Curses! I couldn't open $padfile.\n");
open(TARGET, $targetfile) or die("Drat! I failed to open $targetfile.\n");
(stat($padfile))[7] >= (stat($targetfile))[7] or die("Well that's a hell of"
. " a thing! Pad $padfile is smaller than target $targetfile.\n");
# The juicy bit.
while(read(TARGET, $targetbits, 1024)) {
read(PAD, $padbits, length($targetbits));
print $padbits ^ $targetbits; # I love you, Perl.
}
close(PAD);
close(TARGET);
# Thanks for playing!