One of the biggest issues with data encryption is that almost all encryption can be decrypted by a determined “enemy” with enough computer resources and sufficient time.
Ciphers that are based on a password can be broken by brute force techniques such as trying every every single password. Longer passwords help but at best they simply buy you some time.
The rapid development of quantum computers may soon allow much faster factoring of prime numbers and threaten ciphers such as RSA which exploit the difficulty factoring large prime numbers.
Wouldn’t it be great if there was a cipher that couldn’t be broken by any modern computer? Would you like a cipher that could NEVER be broken?
It turns out that one cipher, the one-time pad cannot be broken if properly implemented. This cipher has been around for a long time and was originally done with a pencil and paper. You can read more about it here.
I won’t discuss the details here, but basically each of the two parties that want to communicate has a copy of a code pad (book) of random numbers. To encrypt a message the numeric value of each letter of the message is “added” in a particular way to the corresponding random number in the pad. The random number is then crossed out on the pad so it is never used again. The process reversed on the receiving end.
As long as truly random numbers are used and no one gains access to the code pad the message can never be decoded. Any brute force attempt to decode the message using every possible list of random numbers will produce every possible message that could exist with the same length and is therefore of no value.
This technique is pretty useless for most e-commerce due to the difficulty of securely exchanging code pads and the pad must be large enough for all the messages to be exchanged. Nevertheless the one-time pad still has its place.
I wrote a computer program some years ago called OTP-PC that implemented the one time pad and addressed several of the issues with the paper version.
The story behind the creation of OTP-PC was pretty interesting.
In the early 1990’s my wife and I were stationed at the Charles Darwin Research Station in the Galapagos islands during a time of civil unrest related to the illegal sea cumber (Pepino) fishery.
We had e-mail at the station but I was worried that our mail might be monitored and I began working on ways to have secure communication.
I was a member of the Cypherpunks mailing list at the time and learned a lot about encryption and security from the list. Being a member of that list was one of the most enjoyable and educational experiences I ever had on line. You can Google “jpinson@fcdarwin.org.ec” to see some of the old posts, but please don’t use that email address because it no longer exists :-).
I wanted to thank the Cypherpunks for all the information I had received from them so I wrote OTP-PC and released it under a concept I created called “DonorWare”.
The concept of DonorWare was that anyone using the program should make a donation to the Charles Darwin Foundation, or to any worthy group of their choosing and let me know about it.
There was some concern at the time that it was against the U.S. law to export strong ciphers but I was not living in the states at the time.
Interestingly I never used OTP-PC while in Galapagos. Instead I created a PGP based mail relay that allowed anyone to write to my UNIX email address in the U.S. and have my mail account script automatically encrypt the message and forward it to me. Likewise I could send a PGP encrypted message from Galapagos to the UNIX system and have it decoded and reset to it’s destination. The idea was first described by me at http://cypherpunks.venona.com/date/1994/11/msg00249.html (this link no longer works..)
OTP-PC had the following feature:
-Automatic compression of plain text messages prior to encryption.
Compression reduces consumption of the pad, and masks the size of the
original document. (compression can be overridden)
-Automatic wiping of the pad (codebook), to prevent reuse on both
encryption and decryption.
-Wiping and deletion of intermediate compressed files.
-Two stage cipher text headers. The first stage header is un-encrypted,
and contains information needed to start decryption. The second stage
contains sensitive information, and is encrypted.
-A 32 bit CRC stored in the encrypted header verifies reconstruction of
the original file.
-A verbose mode which displays encryption/decryption statistics.
I uploaded the file to Cypherpunks on January 5, 1994. The uploaded message can be seen here
The program was written using the Borland C++ complier for MS-DOS so it is pretty useless today but I am making it available for download for coders who may want to see it.
I hope to update OTP-PC so it will compile with the GNU C compiler and then post it here.
There are several aspects of the old code I will have to address. For example the automatic overwriting of the cipher pad may not work on modern flash drive that use “wear leveling”, but I have some workarounds in mind.
I’ll update this post when the updated version is ready.
Here are the links to the main files:
OTP-10.ZIP (The original zip file complete with the C source code)
OTP.TXT (The manual for OTP-PC)
LICENSE.TXT (Describes the DonorWare concept)
Thanks for reading!
Jim Young (aka Jim Pinson)