mailing list archives
Re: One-Time Pad software?
From: FocusHacks <focushacks () gmail com>
Date: Wed, 14 Feb 2007 08:34:13 -0600
Thanks to everyone who gave some input on this. I thought I'd share
my findings with the list, hopefully someone will find it slightly
interesting. If not, just ignore me.
I found that newLISP offers an "encrypt" function which is an XOR that
will loop the key if it is shorter than the clear. I did tinker
around a bit with doing a manual XOR of two strings in newLISP as
(set 'ccharlist (map char (explode "secbasics")))
-> (115 101 99 98 97 115 105 99 115)
(set 'kcharlist (map char (explode "P45$w0rd!")))
-> (80 52 53 36 119 48 114 100 33)
(set 'cryptostring (join (map char (map ^ ccharlist kcharlist))))
Where non-printables are \xxx
I came up with the following all-inclusive script:
(< (length (main-args)) 5)
(println "USAGE: crypt.lsp [pad] [file] [output] [pad-remainder]")
(map set '(pad target output remainder) (rest (rest (main-args))))
(write-file output (encrypt (read-file target) (read-file pad)))
(write-file remainder (slice (read-file pad) (length (read-file target))))
The only thing that needs to be done is to secure-erase the original
pad and clear files once done with them.
[pad] = any file, text or binary, for random data. Could be a dd dump
from /dev/urandom for all it cares.
[file] = Cleartext file to encrypt, or encrypted file to decrypt
against the pad.
[output] = resulting encrypted or decrypted file
[pad-remainder] = remaining contents of the one-time pad file to use
for future communications.
If both parties have a copy of the original pad, and always use
[pad-remainder] for the next encryption or decryption operation, the
pads will stay in sync.
Most linux distributions come with shred(1) to securely erase files.
Mac OS X has srm(1) - Secure rm
OpenBSD (and other BSDs?) accept the -P flag to rm(1), which isn't
quite as flexible as shred or srm, but it does overwrite the files
before erasing them.
I believe you'd need a third party tool on Windows to securely erase
files. That's neither here nor there, though. I chalk this exercise
up to paranoia. :P
http://www.focushacks.com/focushacks-gpg.txt - My GPG encryption key