Home page logo

basics logo Security Basics mailing list archives

Re: One-Time Pad software?
From: FocusHacks <focushacks () gmail com>
Date: Wed, 14 Feb 2007 08:34:13 -0600

Thanks to everyone who gave some input on this.  I thought I'd share
my findings with the list, hopefully someone will find it slightly
interesting.  If not, just ignore me.

I found that newLISP offers an "encrypt" function which is an XOR that
will loop the key if it is shorter than the clear.  I did tinker
around a bit with doing a manual XOR of two strings in newLISP as

(set 'ccharlist (map char (explode "secbasics")))
-> (115 101 99 98 97 115 105 99 115)

(set 'kcharlist (map char (explode "P45$w0rd!")))
-> (80 52 53 36 119 48 114 100 33)

(set 'cryptostring (join (map char (map ^ ccharlist kcharlist))))
-> "#QVF\022C\027\007R"

Where non-printables are \xxx

I came up with the following all-inclusive script:

 (< (length (main-args)) 5)
     (println "USAGE: crypt.lsp [pad] [file] [output] [pad-remainder]")
   (map set '(pad target output remainder) (rest (rest (main-args))))
   (write-file output (encrypt (read-file target) (read-file pad)))
   (write-file remainder (slice (read-file pad) (length (read-file target))))

The only thing that needs to be done is to secure-erase the original
pad and clear files once done with them.

[pad] = any file, text or binary, for random data.  Could be a dd dump
from /dev/urandom for all it cares.
[file] = Cleartext file to encrypt, or encrypted file to decrypt
against the pad.
[output] = resulting encrypted or decrypted file
[pad-remainder] = remaining contents of the one-time pad file to use
for future communications.

If both parties have a copy of the original pad, and always use
[pad-remainder] for the next encryption or decryption operation, the
pads will stay in sync.

Most linux distributions come with shred(1) to securely erase files.
Mac OS X has srm(1) - Secure rm
OpenBSD (and other BSDs?) accept the -P flag to rm(1), which isn't
quite as flexible as shred or srm, but it does overwrite the files
before erasing them.

I believe you'd need a third party tool on Windows to securely erase
files.  That's neither here nor there, though.  I chalk this exercise
up to paranoia.  :P

http://www.focushacks.com/focushacks-gpg.txt - My GPG encryption key

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]