One-Time Pads
In this work I have implemented the simple one-time pad encryption technique in Python using the XOR operator for both encryption and decryption.
The one-time pad is an encryption technique that has been recognized as impossible to break, if the given key is completely random.
In Gilbert Vernam, of AT&T Corporation, patented the system in 1919, two years after of the reinvention (Frank Miller had already described the OTP in 1882).
Joseph Mauborgne helped to improve the technique establishing that the message could be impossible to break if the key were truly random.
After that and
others improves, the actual OTP have the next characteristics:
- Each letter used in the alphabet A has assigned a numerical value, e.g., “A” could be 0 and “B” could be 1.
- The message is encrypted using addition in modulo n = |A|.
- The message is decrypted by subtracting in modulo n = |A|.
- Both the sender and the receiver have the same key.
- The used keys must be destroyed.
The One-Time Pad
system has a property called perfect secrecy. Someone can intercept
the cipher text, but it will never give some additional information
about the message. Although the spy can see the cipher text and
decrypt it by brute force it could be seriously hard to get the
message, because applying the brute force yields all the possible
texts and all could be the actual message. Nevertheless, the OTP
system is not widely used due to problems while saving the two copies
of the keys.
Our work
We used the XOR operator instead of the addition and the subtraction in the encryption and decryption phases respectively.
First of all, I used a standard random number generator to create all the keys. I wrote the keys in the AliceKey.txt file and then I copied the file to BobKey.txt. The pads are created in the next function.
The encrypting and
decrypting come in the next subroutine. As you can see, this function
receives the name of the sender, or receiver, and then opens the file
where the key must be written. I had to use seek() to change the
position in the file in order to read the key correctly and replace
it with the character “ ” to destroy it.
The string cipher is
the cipher text if the function is called to encrypt and it is the
message if the function is called to decrypt.
The XOR operator is applied for every character in the message using its value in the ASCII Table with every character in the key. The i % keySize is used for the reutilization of the characters in the key when the message has a bigger length. Then the resulting character and cipher are concatenated.
You can get all the code from:
Código completo en Github
Now the code in
action
You can run the
script giving the two parameters (number of keys, size of the keys).
You can also run the
script without giving the parameters, it will ask for them later.
Then the prompt will
ask for the sender, Alice or Bob. You will have to enter a message
for each key.
In this example, I
entered the same plain text four times “hi alice”, the sender was
Bob and the receiver was Alice. For each time I sent the message I
got different cipher texts (sometimes it has some unprintable
characters due to '\' or ASCII values under 32), because the key was
different for each message.
Concluding about
this “impossible to break” technique, the information security
will always be safe while you guarantee the correct use and the true
randomness of the keys.
It is easy to
encrypt and decrypt messages applying the OTP, the problems will be
the storage and the distribution of the copies of the keys.
References
Schneier, Bruce. Applied Cryptography, John Wiley & Sons, 1994.
References
Schneier, Bruce. Applied Cryptography, John Wiley & Sons, 1994.
