I devised a system to use the one-time pad (OTP) using nothing more than a hard drive. It goes something like this:
- Meet in person with identical size hard drives.
- Encrypt the hard drive.
- File the drive with random keys of incrementing size.
- Devise an alorithm for using the keys.
- Unmount the drive.
- Enjoy the OTP for encryption/decryption.
Step number 3 requires creating files of incrementing size 1 byte at a time from 1 byte until the drive is filled. If your drive is 8 GB in size, then this should be approximately 131,000 files, with the smallest file as 1 byte, and the largest file as 131,000 bytes. Further, the keys should be filled with cryptographically secure random data. Using /dev/random would be preferred, however it will block when entropy is depleted. Using a hardware true random number generator to keey the entropy pool filled, like the Entropy Key from Simtec Electronics would work. Last, the hard drives must have the exact same keys on both. So, it would probably be best to create the random keys on one drive first, then rsync its contents to the second drive.
Step number 4 is important, as you want to make sure that the recipient of your message uses the same keys you did to encrypt the message. So, an algorithm needs to be devised for using the keys. The OTP requires that the key be the same length or longer than the message wishing to be encrypted/decrypted. Because the keys are of incrementing size from 1 byte on up, you should be able to choose a key of matching size for your plaintext. If not, you can combine different sized keys until the full length of the message is met with the keys. That combination of keys becomes the OTP. So, it would probably be best to have a computer program or script find the right keys for the job. Thus, both the sender and recipient will be using the same keys. The OTP uses the XOR operation to encrypt and decrypt the messages. XOR works, because it completely undoes what is done, provided the same key is used on both messages, and it’s fast and clean.
Step number 6 implies the encrypting and decrypting of messages using the OTP keys “out in the field”. However, after the keys have been used, THEY MUST NEVER BE USED AGAIN. You could simply delete the file(s), or securely shred the file(s), if you have your tinfoil hat on. Regardless, their intent is to be thrown away after use. This is because if the key(s) are used more than once, then the key(s) can be derived from the multiple encrypted messages that shared the key(s). So, encrypt/decrypt the message, then remove the key(s) from the drive. After the keys have been used up on the hard drive, meet in person again to refill the drives.
This works, because Claude Shannon proved that the OTP contains perfect secrecy, meaning that there is no information contained in the ciphertext that will give you any clues as to how it was derived, such as no patterns or structures in the data. This means that the encrypted text cannot be decrypted unless the key is known. This assumes that the key is truly random, the key is never used again, and the secrecy of the key is kept in tact. It’s clean, it works, and it’s practical enough to use day-to-day. So, if you want to test out using the OTP to encrypt and decrypt messages, this is your tool.