Comments on: The One-Time Pad Hard Drive Linux. GNU. Freedom. Mon, 09 Oct 2017 10:42:05 +0000 hourly 1 By: Hydranix Mon, 21 Mar 2016 08:06:39 +0000 My email is...

Just XOR this:
Hex: 0x4D27354352C36672A54

with the key (ASCII chars):

By: Hydranix Mon, 21 Mar 2016 07:36:21 +0000 A more proper way (I think) to implement this:
Bob has two equally sized storage media [such as hard disk drives] filled with true random data. Bob meets Mary at a safe location and hands Mary one of the drives.

Later from a remote location Bob sends Mary and unencrypted message requesting that Mary acknowledge the request and begin listening for the encrypted message and stops listening after receiving the encrypted termination order.

Mary sends Bob the acknowledgment and immediately begins listening for the encrypted message.

Bob appends the termination order to his unencrypted message and XORs the message+order with the data from the hard drive starting at 0 and running for the length of message+order.

The data on Bob's drive which was used in the XOR operation is no logner usable. (0+length of unusable data becomes new offset)

Mary receives the encrypted message and applies the XOR operation to it with the data on her hard drive starting at 0 and running the length of the message+order.

Mary's data on the drive that was used in the XOR operation is no longer usable. (0+length of unusable data becomes new offset)

Mary stops listening for more data as the order was successfully recieved.

Mary achknowledges Bob that message was received.

Bob and Mary begin listening for requests from one-another.

A fragile system in my example, so care must be taken to clean up details where deadlock may occur, but it is very much a simple thing to implement using this as a base.

If anyone is reading this, as my post is four years after this very poorly written blog entry, please respond if you find a sever flaw I've overlooked. My email I provided despite looking fake, is real.

By: Aaron Toponce : The NSA and Nubmer Stations- An Historical Perspective Thu, 20 Jun 2013 05:49:36 +0000 […] OTP can be an effective and practical way to send messages securely. I mentioned almost a year ago, of a way to create a USB hard drive with a OTP on the drive. Both the sender and the recipient have an exact copy of the drive, along with a software utility […]

By: Aaron Toponce Mon, 27 Aug 2012 17:00:35 +0000 Encrypting the hard drive? Well, if the drive is lost or stolen, you don't want the bad guys to have access to the keys, do you? So, use something like LUKS, TrueCrypt or eCryptfs to encrypt the keys on the drive.

By: Nikos Fotiou Mon, 27 Aug 2012 13:56:15 +0000 Can you please elaborate comment 2 a bit more?

By: Aaron Toponce Mon, 27 Aug 2012 01:09:43 +0000 If the key is not the same length as the message, then it's not a one-time pad. That's how it offers perfect secrecy.

By: Alan Bell Sun, 26 Aug 2012 20:46:21 +0000 better to use standard length key sizes, and have one set per direction. If you try and match the key size to the message then you give away the exact message length. If they are all 1024 bytes long or some other convenient size then you waste some bits (big deal) but leak less about your message. In fact if your keys are all bigger than any message you might want to send then you are giving away the least. The problem with one time pad is the requirement of distribution of the keys in advance. You can't really securely negotiate keys over the wire.

By: Aaron Toponce Sun, 26 Aug 2012 16:24:03 +0000 I thought about that, and the reason I decided against it, is because then every first byte starts with 0 or 1 for every message exchanged. While the rest of the data may be random, that first byte is not.

By: Jason Sun, 26 Aug 2012 16:01:19 +0000 I don't see the benefit of having varying key sizes. Why not just use a drive filled with random data, and use a system where you start at byte 0, and for each message exchanged, you walk through the key bytes and consume whatever is needed for that message size. If we've previously exchanged 31337 bytes of messages in the past, then the next message uses key data offset from 31338 through to the exact length of the new message.

There is a race condition problem if you both want to send a message at the same time, you may accidentally start at the same offset. If you both send messages using the same OTP then you've just broken the security. But then your proposal has this problem too, so it would need to be solved in any case.