Extremely Long Key (One-Time Pad) Encryption

My Line In the Sand

Last week (late August 1999) the Clinton administration floated a proposal to allow law enforcement to break into private citizen's homes without their knowledge and copy their encryption keys off their computers. (For more info see this link.)

Well, I decided I was pissed off enough to take some action of my own.

A Theoretically Unbreakable Code

After making an amateur study of cryptography for many years, I have concluded that the most secure form of encryption is the "extremely long key" or "one-time pad" method, in which the key is longer than the message, and keys are never re-used. If the keys are truly random (say, based on quantum events) then the code is theoretically unbreakable. In World War II secretaries in the basement at Bletchley Park drew cards out of a hat to create one-time-pad keys for British submarines. At that time this technique had enormous logistical difficulties:

creating the keys was tedious,
decoding the messages was tedious,
identical copies of all keys needed for many months had to be prepared for each submarine before it left port, and
if a submarine were captured along with its code book the whole system was compromised

The Best Place To Hide a Tree Is In a Forest

Well, a lot has changed since then. Now we have this internet thingy, with an unfathomable number of unmapped bits available anywhere, and bandwidth tripling every year. Think of it as the world's largest one-time pad. Here is how it works:

You and your friend each need internet and email access, a C compiler, and the UNIX programs uuencode and uudecode.
Using a secure channel of communication, such as talking near a waterfall or writing in the sand at the beach, choose a file on the internet to use as your first key. Servers full of images such as JPL, or of sounds such as mp3.com, are good places to look. Also agree upon a "skip" value (a number under a few hundred thousand).
Compose a plain text message to your friend. Include in the message the key file URL and skip value for your friend to use for the reply. Don't just blurt it out -- slip it in it subtly. Maybe you and your friend agree that the sentence containing the word "inexorable" will have the skip and key URL.
Copy the code below and compile it. Use the resulting program xor to "exclusive or" your plain text message with the key file, after skipping the skip value number of bytes.
Use uuencode to turn the resulting encoded file into text that can be emailed.
Email the file to your friend. Include no explanation.
Your friend saves the mail and uses the uudecode program to turn it back into the encrypted binary file.
Your friend then uses the xor program to "exclusive or" the encrypted binary file with the key file (after the skip) and produce an identical copy of the plain text file. (This technique also works with any other file type as message.)

This method gives you secure data transfer without reliance on proprietary software, obscure mathematical theorems, or lack of advances in faster computing. It also fills the internet with packets of encrypted data that will drive the government nuts because they can't crack them.

Cautions

Observe these safety tips:

xor assumes the key minus skip is longer than the plain text message. If not the message will be truncated silently.
Try to use keys that are as random as possible. Jpegs are good because they are compressed, but the header is highly redundant. Use a large skip.
Don't store key information on your hard drive where the government can break in and steal it.
If you really want to drive them crazy, arrange with your friend some signal that means "ignore this message" and then send lots and lots of uuencoded random data.

Have fun!

The Source Code

xor.c main routine xor.h header file help.c help function usage.c usage function Makefile Test testing shell script test.txt test input xor.ALL self-extracting shell archive of above (run by: sh xor.ALL)

test_encrypted.bin.uu.txt test encrypted uuencoded message KEY test key (Do not click! Use "Save Link As...")

$2000 Challenge

Date: Sat, 9 Oct 1999 13:32:22 -0700 (PDT)
From: Alan Barnum Scrivener 
To: <a bunch of people>
Subject: Re: unbreakable code?
Cc: abs@well.com

Hello again friends.  In my inexorable search for the ugliest color scheme
on the internet I have located the following image:

    http://ftp-msd.ksc.nasa.gov/msd/ftp/KSC_0864_1998/JPG_0864_1998/Metlfil1.JPG

which is about 64000 times uglier than my previous nominee.

Also, I am offereing a $20 gift certificate at Amazon.com to the first
person to decrypt this message and send me the plain text:

---------------------------------- cut here ----------------------------------
begin 600 message.bin
MVWIA%H04<OIK>TW3K*UFBX"OY5@6CJJVY*K#OY/($F!#X'@R2W4# '0_D2;Z
MJP!1<=.5@&K-?&W08E_4"EU^23,--T8#D,&G84IJ^OIL,1@)#XBC?F&+3JES
MU_A]HF_!^  %>8>5M#D([6-'-77&L(3+YF:LX<EI0%.K+C<9<RA?A.^W*X^:
MW>+/S5S(-#?T*)!*OY8K3DT#JL"*'Z%OQ/)MNN-&M5-0/*1GC+??+KP&W 'Z
M-!RY8=T0+W/S:N-)XTJ+]!&9\6.@<*S8>!$HRV*,!9F015IJ--I EG91T*KB
M3=EHLF1F<;EMGZUF+\>EN6L%A@8U<GWX(7'-IJE_5EFBAH:PU.!"BO+G3%B+
#]Y+<
 
end
---------------------------------- end here ----------------------------------

....and I am offering $2000 cash to anyone who decrypts this
message and sends me the plain text:

---------------------------------- cut here ----------------------------------
begin 600 message2.bin
M:VP"E,.0\!QCM+,-:K#*9F&35?GF>7[S]Q$8PX6]TSDV]7NOR9XOBF6DA<WQ
M-A2:5_Z"N-1'[QHY,QMI>F=OPKE%!JAME5[JRN2\TJ%+]%HQ6OFH=8JL(I24
M_)2 WK@,%>B#X1':;5W_#\QD#K2&LGG]*?4@1Z'E/6D@E^-OJ"ZU.3,#U<" 
ME>@8AV3R::^OX4S_?_:DX[!#!:9DA.12?1/R%74*;4IG0@@:*E>/IMBA1:'D
?=8U8[TZR*1F27!*DH]7V)[X*A%GOL=]V<D)N)<-2'TIG
 
end
---------------------------------- end here ----------------------------------

Have fun!

Last update: 13-Oct-1999