Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: One-Time Pad software?

from [FocusHacks] Network Security [Permanent Link]
Subject: Re: One-Time Pad software?
Date: Wed, 14 Feb 2007 08:34:13 -0600 
Thanks to everyone who gave some input on this.  I thought I'd share
my findings with the list, hopefully someone will find it slightly
interesting.  If not, just ignore me.

I found that newLISP offers an "encrypt" function which is an XOR that
will loop the key if it is shorter than the clear.  I did tinker
around a bit with doing a manual XOR of two strings in newLISP as
follows:

(set 'ccharlist (map char (explode "secbasics")))
-> (115 101 99 98 97 115 105 99 115)

(set 'kcharlist (map char (explode "P45$w0rd!")))
-> (80 52 53 36 119 48 114 100 33)

(set 'cryptostring (join (map char (map ^ ccharlist kcharlist))))
-> "#QVF\022C\027\007R"

Where non-printables are \xxx

I came up with the following all-inclusive script:

#!/usr/bin/newlisp
(cond(
 (< (length (main-args)) 5)
     (println "USAGE: crypt.lsp [pad] [file] [output] [pad-remainder]")
 )
 (true
   (map set '(pad target output remainder) (rest (rest (main-args))))
   (write-file output (encrypt (read-file target) (read-file pad)))
   (write-file remainder (slice (read-file pad) (length (read-file target))))
 )
)
(exit)

The only thing that needs to be done is to secure-erase the original
pad and clear files once done with them.

[pad] = any file, text or binary, for random data.  Could be a dd dump
from /dev/urandom for all it cares.
[file] = Cleartext file to encrypt, or encrypted file to decrypt
against the pad.
[output] = resulting encrypted or decrypted file
[pad-remainder] = remaining contents of the one-time pad file to use
for future communications.

If both parties have a copy of the original pad, and always use
[pad-remainder] for the next encryption or decryption operation, the
pads will stay in sync.

Most linux distributions come with shred(1) to securely erase files.
Mac OS X has srm(1) - Secure rm
OpenBSD (and other BSDs?) accept the -P flag to rm(1), which isn't
quite as flexible as shred or srm, but it does overwrite the files
before erasing them.

I believe you'd need a third party tool on Windows to securely erase
files.  That's neither here nor there, though.  I chalk this exercise
up to paranoia.  :P

--
http://www.focushacks.com/focushacks-gpg.txt - My GPG encryption key

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: PHP filter function against SQL injections, jeffrey rivero
Next by Date:  Re: Re: PHP filter function against SQL injections, ianbow
Previous by Thread:  Re: One-Time Pad software?, profeten
Next by Thread:  Energy Policy Act of 2005: mini Y2k needed?, Eggleston, Mark
Indexes:  [Date] [Thread] [Top] [All Lists]