Uncrackable Encryption

This essay is about a suggested student project in Java programming. This essay gives a rough overview of how it might work. It does not describe an actual complete program. I have no source, object, specifications, file layouts or anything else useful to implementing this project. Everything I have to say to help you with this project is written below. I am not prepared to help you implement it; I have too many other projects of my own.

I do contract work for a living, which could include writing a program such as this. However, I don’t do people’s homework for them. That just robs them of an education.

You have my full permission to implement this project any way you please.

Uncrackable encryption for the masses. It works transparently with the email package. It uses CDs or DVDs distributed ahead of time to those communicating. CDs are recorded with truly random numbers generated by monitoring radioactive decay. pseudo random numbers are useless for this purpose.

It is a OTP One Time Pad system using a simple XOR of message and key, using a key equal in length to the message, and never reusing a key. See the encrypt utility documentation for more detail on how the scheme works.

A more advanced version of the project requires to you build a peripheral that is a true random number source. Pseudo random number generators are useless for this purpose. Such a device would be useful for creating one-time pads, and also in various simulations. Here are several ways it could work. See true random numbers in the Java glossary for more details on how to build on buy one.

Once you have this mechanism in place, you can build an uncrackably secure webphone. You use the standard Java microphone API to convert sound into numbers, compress them a little, encrypt the numbers and send them over the web in real time. On the other end you reverse the process, and play the sound. You logically have two channels, one in each direction. Keep in mind that snoops can still place hidden microphones at either end, or snoop on EMF radiation from your computer. It is best to use a laptop which emits fewer clues. However, snoops can’t do anything simply by packet sniffing or intercepting and replacing packets. There is a slight delay as packets wend there way through the Internet, but not that different from a long distance call to Indonesia from Canada.

The advantages of this scheme are:

The code is simple enough to write yourself. You need not rely on an outside company to provide encryption code to you. It becomes much harder for the CIA/KGB/FBI/LBJ/CSIS (pick your favourite bad guy) to hide a snoop in the code. You can have several people study the code and freshly compile it to ensure it does what it is advertised to do. With ordinary encryption you must trust some company that might be under CIA control.
The messages themselves cannot be cracked, even in theory. The keys must be intercepted, the decoded messages read or the software compromised.
The algorithm is very quick.
With digital signing, it is possible to distribute software over the Internet without worry the CIA has tampered with it. You don’t need to distribute it by secure courier the way you would with private one time pad keys. However, if you think the CIA may have cracked the digital signature schemes, you might want to distribute software by secure courier too, so you might as well distribute a year’s worth of one time pads at the same time.

The disadvantages of this scheme are:

You must predistribute bulky keys on CD. In contrast, in a private/public key encryption scheme, there is no need to transport private keys around.
If you have more than two parties communicating, you probably want a CD of keys for each pair who might potentially communicate. You need a large hard disk to contain all those keys and software to select the correct key source, and make absolutely sure no piece of any key is ever reused.

	Please email your feedback for publication, errors, omissions, broken/redirected link reports and suggestions to improve this page to Roedy Green :
	Canadian Mind Products
	mindprod.com IP:[65.110.21.43]
	Your face IP:[38.103.63.59]	The information on this page is for non-military use only.
	You are visitor number 5,503.	Military use includes use by defence contractors.
	You can get a fresh copy of this page from:	or possibly from your local J: drive (Java virtual drive/mindprod.com website mirror)
	http://mindprod.com/project/uncrackableencryption.html	J:\mindprod\project\uncrackableencryption.html