OTP 1.0 build: 9505 released: One Time Pad. Copyright: (c) 2012-2017 Canadian Mind Products. Java application. Not distributed. ---- Notes: You must install the Java JRE to use this program. See http://mindprod.com/jgloss/jgloss/jre.html This program can only be used from the command prompt, (or via an command line style icon shortcut) e.g. under Windows command.exe or JPSoft tcmd.exe, formerly called the DOS box. Just clicking the programs in a directory listing will not do anything useful. Just typing the program names at the command prompt will not either. This program requires a manual install! See below. This program works with vanilla text files, (e.g. ASCII files or UTF-8 Unicode files). You will need a text editor to create and view them, not a word processor. e.g. notepad, Visual Slick Edit or other suitable text editor http://mindprod.com/jgloss/editor.html. You must use a monospaced font http://mindprod.com/jgloss/monospacedfonts.html (aka fixed pitch, aka programmer font) to view your files, or they won't look properly aligned. I put out an avalanche of free software into the world, and submit PAD files to hundreds of distribution sites, but I rarely hear back from anyone. What's happening? Does it all just work fine? It is so complicated nobody can figure out how to use it and they give up on it? It is it useful? Since everyone has the source, do people just fix the programs to their liking themselves? Did you have trouble installing? Do I presume you know too much? I would be happy to hear from you about your experiences, positive or negative and your requests for improvements. A one-line email to roedy@mindprod.com would be great. ===> Free <=== Full source included. You may even include the source code, modified or unmodified in free/commercial open source/proprietary programs that you write and distribute. May be used freely for any purpose but military. For more details on this restriction, see http://mindprod.com/contact/nonmil.html If you include any Canadian Mind Products code in your own applications, your app too must be labeled non-military use only. All Java jars and source code are included. ---- Prerequisites: This program runs under any OS that supports Java, (e.g.W2K/XP/W2003/Vista/W2008/W7-32/W7-64/W8-32/W8-64/Linux/LinuxARM/LinuxX86 /LinuxX64/Ubuntu/Solaris/SolarisSPARC/SolarisSPARC64/SolarisX86/SolarisX64/OSX/AIX...) so long as you have <><> Java version 1.7 <><> or later installed (32-bit or 64-bit Java). See http://mindprod.com/jgloss/installingjava.html for details. ---- Installing on a PC: Download source and compiled class files to run on your own machine as an application. First install a recent Java JDK or JVM. See http://mindprod.com/jgloss/installingjava.html. To install, extract the zip download with WinZip (or similar unzip utility) into any directory you please, often J:\ -- ticking off the use folder names option. To run as an application, type: java -ea -jar J:\com\mindprod\otp\otp.jar {put any parms here} adjusting as necessary to account for where the jar file is. ---- Installing on a MacIntosh: Use Safari to download source and compiled class files to run on your own machine as an application. Safari will automatically unpack the zip into ~/Downloads (version 10.5) [or on the Desktop (version 10.4 and earlier)]. First install a recent Java JDK or JVM. See http://mindprod.com/jgloss/installingjava.html. You may optionally move the download tree to a permanent home. I don't have a MacIntosh, just a PC, so I can't test my Java programs for Mac compatibility. In theory they should work without problems, but in practice that does not always happen. If you have problems please, let me know, preferably with screenshots and complete verbatim error messages. To run as an application, without parameters, just double click the jar file. To run as an application with parameters, in bash shell type: open Terminal.app cd ~/Desktop java -ea -jar com/mindprod/otp/otp.jar {put any parms here} adjusting as necessary to account for where the jar file is. ---- Rebuilding: The zip already contains the necessary class and jar files, so unless you modify the program, there is no need to recompile the source or rebuild the jar. Configure.java basedir="E:/" in rebuild.xml to the drive where your files are. Use ANT and rebuild.xml, not build.xml, to recompile and recreate the jar. ---- Use: Encrypt/Decrypt use a one time pad of true random numbers. In theory this is encryption is uncrackable. In practice a snoop can break into either sender or receiver computers and look at the plain text or steal a copy of the PADs of random number. Or they might intercept the courier delivering pad to the receiver and make a copy. However, they can do absolutely nothing with an intercepted encrypted message if they don't have the corresponding one-time-pad. You must somehow generate a set of pad files named *.pad in the current directory. See http://mindprod.com/jgloss/truerandom.html for various techniques. When you run Encrypt, you select the file you want to send. It automatically selects one of your pads, or part of a pad, and xors with the file you want to send creating a xxxx.enc file you send to the recipient over an insecure channel such as email. Encrypt wipes the pad, or part of the pad. It does not wipe the original plaintext file. When you run Decrypt, you select the encrypted file you want to reveal. Decrypt automatically select the corresponding pad or part of a pad and xors with the encrypted file creating the xxxx.doc or whatever the original file was called, in the the same directory as the encrypted file. It then wipes the pad, or part of the pad, and the encrypted file. The encrypted file looks like a stream of random binary bytes, (not armoured). You can send it as an attachment, but not in the message body unless you armoured it with Base64 or something similar. See http://mindprod.com/jgloss/armour.html USE 1. generate a some random pads, or one big random pad. You must use truly random, not pseudorandom pads, for the code to be uncrackable. Everything will still work, but with lower security if you generated the pads with pseudorandom generators. See http://mindprod.com/jgloss/pseudorandom.html. To be safe, assume every message you send will consume about n + 200 bytes bytes where n is the length of the original file. It won’t to have more pads than you strictly need. These pads are best kept on a password protected, AES encrypted USB Flash Drive such as a Kanguru Basic. If you leave them lying around on hard disk they are vulnerable to the usual OS attacks. If you put them on CD, Encrypt could not wipe them after use. 2. You must get copies of all the pads ahead of time to your recipient without them being intercepted. You might send them burned on a CD by mail, but snoops might intercept you parcel and make a copy of the CD. You might send them by courier, but then your courier might be bribed or threatened into handing over a copy. I suggest putting them on a password protected, encrypted USB Flash Drive such as a Kanguru Basic. If it is intercepted there is no way to retrieve the keys without the pass phrase. You still need some way of securely getting the password to the recipient. Your phone could be tapped. Your mail could be opened. Since the scheme cannot be attacked directly, you must defend yourself against various indirect attacks. 3. Sender runs encrypt. e.g. encrypt.jar It will potentially use any pad or part of a pad in the current directory. You don't want pads in there that the receiver does not yet have. Encrypt preferentially uses older pads to help ameliorate this problem. 4. Email the encrypted file to the recipient. 5. The receiver runs decrypt, e.g. decrypt.jar Decrypt will expect to find a copy of the pad used to encrypt the file in the current directory. If it is not there will not be able to decrypt the file. 6. If you start running out of pads, you have to make some more and get them securely to the receiver well in advance of needing them for decryption. 7. If ever you suspect some party has seen any of your pads, you must delete them all and start over with newly generated ones. You might want to prepare for that eventuality with a second independent set of pads sent in advance and stored separately offsite. 8. Let us say you send 5 years worth of pads to the recipient. That gives third parties 60 times as long to steal a copy of them than if you send only a month's worth in advance. FORMAT OF ENCRYPTED FILE 16 bit int big endian : length in bytes of the pad file name (without directory), unencrypted n bytes UTF-encoded : name of the pad file name (without directory), unencrypted From here on everything is xor encrypted 16 bit int big endian : length in bytes of the original file name (without directory), unencrypted n bytes UTF-encoded : name of the original file name (without directory), unencrypted 16 bit int big endian : length in bytes of length disguiser ( 0 .. 99 ) n bytes of 0s : used to disguise the length of the original message. n bytes : contents of the original file. You don't need to understand the message format to use the program. ---- Version History: 1.0 2012-12-21 initial release. -30-