diff --git a/README.md b/README.md index fc1a329..d03e3fc 100644 --- a/README.md +++ b/README.md @@ -2,6 +2,76 @@ A secure one-time pad (OTP) cipher implementation in C with automatic versioning system. +Nostr and much of the web runs off public key cryptograpy. Public key cryptogapyy is great, but it is vulnerable. Cryptogaphers know this, and they know what it takes to attack it, so what they do is just make the keys large enough such that the system is resistant to attack given computer as they are today. + +There is one type of cryptography however, that is invlulnerable to any type of attack in our universe, and that is known as a one time pad. + +One time pads rely directly on the laws of physics, and what it means for a number to be truly random. + +If you take your secret message and mix it with truly random numbers, and don't use those random numbers again, than that message is unbreakable, by any computers, no matter how powerful, quantum or not, forever. + +In fact, one time pads are so powerful, that if you have data that is encrypted by a one time pad located in a distant galaxy, and that data is not kept anywhere else, then by destroying the pad used for encryption in your galaxy, the data it wiped from the universe, and can never be recovered. + + +When you generate true entropy, across the multiverse, you are creating an even proportion of values across each universe. + +Pad Universe 1 0 1 0 1 ... +Pad Universe 2 1 1 1 1 ... +Pad Universe 3 0 0 1 1 ... +... + +Imagine you think that you are creating entropy, but you are not, then in the vast majority of universes, the pads will be identical. + +Why is this not safe? Because a quantum computer could tell that the proportions across the universe were similar. + + + +For every bit in the pad, in half the universes the bit will be a 1, and in the other half a 0. + +If that bit was less random, you would get a greater proportion of universes that have one value over the other. + +So you leak no value from what you are doing in your universe, over into the other universes. This is important, because a quantum computer can give a person a proportion of values across universes. + +So if the bits in the pad are + +On the other hand, suppose your key appeared random to a casual observer, but was not actually random. Pseudorandom. + +Then without knowing the technique by which the numbers were created, you could be secure in our universe, but across the parallel universes where you created your key, all the pads would be identical, and thus vulnerable to a quantum computer, + + + + +What if you used the first digits in the pad to generate a private key. That would then give you a public key that could be used to identify it. + + + +### So what are the downsides of using a one time pad: + +The pad must be shared between the parties wanting to use it. + +The pad must be as long or longer than what you want to encrypt, and it can't be used a second time. + + +While in the past, pad length might be a problem, with readily available USB drives in the Terrabytes, that makes size less of a problem for many uses. + +We are also becoming very use to YubiKey authenticators in the USB drives of our computers. A small USB drive in our devices can now easily contain a key of greater length then all the text messages we would expect to send over a lifetime. + +One of the problems to address is the fact that to use a otp across several devices, means that they have to cooordinate to know when they are encrypting new plaintext, where to start in the key. Reusing the same section of the pad, while not necessarilly fatal, degrades the encryption from its status as "Information Theoretically Secure". + +To address this problem, we can use nostr to share among devices, the place in the pad that was last left off. + + + + + + +Upsides: +One time pads can be trivially encrypted and decrypted using pencil and paper. + + + + + ## Features - **Perfect Security**: Implements true one-time pad encryption with information-theoretic security diff --git a/TODO.md b/TODO.md new file mode 100644 index 0000000..e3b4174 --- /dev/null +++ b/TODO.md @@ -0,0 +1,24 @@ +# TODO + + +## Change technique for adding keyboard entropy. + +## Some of the processing seems similar, so maybe code could be more compact. + +## Command line otp -e should go to default pad, and then comment after the fact that it used the default pad. + +## There is the problem of the location of the pad revealing metadata about how many messages have been sent in the past, or at least the size of the messsages. + +One solution could be to start the pad at a random location, and then wrap around, so an attacker could never tell the size of the past text sent. This helps. But then you have to store the start location, which you could do within the header of the pad along with the pad? + +Or, better yet, assume the offset is a very large size, and use the pad itself to encrypt the offset. + +## Take a look at how the file header is being handled. + +## We have three different decrypt file functions + +## Preferences directory and files look off. Should probably have ~/.otp as the default directory, and then in there we can have otp.conf, pads/ + +## Setup for multiple USB drives + + diff --git a/otp.c b/otp.c index 95c9ebb..99c0266 100644 --- a/otp.c +++ b/otp.c @@ -131,6 +131,16 @@ void get_directory_display(const char* file_path, char* result, size_t result_si void print_usage(const char* program_name); + + +//////////////////////////////////////////////////////////////////////////////// +//////////////////////////////////////////////////////////////////////////////// +// MAIN +//////////////////////////////////////////////////////////////////////////////// +//////////////////////////////////////////////////////////////////////////////// + + + int main(int argc, char* argv[]) { // Load preferences first load_preferences(); @@ -329,11 +339,11 @@ void show_main_menu(void) { printf("\n\n\n\n=========================== Main Menu - OTP %s ===========================\n\n", get_version() ); - printf(" \033[4mT\033[0mext encrypt\n"); - printf(" \033[4mF\033[0mile encrypt\n"); - printf(" \033[4mD\033[0mecrypt\n"); - printf(" \033[4mP\033[0mads\n"); - printf(" E\033[4mx\033[0mit\n"); + printf(" \033[4mT\033[0mext encrypt\n"); //TEXT ENCRYPT + printf(" \033[4mF\033[0mile encrypt\n"); //FILE ENCRYPT + printf(" \033[4mD\033[0mecrypt\n"); //DECRYPT + printf(" \033[4mP\033[0mads\n"); //PADS + printf(" E\033[4mx\033[0mit\n"); //EXIT printf("\nSelect option: "); }