Readme
This commit is contained in:
71
README.md
71
README.md
@@ -1,73 +1,44 @@
|
|||||||
# OTP Cipher - One Time Pad Implementation
|
# OTP Cipher - One Time Pad Implementation
|
||||||
|
|
||||||
|
|
||||||
|
## Introduction
|
||||||
|
|
||||||
A secure one-time pad (OTP) cipher implementation in C with automatic versioning system.
|
A secure one-time pad (OTP) cipher implementation in C with automatic versioning system.
|
||||||
|
|
||||||
Nostr and much of the web runs off public key cryptograpy. Public key cryptogapyy is great, but it is vulnerable. Cryptogaphers know this, and they know what it takes to attack it, so what they do is just make the keys large enough such that the system is resistant to attack given computer as they are today.
|
## Why One-Time Pads
|
||||||
|
|
||||||
There is one type of cryptography however, that is invlulnerable to any type of attack in our universe, and that is known as a one time pad.
|
Nostr and much of the web runs on public key cryptography. Public key cryptography is great, but it is vulnerable. Cryptographers know this, and they know what it takes to attack it, so what they do is just make the keys large enough such that the system is resistant to attack given computers as they are today.
|
||||||
|
|
||||||
One time pads rely directly on the laws of physics, and what it means for a number to be truly random.
|
There is one type of cryptography, however, that is invulnerable to any type of attack in our universe, and that is known as a one-time pad.
|
||||||
|
|
||||||
If you take your secret message and mix it with truly random numbers, and don't use those random numbers again, than that message is unbreakable, by any computers, no matter how powerful, quantum or not, forever.
|
One-time pads rely directly on the laws of physics and what it means for a number to be truly random.
|
||||||
|
|
||||||
In fact, one time pads are so powerful, that if you have data that is encrypted by a one time pad located in a distant galaxy, and that data is not kept anywhere else, then by destroying the pad used for encryption in your galaxy, the data it wiped from the universe, and can never be recovered.
|
If you take your secret message and mix it with truly random numbers, and don't use those random numbers again, then that message is unbreakable by any computer, no matter how powerful, quantum or not, forever.
|
||||||
|
|
||||||
|
In fact, one-time pads are so powerful that if you have data encrypted by a one-time pad located in a distant galaxy, and that data is not kept anywhere else, then by destroying the pad used for encryption in your galaxy, the data is wiped from the universe and can never be recovered.
|
||||||
|
|
||||||
When you generate true entropy, across the multiverse, you are creating an even proportion of values across each universe.
|
## Advantages and Limitations
|
||||||
|
|
||||||
Pad Universe 1 0 1 0 1 ...
|
### Limitations
|
||||||
Pad Universe 2 1 1 1 1 ...
|
|
||||||
Pad Universe 3 0 0 1 1 ...
|
|
||||||
...
|
|
||||||
|
|
||||||
Imagine you think that you are creating entropy, but you are not, then in the vast majority of universes, the pads will be identical.
|
1. The pad must be shared between the parties wanting to use it.
|
||||||
|
2. The pad must be as long or longer than what you want to encrypt, and it can't be used a second time.
|
||||||
|
|
||||||
Why is this not safe? Because a quantum computer could tell that the proportions across the universe were similar.
|
### Modern Advantages
|
||||||
|
|
||||||
|
While in the past, pad length might have been a problem, readily available USB drives in the terabytes make size less of a problem for many uses.
|
||||||
|
|
||||||
|
We are also becoming very accustomed to YubiKey authenticators in the USB ports of our computers. A small USB drive in our devices can now easily contain a key of greater length than all the text messages we would expect to send over a lifetime.
|
||||||
|
|
||||||
For every bit in the pad, in half the universes the bit will be a 1, and in the other half a 0.
|
### Multi-Device Coordination
|
||||||
|
|
||||||
If that bit was less random, you would get a greater proportion of universes that have one value over the other.
|
One of the problems to address is the fact that to use an OTP across several devices means that they have to coordinate to know when they are encrypting new plaintext and where to start in the key. Reusing the same section of the pad, while not necessarily fatal, degrades the encryption from its status as "Information Theoretically Secure".
|
||||||
|
|
||||||
So you leak no value from what you are doing in your universe, over into the other universes. This is important, because a quantum computer can give a person a proportion of values across universes.
|
To address this problem, we can use Nostr to share among devices the place in the pad that was last left off.
|
||||||
|
|
||||||
So if the bits in the pad are
|
### Additional Benefits
|
||||||
|
|
||||||
On the other hand, suppose your key appeared random to a casual observer, but was not actually random. Pseudorandom.
|
|
||||||
|
|
||||||
Then without knowing the technique by which the numbers were created, you could be secure in our universe, but across the parallel universes where you created your key, all the pads would be identical, and thus vulnerable to a quantum computer,
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
What if you used the first digits in the pad to generate a private key. That would then give you a public key that could be used to identify it.
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
### So what are the downsides of using a one time pad:
|
|
||||||
|
|
||||||
The pad must be shared between the parties wanting to use it.
|
|
||||||
|
|
||||||
The pad must be as long or longer than what you want to encrypt, and it can't be used a second time.
|
|
||||||
|
|
||||||
|
|
||||||
While in the past, pad length might be a problem, with readily available USB drives in the Terrabytes, that makes size less of a problem for many uses.
|
|
||||||
|
|
||||||
We are also becoming very use to YubiKey authenticators in the USB drives of our computers. A small USB drive in our devices can now easily contain a key of greater length then all the text messages we would expect to send over a lifetime.
|
|
||||||
|
|
||||||
One of the problems to address is the fact that to use a otp across several devices, means that they have to cooordinate to know when they are encrypting new plaintext, where to start in the key. Reusing the same section of the pad, while not necessarilly fatal, degrades the encryption from its status as "Information Theoretically Secure".
|
|
||||||
|
|
||||||
To address this problem, we can use nostr to share among devices, the place in the pad that was last left off.
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
Upsides:
|
|
||||||
One time pads can be trivially encrypted and decrypted using pencil and paper.
|
|
||||||
|
|
||||||
|
One-time pads can be trivially encrypted and decrypted using pencil and paper, making them accessible even without electronic devices.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user