# OTP Cipher v2.0 - Enhanced One Time Pad Implementation A comprehensive and user-friendly One Time Pad (OTP) cryptographic system implemented in C for Linux, supporting massive pad sizes up to 10TB+ with both interactive and command-line interfaces. ## New in Version 2.0 🚀 - **Interactive Menu System** - User-friendly menu-driven interface - **Smart Size Parsing** - Supports K/KB/M/MB/G/GB/T/TB units - **Partial Hash Matching** - Use hash prefixes or pad numbers for selection - **Progress Indicators** - Real-time progress for large pad generation - **10TB+ Support** - Generate massive pads for external drives - **Enhanced Pad Management** - List, info, and usage statistics ## Features - **Cryptographically secure** random pad generation using `/dev/urandom` - **ASCII armor format** similar to PGP for encrypted messages - **Integrity verification** using SHA-256 hashing of pad files - **State management** to prevent pad reuse - **Interactive text encryption/decryption** - **Hash-based file naming** for content verification - **Read-only pad protection** prevents accidental corruption ## Dependencies - OpenSSL development libraries (`libssl-dev` on Ubuntu/Debian) - GCC compiler ### Install dependencies on Ubuntu/Debian: ```bash sudo apt update sudo apt install libssl-dev build-essential ``` ## Building ```bash make ``` This will create the `otp` executable. ## Usage Modes ### Interactive Mode (Recommended) Simply run the program without arguments: ```bash ./otp ``` This launches a menu-driven interface: ``` === OTP Cipher Interactive Mode === Version: OTP-CIPHER 2.0 === Main Menu === 1. Generate new pad 2. Encrypt message 3. Decrypt message 4. List available pads 5. Show pad information 6. Exit ``` ### Command Line Mode For automation and scripting: ```bash ./otp generate # Generate new pad ./otp encrypt # Encrypt text ./otp decrypt # Decrypt message ./otp list # List available pads ``` ## Smart Size Parsing The system intelligently parses size specifications: ```bash ./otp generate 1024 # 1024 bytes ./otp generate 5MB # 5 megabytes ./otp generate 2GB # 2 gigabytes ./otp generate 10TB # 10 terabytes ./otp generate 1.5GB # 1.5 gigabytes (decimal supported) ``` **Supported units:** K, KB, M, MB, G, GB, T, TB (case insensitive) ## Pad Selection Multiple convenient ways to select pads: 1. **Full hash**: `./otp encrypt a1b2c3d4e5f6789012345678901234567890abcdef...` 2. **Hash prefix**: `./otp encrypt a1b2c3d4` 3. **Pad number**: `./otp encrypt 1` (from list output) ## Example Workflows ### Basic Usage ```bash # Generate a 1GB pad ./otp generate 1GB Generated pad: a1b2c3d4e5f6789...123456.pad (1.00 GB) Pad hash: a1b2c3d4e5f6789012345678901234567890abcdef1234567890abcdef123456 # List available pads ./otp list Available pads: No. Hash (first 16 chars) Size Used --- ------------------- ---------- ---------- 1 a1b2c3d4e5f67890 1.00GB 0.0MB # Encrypt using hash prefix ./otp encrypt a1b2 Enter text to encrypt: Secret message -----BEGIN OTP MESSAGE----- Version: OTP-CIPHER 2.0 Pad-Hash: a1b2c3d4e5f6789012345678901234567890abcdef1234567890abcdef123456 Pad-Offset: 0 U2VjcmV0IG1lc3NhZ2U= -----END OTP MESSAGE----- ``` ### Large Scale Usage ```bash # Generate a 5TB pad for external drive ./otp generate 5TB Progress: 100.0% (85.2 MB/s, ETA: 0s) Generated pad: f9e8d7c6b5a4932...654321.pad (5.00 TB) # Use pad number for quick selection ./otp encrypt 1 Enter text to encrypt: Classified information ``` ### Interactive Mode Workflow ```bash ./otp # Select option 1 to generate # Enter size: 10GB # Select option 2 to encrypt # Choose pad from list # Enter your message ``` ## Security Features ### Perfect Forward Secrecy Each message uses a unique portion of the pad that is never reused, ensuring perfect forward secrecy. ### Content-Based Integrity - **SHA-256 file naming**: Pad files named by their hash ensure content verification - **Integrity checking**: Embedded hashes detect pad corruption/tampering - **Read-only protection**: Pad files automatically set to read-only after creation ### ASCII Armor Format Messages use a PGP-like ASCII armor format: ``` -----BEGIN OTP MESSAGE----- Version: OTP-CIPHER 2.0 Pad-Hash: a1b2c3d4e5f6789012345678901234567890abcdef1234567890abcdef123456 Pad-Offset: 0 U2VjcmV0IG1lc3NhZ2U= -----END OTP MESSAGE----- ``` ### State Management - **Automatic tracking**: Prevents pad reuse through state files - **Portable state**: State stored separately from immutable pad data - **Usage statistics**: Track pad consumption and remaining capacity ## File Structure **Source Files:** - `otp.c` - Complete implementation (850+ lines) - `Makefile` - Build configuration - `README.md` - This documentation **Generated Files:** - `otp` - Compiled executable - `.pad` - Pad files (read-only, hash-named) - `.state` - State files (writable, tracks usage) ## Advanced Features ### Progress Indicators For large pads, see real-time generation progress: ``` Generating pad... Progress: 45.2% (78.5 MB/s, ETA: 125s) ``` ### Pad Information Detailed statistics for each pad: ```bash ./otp list No. Hash (first 16 chars) Size Used --- ------------------- ---------- ---------- 1 a1b2c3d4e5f67890 5.00TB 2.1GB 2 f9e8d7c6b5a49321 1.00GB 0.5GB ``` ### Multiple Pad Management - List all available pads - Show detailed information per pad - Track usage across multiple pads - Quick selection by number or prefix ## Performance ### Size Limits - **Theoretical maximum**: 18 exabytes (uint64_t limit) - **Practical maximum**: Limited by available disk space - **Tested up to**: 10TB+ on modern systems - **Generation speed**: ~80-120 MB/s (system dependent) ### Memory Efficiency - **Streaming operation**: Constant memory usage regardless of pad size - **64KB buffers**: Efficient I/O without excessive memory consumption - **Large file support**: Handles multi-terabyte pads efficiently ## Security Notes ⚠️ **Critical Security Requirements:** 1. **Never reuse pad data** - Automatic prevention through state tracking 2. **Secure pad distribution** - Use secure channels for pad sharing 3. **Physical security** - Protect pad files like encryption keys 4. **Verify integrity** - Always check pad hash verification during decryption 5. **Secure systems** - Generate pads on trusted systems with good entropy ## Installation ### Local Installation ```bash make install # Install to /usr/local/bin make uninstall # Remove from system ``` ### Clean Up ```bash make clean # Remove compiled files and generated pads ``` ## Technical Specifications - **Entropy source**: `/dev/urandom` (cryptographically secure) - **Hash algorithm**: SHA-256 for integrity verification - **Encoding**: Base64 for ciphertext representation - **File format**: ASCII armor with embedded metadata - **Architecture**: Single C file, ~850 lines - **Dependencies**: OpenSSL libcrypto - **Platform**: Linux (easily portable) ## Theory A One Time Pad is theoretically unbreakable when implemented correctly with: - **Perfect randomness**: Cryptographically secure entropy - **Key length**: Equal to or greater than message length - **Single use**: Each pad portion used exactly once - **Secure distribution**: Pads shared through secure channels This implementation satisfies all requirements for perfect cryptographic security while providing modern usability features for practical deployment. ## Version History - **v2.0**: Interactive mode, smart parsing, 10TB+ support, enhanced UX - **v1.0**: Basic command-line implementation with hash-based naming