Extremely Long Key (One-Time Pad) Encryption

My Line In the Sand

Last week (late August 1999) the Clinton administration floated a proposal to allow law enforcement to break into private citizen's homes without their knowledge and copy their encryption keys off their computers. (For more info see this link.)

Well, I decided I was pissed off enough to take some action of my own.

A Theoretically Unbreakable Code

After making an amateur study of cryptography for many years, I have concluded that the most secure form of encryption is the "extremely long key" or "one-time pad" method, in which the key is longer than the message, and keys are never re-used. If the keys are truly random (say, based on quantum events) then the code is theoretically unbreakable. In World War II secretaries in the basement at Bletchley Park drew cards out of a hat to create one-time-pad keys for British submarines. At that time this technique had enormous logistical difficulties:

The Best Place To Hide a Tree Is In a Forest

Well, a lot has changed since then. Now we have this internet thingy, with an unfathomable number of unmapped bits available anywhere, and bandwidth tripling every year. Think of it as the world's largest one-time pad. Here is how it works:
  1. You and your friend each need internet and email access, a C compiler, and the UNIX programs uuencode and uudecode.
  2. Using a secure channel of communication, such as talking near a waterfall or writing in the sand at the beach, choose a file on the internet to use as your first key. Servers full of images such as JPL, or of sounds such as mp3.com, are good places to look. Also agree upon a "skip" value (a number under a few hundred thousand).
  3. Compose a plain text message to your friend. Include in the message the key file URL and skip value for your friend to use for the reply. Don't just blurt it out -- slip it in it subtly. Maybe you and your friend agree that the sentence containing the word "inexorable" will have the skip and key URL.
  4. Copy the code below and compile it. Use the resulting program xor to "exclusive or" your plain text message with the key file, after skipping the skip value number of bytes.
  5. Use uuencode to turn the resulting encoded file into text that can be emailed.
  6. Email the file to your friend. Include no explanation.
  7. Your friend saves the mail and uses the uudecode program to turn it back into the encrypted binary file.
  8. Your friend then uses the xor program to "exclusive or" the encrypted binary file with the key file (after the skip) and produce an identical copy of the plain text file. (This technique also works with any other file type as message.)
This method gives you secure data transfer without reliance on proprietary software, obscure mathematical theorems, or lack of advances in faster computing. It also fills the internet with packets of encrypted data that will drive the government nuts because they can't crack them.


Observe these safety tips: Have fun!

The Source Code

xor.c main routine
xor.h header file
help.c help function
usage.c usage function
Test testing shell script
test.txt test input

xor.ALL self-extracting shell archive of above (run by: sh xor.ALL)

test_encrypted.bin.uu.txt test encrypted uuencoded message KEY test key (Do not click! Use "Save Link As...")

$2000 Challenge

Date: Sat, 9 Oct 1999 13:32:22 -0700 (PDT)
From: Alan Barnum Scrivener 
To: <a bunch of people>
Subject: Re: unbreakable code?
Cc: abs@well.com

Hello again friends.  In my inexorable search for the ugliest color scheme
on the internet I have located the following image:


which is about 64000 times uglier than my previous nominee.

Also, I am offereing a $20 gift certificate at Amazon.com to the first
person to decrypt this message and send me the plain text:

---------------------------------- cut here ----------------------------------
begin 600 message.bin
MU_A]HF_!^  %>8>5M#D([6-'-77&L(3+YF:LX<EI0%.K+C<9<RA?A.^W*X^:
MW>+/S5S(-#?T*)!*OY8K3DT#JL"*'Z%OQ/)MNN-&M5-0/*1GC+??+KP&W 'Z
M-!RY8=T0+W/S:N-)XTJ+]!&9\6.@<*S8>!$HRV*,!9F015IJ--I EG91T*KB
---------------------------------- end here ----------------------------------

....and I am offering $2000 cash to anyone who decrypts this
message and sends me the plain text:

---------------------------------- cut here ----------------------------------
begin 600 message2.bin
M_)2 WK@,%>B#X1':;5W_#\QD#K2&LGG]*?4@1Z'E/6D@E^-OJ"ZU.3,#U<" 
---------------------------------- end here ----------------------------------

Have fun!

Last update: 13-Oct-1999