Discussion:
One Time Pad & Transmission Control Protocol
(too old to reply)
iamsam
2013-07-26 12:18:14 UTC
Permalink
Hi All,

Apologies if the two groups this is being posted to is not appropriate,
I thought I would try to get the best of two disparate opinions here...

Is there any known mechanism for encrypting a TCP stream with an OTP?

Assuming I have a true RNG to generate the pad and I have established a
secure key transmission method, does anybody know of any implementations
that will encrypt a TCP stream with an OTP with a corresponding OTP at
the other end to perform the decryption?

I look forward to the responses!

Sam
--
rossum
2013-07-26 13:32:32 UTC
Permalink
Post by iamsam
Assuming I have a true RNG to generate the pad
That is a far from trivial task. For a true RNG you need some very
good sources of entropy in large enugh quantities to produce enough
truly random key material.
Post by iamsam
and I have established a secure key transmission method
For an OTP the key is as long as the message, and you need to send a
new key for every new message. If you have a secure way to transmit
something the size of your secret key then you can use exactly the
same method to transmit the message itself, which is just as long as
the key. In effect, just send the actual message on the secure
channel you would have used for the key and forget about sending the
key altogether.

The OTP does have its uses, but for many purposes it is not practical.

rossum
iamsam
2013-07-26 13:55:13 UTC
Permalink
Post by rossum
Post by iamsam
Assuming I have a true RNG to generate the pad
That is a far from trivial task. For a true RNG you need some very
good sources of entropy in large enugh quantities to produce enough
truly random key material.
Appreciated...
Post by rossum
Post by iamsam
and I have established a secure key transmission method
For an OTP the key is as long as the message, and you need to send a
new key for every new message. If you have a secure way to transmit
something the size of your secret key then you can use exactly the
same method to transmit the message itself, which is just as long as
the key. In effect, just send the actual message on the secure
channel you would have used for the key and forget about sending the
key altogether.
The key can be passed in person. The key is likely to be many times the
size of a 'normal' message. The information to be encrypted will be
created at some point in the future when the two parties cannot meet to
exchange the information therefore the use of OTP for the transmission.
Post by rossum
The OTP does have its uses, but for many purposes it is not practical.
OTP is a nightmare in so many regards, I was simply wondering if there
was an implementation in existence that would deal with this.

An alternative would be to adapt an implementation of a TCP stack that
used a PRNG for encryption and simply replace the PRNG with the OTP.

Thanks for your input Rossum - it is appreciated.

Sam
Andrew Swallow
2013-07-26 15:19:11 UTC
Permalink
Post by iamsam
Post by rossum
Post by iamsam
Assuming I have a true RNG to generate the pad
That is a far from trivial task. For a true RNG you need some very
good sources of entropy in large enugh quantities to produce enough
truly random key material.
Appreciated...
Post by rossum
Post by iamsam
and I have established a secure key transmission method
For an OTP the key is as long as the message, and you need to send a
new key for every new message. If you have a secure way to transmit
something the size of your secret key then you can use exactly the
same method to transmit the message itself, which is just as long as
the key. In effect, just send the actual message on the secure
channel you would have used for the key and forget about sending the
key altogether.
The key can be passed in person. The key is likely to be many times the
size of a 'normal' message. The information to be encrypted will be
created at some point in the future when the two parties cannot meet to
exchange the information therefore the use of OTP for the transmission.
Post by rossum
The OTP does have its uses, but for many purposes it is not practical.
OTP is a nightmare in so many regards, I was simply wondering if there
was an implementation in existence that would deal with this.
An alternative would be to adapt an implementation of a TCP stack that
used a PRNG for encryption and simply replace the PRNG with the OTP.
Thanks for your input Rossum - it is appreciated.
Sam
Replacing the OTP random source with a PRNG gives you a serial crypto.
The PRNG needs a secret key variable. The easiest secure PRNG is AES.

Andrew Swallow
unruh
2013-07-26 17:16:10 UTC
Permalink
Post by rossum
Post by iamsam
Assuming I have a true RNG to generate the pad
That is a far from trivial task. For a true RNG you need some very
good sources of entropy in large enugh quantities to produce enough
truly random key material.
Post by iamsam
and I have established a secure key transmission method
For an OTP the key is as long as the message, and you need to send a
new key for every new message. If you have a secure way to transmit
something the size of your secret key then you can use exactly the
same method to transmit the message itself, which is just as long as
the key. In effect, just send the actual message on the secure
channel you would have used for the key and forget about sending the
key altogether.
The channel available for sending the key may not be available when the
message needs to be sent. There may be no message when the key channel
is open. In fact that is the usual situation for messages and keys.
Furthermore it may be possible to send a key without being able to send
a message by that channel-- think of quantum key exchange-- that quantum
channel cannot be used to send a message, but it can be used to generate
a key.
Post by rossum
The OTP does have its uses, but for many purposes it is not practical.
rossum
rossum
2013-07-27 13:15:07 UTC
Permalink
Post by unruh
Post by rossum
Post by iamsam
Assuming I have a true RNG to generate the pad
That is a far from trivial task. For a true RNG you need some very
good sources of entropy in large enugh quantities to produce enough
truly random key material.
Post by iamsam
and I have established a secure key transmission method
For an OTP the key is as long as the message, and you need to send a
new key for every new message. If you have a secure way to transmit
something the size of your secret key then you can use exactly the
same method to transmit the message itself, which is just as long as
the key. In effect, just send the actual message on the secure
channel you would have used for the key and forget about sending the
key altogether.
The channel available for sending the key may not be available when the
message needs to be sent. There may be no message when the key channel
is open. In fact that is the usual situation for messages and keys.
Furthermore it may be possible to send a key without being able to send
a message by that channel-- think of quantum key exchange-- that quantum
channel cannot be used to send a message, but it can be used to generate
a key.
You are correct of course. That is one of the circumstances where the
OTP is practicable.

rossum
Post by unruh
Post by rossum
The OTP does have its uses, but for many purposes it is not practical.
rossum
Peter Fairbrother
2013-07-26 15:51:05 UTC
Permalink
Post by iamsam
Hi All,
Apologies if the two groups this is being posted to is not appropriate,
I thought I would try to get the best of two disparate opinions here...
Is there any known mechanism for encrypting a TCP stream with an OTP?
Assuming I have a true RNG to generate the pad and I have established a
secure key transmission method, does anybody know of any implementations
that will encrypt a TCP stream with an OTP with a corresponding OTP at
the other end to perform the decryption?
I look forward to the responses!
I don't know of any present implementations.

The late Len Sassaman used to hand people CDs of real-random OTP which
included a few shell scripts for using the OTP with files and iirc TCP
packets as well.

Unfortunately that was many years ago, and afaik the scripts are lost.
Shouldn't be all that hard to write new ones though.

If you want seamless integration it'll take a bit more effort than a few
scripts, but you may be able to hack something which uses eg AES on TCP
packets and replace AES with OTP.

In those days of 56k modems a CD-full would last a long time, but you
would probably want to use DVD-fulls or even BD-fulls rather than CDs now.


-- Peter Fairbrother
Loading...