One-Time Pad Encryption

[tsoftonline]

My company just had me lead the development team for a new encryption program we were releasing. It basically broke down a password with the ascii numbers and put them through an algorithm. Using the algorithm results, it reads fifty numbers out of a random encrypted list (the pad) of lots of numbers (not allowed to say how many). Then it puts the unencrypted string into a 128-bit DES algorithm with the first of the fifty numbers as the password. The newly encrypted string is rolled over into the same DES algorithm with the second number as password. And so on. The program automatically "deletes" (secure wipes the hard drive) the one-time pad after transferring it over TCP/IP to the other end. Then the other end decrypts it and their copy is also wiped. What happens if the pad is intercepted by a hacker? Not only is it encrypted with a one-time pad built into the program, but it won't do you any good without the message (one pad per message) which is sent seperately, but you also need the password to decrypt it. It's more complicated than what I just explained, but we can't give too much away can we... The point is, we've since finished the project, and I was wondering if anyone else has worked on really advanced or new encryption systems?

[Vbmaster_YesSir]

Have you considered using a public-private key scheme (i.e. RSA) instead? One example of using this is (in this example the server computer wants to send data to the client computer).

(C) The client computer generates a public/private key pair

(C) The client sends the public key to the server computer.

(S) The server generates a random key with adequate length.

(S) The server now encrypt the data to be sent with the randomkey, here you can use DES although DES is kinda old maybe the new AES choice Rijndael (256-bit encryption) is a good solution.

(S) Now the server encrypts the random key with the public key it got from the client.

What you have now is the encrypted key and the encrypted data. You will need to send both of these to the client computer. The client simply decrypts the key using it's private key (this key is never shared with anyone). Now it simply decrypts the data with the decrypted key.

Even if someone is able to intercept the data, all (s)he got is the public key from the client, and the encrypted key and the encrypted data from the server. He doesn't have access to the most important thing, the client's private key.

[Vbmaster_YesSir]

I noticed my post assumes you have some knowledge of the RSA public-private key scheme, to put it easy it means you can create a pair of keys, one is public and the second is a private key. When you encrypt something with the public key, you can only decrypt it with the private key (or vice versa). This way you do not use the same key when you encrypt as when you encrypted it.

[tsoftonline]

Yeah, we've done some RSA before... I like the sound of this AES... where can I find more info on this and/or an actual algorithm??? Thanks!

[Vbmaster_YesSir]

**

Might I ask you - if you have done RSA before what made you look for another solution? Although your current scheme look difficult to crack, it sounds like that if anyone is intercepting the traffic (s)he can get everything that is neccessary to decrypt the message (it might be hard but all the neccessary data is there). And if (s)he got a copy of your program (s)he might be able to reverse-engineer the scheme. With the RSA method you do not have this problem. Even if (s)he successfully reverse-engineer the code and knows the encryption scheme, (s)he still needs the private key from the client.

**

The Rijndael homepage is at...

http://www.esat.kuleuven.ac.be/~rijmen/rijndael/

There you can find technical papers describing the algortihm, and you can also find source code in different programming languages. I can only speek for the VB version, and it's terribly slow at it's current state, but I messed with it for some hours yesterday and I know you can make a VB program that encrypts at 1.5mb/s on a K6-2 350mhz. I don't know how fast DES is, but I would think that the actual transmission is the bottleneck not the speed of the encryption, unless you are only to send the data thru your local LAN.

[Jenny W]

Originally posted by tsoftonline
My company just had me lead the development team for a new encryption program we were releasing. It basically broke down a password with the ascii numbers and put them through an algorithm. Using the algorithm results, it reads fifty numbers out of a random encrypted list (the pad) of lots of numbers (not allowed to say how many). Then it puts the unencrypted string into a 128-bit DES algorithm with the first of the fifty numbers as the password. The newly encrypted string is rolled over into the same DES algorithm with the second number as password. And so on. The program automatically "deletes" (secure wipes the hard drive) the one-time pad after transferring it over TCP/IP to the other end. Then the other end decrypts it and their copy is also wiped. What happens if the pad is intercepted by a hacker? Not only is it encrypted with a one-time pad built into the program, but it won't do you any good without the message (one pad per message) which is sent seperately, but you also need the password to decrypt it. It's more complicated than what I just explained, but we can't give too much away can we... The point is, we've since finished the project, and I was wondering if anyone else has worked on really advanced or new encryption systems?

Just clarifying (sort of initial question to make sure I understand) - so the OTP (the keys so to speak) are sent over the same connection as the ciphertext - is that right? Is the key that determines the decryption of the OTP hidden in the software?

[tsoftonline]

Jenny W- No. I'm afraid I wasn't very clear on that matter. The program has an option to transmit only the OTP to the recipient (usually used on a company network); however, the system works best over a more open connection if the OTP is given to the recipient on a floppy disk. This is the method used by our major clients who use Falcon for large documents, accounting reports, etc.

VBMaster- I think the same thing that confused Jenny made you think of RSA. Falcon is not neccessarily designed for secure online transmissions and the like. It is a block cipher used by many of our clients to encrypt the records in their archives or whatever. The encrypt the data as their writing it to a floppy or a CD-R to go in their physical records. This not only protects the data from the outside of the company, but also keeps different company projects compartmentalized.

BTW-- I downloaded both the C++ and VB implementations of Rijndael AES algorithm and they work perfectly.

[tsoftonline]

Jenny W - The key that decrypts the OTP is in the software. But even if you have the program, the decrypted OTP, and the ciphertext you still need the ASCII password. And since the ciphertext and OTP are transmitted through seperate means (e-mail and floppy, TCP/IP and floppy, etc.), it would be very hard to get all of that information, not even thinking about the password.

Also, some of the implementations of Falcon (that run on computer networks) have been modified so that they only run on computers on the network. As a result of that (besides the added security in and of itself), the OTP's (since they are uniquely created for every encryption), can be tracked by Falcon through out the company. If a certain office or cubicle attempts to decrypt something that they don't have access to, the appropriate people in the company are notified.

That may seem a little extreme, but for some security aware companies, it seems worth the trouble.

As to reverse-engineering the algorithm, as I mentioned above, there are sections of the program, such as countermeasures to that kind of thing, that I'm not allowed to share here.

Thanks again.

[Jenny W]

Originally posted by Vbmaster_YesSir
**

Might I ask you - if you have done RSA before what made you look for another solution? Although your current scheme look difficult to crack, it sounds like that if anyone is intercepting the traffic (s)he can get everything that is neccessary to decrypt the message (it might be hard but all the neccessary data is there).
**

The Rijndael homepage is at...

http://www.esat.kuleuven.ac.be/~rijmen/rijndael/

There you can find technical papers describing the algortihm, and you can also find source code in different programming languages. .

Two very good points. Does anyone know of an RSA implementation in VB (with source available) that is actually secure though (rather than one of these things that overflows if the primes exceed three digits - which seems to be the standard sort of VB RSAQ implementation)

[Cheitan]

Well I got a question while were at it (Forgive me if I do a lot of typo mistakes, im on an english keyboard on a laptop and not used to this :P)

I did a text-encrypting program that works as follows:

When you start the program, a random 12digit key is generated. This key is the result of a complex algorithm.

To encrypt the text, it uses certain characters in the algorithm result (password), multiplies, adds, subtracts, etc the ascii value of each character... using these specific digits, then puts it in hex. It then takes the password and does a couple calculations like multiplying it by certain digits in the password itself, and then saves that in the text file.

To decrypt, it does all this in reverse, checking if the password given and the rest of the values match.

So please tell me... Would this be easy to crack? I dont know a thing about cracking, I dont know how they do it, so if someone tried cracking something encrypted like this, would it be easy??

I was thinking of adding an IP check and all so it can only be read on a single computer, so whether or not the person has the password, its useless unless its on the right computer. Any other way better than an ip?

[Jenny W]

Cheitan
Typically cryptographers find the sort of approach that you describe trivially easy to crack even with a known-plaintext attack. Even cryptographically naive hackers or crackers will be eaisily be able to derive your algorthm from decompiling your source. Have a look in Bruce Schneier's Applied Cryptography to get an idea of what sorts of systems work and what does not as well as geiing to know about the standard crypto attacks.

[Jenny W]

This may also be useful

Why Cryptography Is Harder Than It Looks:
http://www.counterpane.com/whycrypto.html

[Cheitan]

I figured the looking at the source thing, but it's useless. Even if they find the way to the algorithm, they didnt find the password, or the decryption method. The decryption method uses certain charaters in the password itself, which was randomly genrated. Actually, the algorithm is just an extra security. In other words, any password COULD work, wont give an error, it just wouldnt decrypt properly.

[Vbmaster_YesSir]

Jenny_W: No, I don't think there's any good VB code available. The only code I've seen is very basic and checks for prime numbers by trying every possible factorization. There are much better ways to do this. You don't want to attempt this with yyyy digits.

This might be a good starting point to find 'good' primes..

http://www.utm.edu/research/primes/prove/


Cheitan: Why design your own encryption method when there are algortihms that are proven strong and secure? And been subject for cryptoanalysts for several years?