A+2 becoming 2 isn't just okay, it's critical. A big part of the reason ENIGMA was first cracked was when they realized a letter could never become itself when encrypted.
Great video! brings back memories of using this in the Army to encode messages and send the 5 character groups over HF using Morse code. Then receiving 3 different messages and decoding them to find the correct one.
Nicely explained. One time pads are totally secure if they are: Generated randomly Distributed securely Securely hidden Only ever used once Destroyed after use Obviously, these are operational considerations/limitations. For all the ‘clever’ people out there insisting that modern cryptography is better... we have no way of knowing if it’s genuinely secure (or if it currently is, how long it will remain so). Anyone who thinks commercially sold ‘secure’ radios are genuinely secure from state actors like the NSA... I have a bridge to sell you.
I'm glad you like it. I figured it was pretty important to be able to handle things like addresses, so I made to include numbers in my chart. Modulo 38!
@@lrnselfreliance what do you use to make the random code and where do you get the cheat sheet, did you make that part too or did you find it somewhere?
Try this. A program that captures random mouse movements and creates a OTP from them. It then creates a scrambled character set of 94 characters. It embeds the character set, one time pad and password into a picture using special fonts and glyphs from all of those fonts. Then a cloak function that on every generation of the cloak value, will produce a new character set, one time pad and password. The final character set, one time pad and password produced by the cloak value will decrypt the picture. The sender and receiver will need the cloak value or know how to generate the cloak value from the picture. IE: Take the top left glyph value and add it to top right glyph. Do the same for the bottom left and right glyphs. Multiply them together and that is the cloak value. Or any other rule for creating a cloak value. The sender sends the final cloaked picture created from the fonts and glyphs to the recipient. The recipient needs the special font sets that were used to encode the picture and then recreates the same picture within the program, by finding the glyphs used to create the received picture. Using the correct cloak value they will then be able to ascertain the character set used, one time pad and password to open anything embedded within the picture using steganography. What do you think?
Don't forget to use FLASHPAPER for real life events that require improved security all round.Once you have worked out the encryption & TXd it off, you can destroy the message with a cigarette, lighter or match in an instant & no trace of the original exists.
You (rightly so) point that is illegal to transmit or receive encrypted msg traffic. There is nothing which says you cannot use modern mobile phones. Initial stages, warning phase still means that most smart phones can deliver 600 character messages via SMS service provision. Most cellnet providers do not charge for such message traffic. Not only could folks trained up to think OPSEC, but also to practice this method of encryption to good user standards
what's the difference between data integrity vs encryption? does a checksum or CRC indicate encryption or is it integrity? Do i have to transmit a decoding method first before I send a message? Is a morse code caeser cypher encryption? What about lookup tables? This is vague to no end!
Encryption is not integrity. You can combine the two to ensure your encryption is correct. You don’t need to send your decoding method first if you are all sharing the same one time pad
Work with Unicode instead of ASCII if you want to have more characters to work with. Can you do Encryption over CB radio as that is no longer under license right? I would be using a pencil instead of a market if I were you lol. I also suggest getting a thesaurus out so that when you make your message you can choose different words to use so long as that does not somehow change the meaning of what you are trying to say. You may be using the thesaurus just to make the message shorter in words.
Serious question? What sheet size is used in generating cheat sheet & OTP Sheets themselves? US Legal or A4 ? The latter would've wider appeal to your European users. It also would mean resizing layout might be required for such? Please advise?
Word Office application allows me to copy & paste onto A4 sheet format using NARROW margins> Even the cheat sheet lost its' "key" side of the vertical lettering. I am starting to work in Word, to see IF I can rectify OR may've sacrifice that column. Many thanks for your reply.
+Peter Del Valle typically they would send and receive to you only. Then remove each message as it’s used I expect you could announce that you’re using pad 1 message 1, it could only be broken if someone kept the transcripts and stole an unburned pad after the fact. Telling everyone you are using a one time pad would only tell them what to look for if the my broke into your house.
@@lrnselfreliance a reason why the radio and pad were often never in the same place at the same time during resistance operations in europe. Messages were pre-encoded and passed to the radio operator via a cutoff. If caught, he had no idea about the message and did not have a pad. Burning pad entries only provides backwards secrecy... but a copied pad compromised all forward messages, and since the RO was at risk he would never have access to the pad nor knowledge of its location. When receiving, the RO would just copy the message blind and drop-box it. Now, dropboxing and cutouts... that's an amazing topic ; ) These days we have many elegant solutions. Wireless, TOR-connected and ISM-band dropboxes allow for cell-members to not even know the location of the dropbox, maybe just a route to walk or place to stand. And automated exchange dropboxes have been fitted inside of computer keyboards. More powerful ones have been left dangling inside walls (hanging from the back of electrical sockets in offices and public bathrooms) some even exposing TOR hidden services or giving a covert node onto the office wifi from elsewhere. The beauty is when you couple this with an app that collects and redistributes content. A short walk clones one box, concatenates to the next dropbox... and by the time you pass the first one again, they're synched. The courier needn't even be aware they're a courier. I always wondered about setting up an unsuspecting persons car, mobile or some public transport as a courier... my dream would be dropboxes in the signage systems of bus-stops, or in public streetlamps ... with buses and pedestrians obliviously smearing their content across boxes city-wide : ) The digital age gives so much scope. My favourite used to be placing them inside the light fitting on train bathrooms, and exposing them publicly as a place for customers to swap junk... poems, rude jokes, images, recipes, etc. We did about 20 trains over a year, when I was at uni ... I've encountered many of them again since, and they're always full of bizarre content. I was reminded of all this more recently when I discovered a USB plug sticking out of a wall in the city centre. Apparently kids are taking their old memory sticks, finding cracks in walls, and epoxying them in there to be used by any passing adventurer... ... music, stories, poems and subversive political diatribes are to be found on these, and sometimes maps to other drops as complete strangers try to cooperatively map the cities covert data drops. I even found one in the bench at a local park, a tiny one, carved into a split in the wood and glued (it's since been damaged unfortunately) But USB is a bit ghetto for me, I prefer the thrill of stolen electricity and covertly installed wireless nodes, or the secrecy of low-power ISM - but still, it's cool nonetheless. There's a whole series of subversive cultural mechanisms going on out there, right under everyone's noses. Pays to keep your eyes open and your wifi list scanning ; )
Maybe first character of the message and last character of the message will tell them what pad and message. Or the first two characters. Or first character of the first two sets... so on and so on. Each person can have their own method, even within a group.
Hi, are you sure, that you gave the right Ciphertext? Here is what I have as result: IFYEA R6PRE PARED YESHA LLN (is not complete, because it gave no sence to me!)
it looks like one character may have been missed, which shows the secure nature of this system. even after all the work, just one bit missing and all data shifts leaving the true meaning of the msg hidden. i've considered even another method of scrambling or cipher was used to create more challenge in decoding. my full decrypt is here. IFYEA R6PRE PARED YESHA LLNOT FEMR
ok several things. 1. He mentions they cant listen in on this communication. WRONG. I can still listen in I and Direction Find you I just cant understand the meaning of the message. 2. he mentions you cant purchase encrypted radios. WRONG you can. I work for Motorola and sell encrypted radios to individuals all the time. up to 256 bit encryption even. Yes you need a license to do so. Yes any business that wants them can pay and buy them. Yes it is illegal on ham bands but not business bands.
all those things stipulated... Does it really matter IF they can understand what you are saying, given that if you transmit long enough or from the same area too often and they can FIND you ???
BTW the over editing of the other videos in this series. Obliterate the encrypted msg at the end of of this video. But nevertheless, it is down to the viewer to become a user & practice this method UNTIL they can do it in their sleep. The next time they could get called upon to perform this activity, they shall not have luxury of time nor comfort on their own side. Imagine having to perform decryption under some poncho rain shelter below zero using gloved hand, pencil & PAPER -old fashioned I know, but rather proven!
Without an equivalent to a Rosetta Stone, languages cannot be "decrypted." Just ask the Navajo Windtalkers how fast Hitler "decrypted" them. When your limit=the huan imagination, there are even ore possibilities that AES-512 bit. However, we humans aren't as FAST as AES us in modern microprocessors, and you're allowed to use encryption via internet, just not via most of vhf & uhf -- your smartphone is even smaller than a HT uhf/vhf radio, and MURS-with-encryption, or >8GHz, are unregulated, as are rolling Codes & a few other weak-encryption systems.
So, some practical considerations.. Too slow for tactical comms No plausible deniability when search reveals pad and radio No forward protection against capture or, worse, copying No backwards protection in a shared pad unless everyone monitors every broadcast Requires secure channel to exchange pads, or meetings that can compromise cell hierarchy Needs additional protocol per pair of ad-hoc correspondents, when more than two, else message numbers desynchronise Though OTP is technically unbreakable from a purely cryptanalysis viewpoint, there's a reason it is rarely used in anger anymore. Procedurally, it can be highly vulnerable, pads must be large and are difficult to manage and it's too cumbersome to be used tactically. There ARE encryptable radios in the digital radio space, and they can be bought openly without any issues at all. Programming software and cables are then used to set up the features needed. Coupled with brevity and good RT, digital commercial radios are sufficient. Note, I do not count Mototrbo as adequate against an organised opponent or a state actor... and none of the DMR radios offer adequate protection against anything but casual eavesdropping. TYT, for example, employ less than 50 bits of the key and reuse it on every frame - making it very trivial to break (obfuscation rather than encryption) Basically, for an encrypted commercial radio, ham equipment and chinese knockoffs are a bad idea. Mototrbo and similar are fine against random elements but not against state level bad actors, Tetra airwave is old but can be relatively strong. LTE is provably strong, but too expensive and requires cellular infrastructure _(and if that were an option, you'd probably be using TOR or similar for text and VoIP)_ That's not to say that OTP doesn't have it's place. The OTP is excellent for scheduled broadcasts from random locations, where the message can be transcribed ahead of time such that the radio operator and pad are never together. Given the speed of phase locating radios, this restriction should be upheld for any listeners who actively 'check in' to a net. Live translation and "conversational exchanges" are to be STRONGLY discouraged in any pad based scheme. Hence, for tactical comms... OTP is pretty much useless unless your position offers enough protection to ensure enough time for thorough destruction of the pads. In organised warfare this is usually the case... but for lone operators transmitting from woods or their homes, it is not.
Roland, IF this was so easy to de-crypt, WHY did I end up with the following de-crypted text from the end of this video? 25M6A TEVT6 VA56A M653A ZZXXR 5EYT?
WAIT... its -Illegal- to encrypt your communication.... well thats not overreaching at all dear gov. ...how dare we try and keep our private conversations private, and with things like the 4th ammendment even.
+Learning Self-Reliance Really? I've been using this on the 70cm band and I've been telling people who asked me what the hell I'm doing that you said it was 100% OK! You want me to stop cause I already told about 100 hams
wow. what a system! I'd be interested in watching how you decode the message without the cheat sheet. please make the video. I'm curious, what type of message is so private that one would have to use this? (not trying to be annoying, I'm genuinely curious) also, you try roastin that broccoli yet? last thing: how are you're seeds doing?? I planted some about two weeks ago and just noticed a few sprouts popped up! I built a garden bed for them today. My first time building anything actually. haha
+Andy Rosenberg The only time you'd use something so secure like this method is if lives would be at stake if the message was received by the wrong people. I'm thinking marauders or gangs in a WROL (without rule of law) scenario. I haven't roasted any broccoli yet, lol. I do need to make an update video about my seeds. They're doing well! Growing like crazy.
cool but really slow be cool if just make some stand alone electronic boxes that will do the work for you if both devices are stand alone you could plug the keys on both sides then type between the two of them. The risk if one end ending up in the wrong hands is no more risk then getting the paper version.
+CJ1777 it does not have a vowel usage issue because every character is matched with another random character. A vowel issue could be exploited if the cypher was to repeat. This does not have a repeating cypher.
Not very practical in the field. you make the assumption that someone can keep their one time pad safe. Steal the pad and the whole system is down. It just makes people feel safe when they aren't. you also have To implement a schema as to which one time pad to use for each message. over time you end up with books and books of one time pads. in the cold war this was considered a real ball ache keeping unique systems. Why not just use a public RSA key encryption and an encryption/ decryption app. So much easier and 256 bit is perfectly safe This is just appealing to people who want a 007 fantasy. I say that being an information security and encryption specialist as my chosen profession.
Can you encrypt a message using a 256 bit key in your head? Just destroy each pad as it’s used. Why would you keep the keys or decrypted messages after reading them?
@@lrnselfreliance Respectfully you’re responding to someone who has studied cryptography. My interest in prepping and secure comms is not only my passion but my life, cryptography is my profession for which I am very well qualified and published. In short, my advice is sound. Your failure and weakness in your method is because its false to think its a simple process as both key generation and key management (eg distribution and syncronization) are very difficult from a onetime pad perspective, especially over time in a grid down scenario. Entropic analysis and a dictionary attack would break your onetime pad quickly as it wouldn’t be truly random and you wouldn’t even know the book was corrupted. Basically, its toy cryptography which people who know very little about cryptography would recommend. As you have electrical devices (eg to transmit) the easier way would be to use something far more secure and simpler method. best regards. eg just use simple encrypted point to point comms like NEXEDGE or similar. Also FCC might have some problems with your video. reality is best to encrypt not over HAM radio. KM4ACK has some great videos on this.
I actively discouraged people from encrypting their radio communications in this video. I agree that pad distribution would be extremely difficult in a grid down scenario, but I think it would be worth working through for the ease of use that a OTP offers. I do disagree that my pad is a toy and can be beaten with a simple dictionary attack. The randomness generated by a modern computer is secure enough. Would you like to demonstrate your skills? I can generate some randomness right now, you could then tell me which seed I used to generate it?
I don't get the obsession of doing things in your head? eg you need a machine to do comms and you would need a machine to make the one time pad. you're already not doing it in your head. Cryptography is a huge subject and there is a wealth of information on why one time pads are basically toy. No need for me to do a demonstration, its well documented. each to their own as they say.
I can use a OTP to send a paper message. As I said, I have not encouraged anyone to send a OTP message over the radio. Are you some FCC guy trying to slip me up? The wealth of information I have read says they are not a toy.
A+2 becoming 2 isn't just okay, it's critical. A big part of the reason ENIGMA was first cracked was when they realized a letter could never become itself when encrypted.
Great video! brings back memories of using this in the Army to encode messages and send the 5 character groups over HF using Morse code. Then receiving 3 different messages and decoding them to find the correct one.
i always had trouble tring to think of how to decypher one of these, thanks for showing it
+Bryan Lovell the cheat sheet helps immensely
Nicely explained.
One time pads are totally secure if they are:
Generated randomly
Distributed securely
Securely hidden
Only ever used once
Destroyed after use
Obviously, these are operational considerations/limitations.
For all the ‘clever’ people out there insisting that modern cryptography is better... we have no way of knowing if it’s genuinely secure (or if it currently is, how long it will remain so).
Anyone who thinks commercially sold ‘secure’ radios are genuinely secure from state actors like the NSA... I have a bridge to sell you.
Nicely done. I'm use to modulo 10 (classic numbers station style) OTP, but your method handles numbers more efficiently.
I'm glad you like it. I figured it was pretty important to be able to handle things like addresses, so I made to include numbers in my chart. Modulo 38!
Also, make sure to check out Part 2. I made a OTP generating page. Pretty handy!
Codebook s can be helpful, alternate to letter- number chart.
@@lrnselfreliance what do you use to make the random code and where do you get the cheat sheet, did you make that part too or did you find it somewhere?
Does it bother anyone else that he keeps putting the cap back on his Sharpie?
I can’t let it dry out! I gotta lose it first! 😝
it would bother me if he didn’t
Try this. A program that captures random mouse movements and creates a OTP from them. It then creates a scrambled character set of 94 characters. It embeds the character set, one time pad and password into a picture using special fonts and glyphs from all of those fonts. Then a cloak function that on every generation of the cloak value, will produce a new character set, one time pad and password. The final character set, one time pad and password produced by the cloak value will decrypt the picture. The sender and receiver will need the cloak value or know how to generate the cloak value from the picture. IE: Take the top left glyph value and add it to top right glyph. Do the same for the bottom left and right glyphs. Multiply them together and that is the cloak value. Or any other rule for creating a cloak value. The sender sends the final cloaked picture created from the fonts and glyphs to the recipient. The recipient needs the special font sets that were used to encode the picture and then recreates the same picture within the program, by finding the glyphs used to create the received picture. Using the correct cloak value they will then be able to ascertain the character set used, one time pad and password to open anything embedded within the picture using steganography. What do you think?
Lol! Genius
@@lrnselfrelianceI've developed this program and fonts, but not much use in a SHTF scenario, I know :-(
Don't forget to use FLASHPAPER for real life events that require improved security all round.Once you have worked out the encryption & TXd it off, you can destroy the message with a cigarette, lighter or match in an instant & no trace of the original exists.
You (rightly so) point that is illegal to transmit or receive encrypted msg traffic. There is nothing which says you cannot use modern mobile phones. Initial stages, warning phase still means that most smart phones can deliver 600 character messages via SMS service provision. Most cellnet providers do not charge for such message traffic. Not only could folks trained up to think OPSEC, but also to practice this method of encryption to good user standards
Too true! Encryption in cellphones is vital. Logging into your banking app through an unencrypted signal would be a disaster.
what's the difference between data integrity vs encryption? does a checksum or CRC indicate encryption or is it integrity? Do i have to transmit a decoding method first before I send a message? Is a morse code caeser cypher encryption? What about lookup tables? This is vague to no end!
Encryption is not integrity. You can combine the two to ensure your encryption is correct. You don’t need to send your decoding method first if you are all sharing the same one time pad
Work with Unicode instead of ASCII if you want to have more characters to work with. Can you do Encryption over CB radio as that is no longer under license right? I would be using a pencil instead of a market if I were you lol. I also suggest getting a thesaurus out so that when you make your message you can choose different words to use so long as that does not somehow change the meaning of what you are trying to say. You may be using the thesaurus just to make the message shorter in words.
excellent work Roland - you ROCK!!!
Serious question? What sheet size is used in generating cheat sheet & OTP Sheets themselves? US Legal or A4 ? The latter would've wider appeal to your European users. It also would mean resizing layout might be required for such? Please advise?
I used A4. I haven’t tested other sizes
Word Office application allows me to copy & paste onto A4 sheet format using NARROW margins> Even the cheat sheet lost its' "key" side of the vertical lettering. I am starting to work in Word, to see IF I can rectify OR may've sacrifice that column. Many thanks for your reply.
How does the receiver know you're using Pad 1 Message 1?
+Peter Del Valle typically they would send and receive to you only. Then remove each message as it’s used
I expect you could announce that you’re using pad 1 message 1, it could only be broken if someone kept the transcripts and stole an unburned pad after the fact. Telling everyone you are using a one time pad would only tell them what to look for if the my broke into your house.
@@lrnselfreliance a reason why the radio and pad were often never in the same place at the same time during resistance operations in europe. Messages were pre-encoded and passed to the radio operator via a cutoff. If caught, he had no idea about the message and did not have a pad.
Burning pad entries only provides backwards secrecy... but a copied pad compromised all forward messages, and since the RO was at risk he would never have access to the pad nor knowledge of its location. When receiving, the RO would just copy the message blind and drop-box it.
Now, dropboxing and cutouts... that's an amazing topic ; )
These days we have many elegant solutions. Wireless, TOR-connected and ISM-band dropboxes allow for cell-members to not even know the location of the dropbox, maybe just a route to walk or place to stand. And automated exchange dropboxes have been fitted inside of computer keyboards. More powerful ones have been left dangling inside walls (hanging from the back of electrical sockets in offices and public bathrooms) some even exposing TOR hidden services or giving a covert node onto the office wifi from elsewhere.
The beauty is when you couple this with an app that collects and redistributes content. A short walk clones one box, concatenates to the next dropbox... and by the time you pass the first one again, they're synched. The courier needn't even be aware they're a courier.
I always wondered about setting up an unsuspecting persons car, mobile or some public transport as a courier... my dream would be dropboxes in the signage systems of bus-stops, or in public streetlamps ... with buses and pedestrians obliviously smearing their content across boxes city-wide : )
The digital age gives so much scope. My favourite used to be placing them inside the light fitting on train bathrooms, and exposing them publicly as a place for customers to swap junk... poems, rude jokes, images, recipes, etc. We did about 20 trains over a year, when I was at uni ... I've encountered many of them again since, and they're always full of bizarre content.
I was reminded of all this more recently when I discovered a USB plug sticking out of a wall in the city centre. Apparently kids are taking their old memory sticks, finding cracks in walls, and epoxying them in there to be used by any passing adventurer...
... music, stories, poems and subversive political diatribes are to be found on these, and sometimes maps to other drops as complete strangers try to cooperatively map the cities covert data drops. I even found one in the bench at a local park, a tiny one, carved into a split in the wood and glued (it's since been damaged unfortunately)
But USB is a bit ghetto for me, I prefer the thrill of stolen electricity and covertly installed wireless nodes, or the secrecy of low-power ISM - but still, it's cool nonetheless.
There's a whole series of subversive cultural mechanisms going on out there, right under everyone's noses. Pays to keep your eyes open and your wifi list scanning ; )
Hmmm. I am remember DOS 3--5 "XCOPY" for sub_directory. ;-)
Maybe first character of the message and last character of the message will tell them what pad and message. Or the first two characters. Or first character of the first two sets... so on and so on. Each person can have their own method, even within a group.
Hi, are you sure, that you gave the right Ciphertext? Here is what I have as result: IFYEA R6PRE PARED YESHA LLN (is not complete, because it gave no sence to me!)
it looks like one character may have been missed, which shows the secure nature of this system. even after all the work, just one bit missing and all data shifts leaving the true meaning of the msg hidden. i've considered even another method of scrambling or cipher was used to create more challenge in decoding. my full decrypt is here.
IFYEA R6PRE PARED YESHA LLNOT FEMR
If you are prepared say hello
If ye are prepared ye shall not fear?
I cant decrypt the message from the last screen ... its hidden under oblivious advertisements :)
ok several things. 1. He mentions they cant listen in on this communication. WRONG. I can still listen in I and Direction Find you I just cant understand the meaning of the message. 2. he mentions you cant purchase encrypted radios. WRONG you can. I work for Motorola and sell encrypted radios to individuals all the time. up to 256 bit encryption even. Yes you need a license to do so. Yes any business that wants them can pay and buy them. Yes it is illegal on ham bands but not business bands.
all those things stipulated... Does it really matter IF they can understand what you are saying, given that if you transmit long enough or from the same area too often and they can FIND you ???
Can ASCII characters be used in place of standard alphabet and numerals?
Too long, uses number 32-90. NO GOOD.
I rather use encrypted radio signal the general public can buy these devices now
No they can't
@@skm9420 yes you can
Thank you good information
BTW the over editing of the other videos in this series. Obliterate the encrypted msg at the end of of this video. But nevertheless, it is down to the viewer to become a user & practice this method UNTIL they can do it in their sleep. The next time they could get called upon to perform this activity, they shall not have luxury of time nor comfort on their own side. Imagine having to perform decryption under some poncho rain shelter below zero using gloved hand, pencil & PAPER -old fashioned I know, but rather proven!
Just use MotoTrbo DMR stuff
That's not encrypted.
ENCRYPT: ((messagecharactervalue + otpcharactervalue) - 1 ) mod charactersetlength DECRYPT: ((encryptcharactervalue - onetimepadcharactervalue) -+1 ) mod charactersetlength
There's nothing stopping you from making your own language to use over radio.. just say'n! ;)
Without an equivalent to a Rosetta Stone, languages cannot be "decrypted."
Just ask the Navajo Windtalkers how fast Hitler "decrypted" them. When your limit=the huan imagination, there are even ore possibilities that AES-512 bit. However, we humans aren't as FAST as AES us in modern microprocessors, and you're allowed to use encryption via internet, just not via most of vhf & uhf -- your smartphone is even smaller than a HT uhf/vhf radio, and MURS-with-encryption, or >8GHz, are unregulated, as are rolling Codes & a few other weak-encryption systems.
Wilhelm VonRoefelz You can just use a southern accent and you're safe.
You created language can easily be deciphered. It will have repetition and that would be it's Achilles heel
do not generate the pads on a computer. Computers are not secure and that leaves saved copies of the pads that should have been destroyed.
I use dice to transpose key grops; i dont chang KEY-GROUP.
@@josephtag9108 Dice is the preferred method.
Takes too long. I compromize, make the Cryptanalysis harder to find which key-groups are used when, if they captured the key pad page. Try it. :-)
@@josephtag9108 Not a bad idea, but I personally am willing to take extra time to ensure better security.
Fine for you. My procedure i'd use regardless of spreadsheet, NetRandom, or Fourmilab.ch number generator. TAKE CARE. 8-)
Thanks for the video, I just implemented it in java because I'm really bored
So, some practical considerations..
Too slow for tactical comms
No plausible deniability when search reveals pad and radio
No forward protection against capture or, worse, copying
No backwards protection in a shared pad unless everyone monitors every broadcast
Requires secure channel to exchange pads, or meetings that can compromise cell hierarchy
Needs additional protocol per pair of ad-hoc correspondents, when more than two, else message numbers desynchronise
Though OTP is technically unbreakable from a purely cryptanalysis viewpoint, there's a reason it is rarely used in anger anymore. Procedurally, it can be highly vulnerable, pads must be large and are difficult to manage and it's too cumbersome to be used tactically.
There ARE encryptable radios in the digital radio space, and they can be bought openly without any issues at all. Programming software and cables are then used to set up the features needed.
Coupled with brevity and good RT, digital commercial radios are sufficient. Note, I do not count Mototrbo as adequate against an organised opponent or a state actor... and none of the DMR radios offer adequate protection against anything but casual eavesdropping. TYT, for example, employ less than 50 bits of the key and reuse it on every frame - making it very trivial to break (obfuscation rather than encryption)
Basically, for an encrypted commercial radio, ham equipment and chinese knockoffs are a bad idea. Mototrbo and similar are fine against random elements but not against state level bad actors, Tetra airwave is old but can be relatively strong. LTE is provably strong, but too expensive and requires cellular infrastructure _(and if that were an option, you'd probably be using TOR or similar for text and VoIP)_
That's not to say that OTP doesn't have it's place.
The OTP is excellent for scheduled broadcasts from random locations, where the message can be transcribed ahead of time such that the radio operator and pad are never together. Given the speed of phase locating radios, this restriction should be upheld for any listeners who actively 'check in' to a net. Live translation and "conversational exchanges" are to be STRONGLY discouraged in any pad based scheme.
Hence, for tactical comms... OTP is pretty much useless unless your position offers enough protection to ensure enough time for thorough destruction of the pads. In organised warfare this is usually the case... but for lone operators transmitting from woods or their homes, it is not.
Roland, IF this was so easy to de-crypt, WHY did I end up with the following de-crypted text from the end of this video? 25M6A TEVT6 VA56A M653A ZZXXR 5EYT?
THANKS!
WAIT... its -Illegal- to encrypt your communication.... well thats not overreaching at all dear gov. ...how dare we try and keep our private conversations private, and with things like the 4th ammendment even.
OK thanks, so this is for ham radio? OK, I'll tell them you said it's OK.
+Libslayer007 Ha! Definitely DO NOT use this on your HAM radio. Thanks for watching! :)
+Learning Self-Reliance
Really? I've been using this on the 70cm band and I've been telling people who asked me what the hell I'm doing that you said it was 100% OK!
You want me to stop cause I already told about 100 hams
Ha !
wow. what a system! I'd be interested in watching how you decode the message without the cheat sheet. please make the video. I'm curious, what type of message is so private that one would have to use this? (not trying to be annoying, I'm genuinely curious)
also, you try roastin that broccoli yet?
last thing: how are you're seeds doing?? I planted some about two weeks ago and just noticed a few sprouts popped up! I built a garden bed for them today. My first time building anything actually. haha
+Andy Rosenberg The only time you'd use something so secure like this method is if lives would be at stake if the message was received by the wrong people. I'm thinking marauders or gangs in a WROL (without rule of law) scenario.
I haven't roasted any broccoli yet, lol. I do need to make an update video about my seeds. They're doing well! Growing like crazy.
spies do this all the time and have been for many years. Google "Numbers Stations"
cool but really slow be cool if just make some stand alone electronic boxes that will do the work for you if both devices are stand alone you could plug the keys on both sides then type between the two of them. The risk if one end ending up in the wrong hands is no more risk then getting the paper version.
It does not address the vowel issue. Through vowel usage you can break this down. I can't help but think there is a better way.
+CJ1777 it does not have a vowel usage issue because every character is matched with another random character. A vowel issue could be exploited if the cypher was to repeat. This does not have a repeating cypher.
Not very practical in the field. you make the assumption that someone can keep their one time pad safe.
Steal the pad and the whole system is down. It just makes people feel safe when they aren't. you also have To implement a schema as to which one time pad to use for each message. over time you end up with books and books of one time pads. in the cold war this was considered a real ball ache keeping unique systems.
Why not just use a public RSA key encryption and an encryption/ decryption app. So much easier and 256 bit is perfectly safe
This is just appealing to people who want a 007 fantasy. I say that being an information security and encryption specialist as my chosen profession.
Can you encrypt a message using a 256 bit key in your head? Just destroy each pad as it’s used. Why would you keep the keys or decrypted messages after reading them?
@@lrnselfreliance Respectfully you’re responding to someone who has studied cryptography. My interest in prepping and secure comms is not only my passion but my life, cryptography is my profession for which I am very well qualified and published. In short, my advice is sound. Your failure and weakness in your method is because its false to think its a simple process as both key generation and key management (eg distribution and syncronization) are very difficult from a onetime pad perspective, especially over time in a grid down scenario. Entropic analysis and a dictionary attack would break your onetime pad quickly as it wouldn’t be truly random and you wouldn’t even know the book was corrupted. Basically, its toy cryptography which people who know very little about cryptography would recommend. As you have electrical devices (eg to transmit) the easier way would be to use something far more secure and simpler method. best regards. eg just use simple encrypted point to point comms like NEXEDGE or similar. Also FCC might have some problems with your video. reality is best to encrypt not over HAM radio.
KM4ACK has some great videos on this.
I actively discouraged people from encrypting their radio communications in this video. I agree that pad distribution would be extremely difficult in a grid down scenario, but I think it would be worth working through for the ease of use that a OTP offers. I do disagree that my pad is a toy and can be beaten with a simple dictionary attack. The randomness generated by a modern computer is secure enough.
Would you like to demonstrate your skills? I can generate some randomness right now, you could then tell me which seed I used to generate it?
I don't get the obsession of doing things in your head? eg you need a machine to do comms and you would need a machine to make the one time pad. you're already not doing it in your head.
Cryptography is a huge subject and there is a wealth of information on why one time pads are basically toy. No need for me to do a demonstration, its well documented. each to their own as they say.
I can use a OTP to send a paper message. As I said, I have not encouraged anyone to send a OTP message over the radio. Are you some FCC guy trying to slip me up? The wealth of information I have read says they are not a toy.