I’m surprised you didn’t introduce code wheels. They too can be used for one time pad encryption and are far less cumbersome to use. Navigating the columns and rows of a table like that just seems tedious and error prone for large plaintexts. For any who are interested, you write the entire character set you want your crypto system to support around the perimeter of 2 discs, spacing them equally around the circumference. For each one time pad character, you rotate the inner disc so the OTP character there aligns with the “A” on the outer disc, find the plaintext character you want to encrypt on the the inner disc and write the matching character from the outer disc in your cipher text. The recipient(s) of the message then reverse this process with their copy of the OTP and code disc to decrypt.
I would be a bit concerned over how random your pads are since you used a computer to generate them using a, most likely, pseudorandom number generator. I know this is reaching a bit, but any non randomness can introduce susceptibility.
You're absolutely correct. I made my own generator to simplify things for people who wouldn't understand TRUE randomness. Or people who wouldn't know how to even generate a string of random characters. Since it seems you do, I assume you know how to generate your own (more random/secure) pads. :)
In theory yes I know how to make them with various mechanical means. It is quite interesting reading about the history of how some pads got generated with some non-randomness (before the days of repeatable computers) that was just enough for the Brits to figure it out during WWII. I guess figuring how to sniff out some repeating pattern is the wet dream of mathematicians... there were some really smart ones.
I would think collecting something like the background radiation of the universe would be quite effective. Funny story, one of my co-workers pointed out that SETI has yet to find any evidence of alien life. Yet, if listening to the background radio waves of the universe, since they are random, would it be possible that aliens are simply communicating with perfect encryption which cannot be distinguished from pure randomness? Kinda fun to think about.
@@lrnselfreliance I am ex Sig-Int in. You hit the nail on the head in regards to background radiation as it is in fact being used or was many years ago to help generate cipher keys. As for the randomness of the generation of the pads the concern is quite small as to be of no consequence if the pads themselves haven't been compromised or used more than once.
@Dirk Anderson OTP's are the most secure form of comms regardless of how they are generated as long as OPSEC is maintained. Miitary still use them as well NOC's worldwide. slow and clunky but very secure
I'm here because of the modern rogue ;D This seems like fun! How can I generate a OTP myself ? Do I just need to spit out random characters ? like ds46uygb35uyb ? So I can send WWMPC1F55D as a Cyphertext and with the ds46uygb35uyb one time pad it should be readable by you?
Great video, thanks. Anyway to generate groups of five letters only? (no numbers). I wanted to try the Ranger Wheel and one time pad that only uses letters. Thanks
Is there a version of this script that is not run from your server? I would like to run this independent of the internet on my own machine, what changes need to be made to this code? I am not a programmer, but I can work a text editor with a little direction.
I put the code on Github. github.com/lrnselfreliance/one_time_pad/blob/master/otp_server.py I'd have to make a whole video about how to use it if you don't already know Python. Basically, you just run it and browse to localhost:8080/
Lucas Dunajski the cheat sheet helps you combine your message and your OTP. Anyone who knows what a OTP is will know your character set (what letters are available on the cheat sheet). They won't know what your OTP characters are. As long as you only use your OTP message once, it's impossible to crack. Good luck!
Your OTP videos are well-done. Thanks! However, I would caution anyone against using a web page to generate pads. First, you have no idea what the quality of the random number generation is. Second, you do not know that an adversary is getting a copy of your OTP as it is generated.
SC below has a point! But can you not develop a smartphone app which allows msg traffic processing OFF LINE. Before TXing or RXing on-line. It maybe illegal to use radio to use such msg traffic. But nothing in law exists to stop smartphone circumventing such legislation.
In your program, capture random mouse moves and then you have non repeatable patterns. Then you do not need to use computer generated pseudo random numbers. Already done this and works great. :-)
John England Your mouse movement is never truly random, so it's not secure for generating a OTP. Worse yet, generating a OTP on your computer is also insecure, because a government can seize your hard drive and dig out the "deleted" file from which you printed the OTP. If you print the OTP on a laser printer, guess what gets microprinted on the paper? Identifying codes that tie the printed sheet to that unique printer. If your printer has any kind of hard drive in its guts that processes printed files, guess what a government can recover from your seized printer? You guessed it: your OTP. If you want a truly secure OTP you must use a non-computerized manual method that's truly random (say, rolling a bunch of ten-sided dice over and over), and you can't type the OTP into a seizable computer or print it on a seizable printer. Yes, the OTP is technically unbreakable if you create it correctly, but creating it correctly AND USING A METHOD THAT CAN'T BE COPIED/HACKED/DISCOVERED is a true pain in the ass. And don't get me started about secure storage and destruction of paper OTPs. Yikes.
Google chrome keeps a record of all your activity. They also cooperate with the 3 letter agencies.
The OTP cheat sheet link isn't working .
Your OTP generator isn’t working.
I introduced a close friend of mine into prepping. We’ve established communications and now im buidling on basics. Thank you for this video.
Glad I could help!
I’m surprised you didn’t introduce code wheels. They too can be used for one time pad encryption and are far less cumbersome to use. Navigating the columns and rows of a table like that just seems tedious and error prone for large plaintexts.
For any who are interested, you write the entire character set you want your crypto system to support around the perimeter of 2 discs, spacing them equally around the circumference. For each one time pad character, you rotate the inner disc so the OTP character there aligns with the “A” on the outer disc, find the plaintext character you want to encrypt on the the inner disc and write the matching character from the outer disc in your cipher text. The recipient(s) of the message then reverse this process with their copy of the OTP and code disc to decrypt.
I would be a bit concerned over how random your pads are since you used a computer to generate them using a, most likely, pseudorandom number generator. I know this is reaching a bit, but any non randomness can introduce susceptibility.
You're absolutely correct. I made my own generator to simplify things for people who wouldn't understand TRUE randomness. Or people who wouldn't know how to even generate a string of random characters. Since it seems you do, I assume you know how to generate your own (more random/secure) pads. :)
In theory yes I know how to make them with various mechanical means. It is quite interesting reading about the history of how some pads got generated with some non-randomness (before the days of repeatable computers) that was just enough for the Brits to figure it out during WWII. I guess figuring how to sniff out some repeating pattern is the wet dream of mathematicians... there were some really smart ones.
I would think collecting something like the background radiation of the universe would be quite effective. Funny story, one of my co-workers pointed out that SETI has yet to find any evidence of alien life. Yet, if listening to the background radio waves of the universe, since they are random, would it be possible that aliens are simply communicating with perfect encryption which cannot be distinguished from pure randomness? Kinda fun to think about.
@@lrnselfreliance I am ex Sig-Int in. You hit the nail on the head in regards to background radiation as it is in fact being used or was many years ago to help generate cipher keys. As for the randomness of the generation of the pads the concern is quite small as to be of no consequence if the pads themselves haven't been compromised or used more than once.
@Dirk Anderson OTP's are the most secure form of comms regardless of how they are generated as long as OPSEC is maintained. Miitary still use them as well NOC's worldwide. slow and clunky but very secure
I'm here because of the modern rogue ;D
This seems like fun!
How can I generate a OTP myself ? Do I just need to spit out random characters ? like ds46uygb35uyb ?
So I can send WWMPC1F55D as a Cyphertext and with the ds46uygb35uyb one time pad it should be readable by you?
Great video, gave me a lot to think about but the generator site is down.
Great video, thanks. Anyway to generate groups of five letters only? (no numbers). I wanted to try the Ranger Wheel and one time pad that only uses letters. Thanks
Excel VBA macro:
Randomize Timer
For x = 1 To 100 '
I gave up on prepping. Same with OTP. Not working again.
Is there a version of this script that is not run from your server? I would like to run this independent of the internet on my own machine, what changes need to be made to this code? I am not a programmer, but I can work a text editor with a little direction.
This software is open source, but it would require development skills to run.
github.com/lrnselfreliance/one_time_pad/blob/master/otp_server.py
Good information . Thanks
most interesting Roland - many many thanks!
the one-time pad web page doesn't work
Fixed
Links not working again.
Fixed
it says bad link to the PDF
+Big Fred dang. I'll check it out tomorrow. Thanks for letting me know. Try again tomorrow.
It seems to be working now.
is there software for the generator that can be stored on a local drive?
this seems like a great tool in a shtf, but in shtf I won't have an internet connection lol
+Eric F yeah, I wrote it. It's super simple. If you really want, I can make it downloadable too
Learning Self-Reliance heck ya man that would be cool
I put the code on Github. github.com/lrnselfreliance/one_time_pad/blob/master/otp_server.py
I'd have to make a whole video about how to use it if you don't already know Python. Basically, you just run it and browse to localhost:8080/
Is the OTP cheat sheet in your link randomly generated as well?
Lucas Dunajski No, it's a PDF I created
So you can't crack the OTP even if we all use the Same cheat sheet
Lucas Dunajski the cheat sheet helps you combine your message and your OTP. Anyone who knows what a OTP is will know your character set (what letters are available on the cheat sheet). They won't know what your OTP characters are. As long as you only use your OTP message once, it's impossible to crack. Good luck!
bad link on one time pad
Fixed. Sorry about that
@@lrnselfreliance Its still down. I get a "500 internal server error".
Thanks for the tool
Your OTP videos are well-done. Thanks!
However, I would caution anyone against using a web page to generate pads. First, you have no idea what the quality of the random number generation is. Second, you do not know that an adversary is getting a copy of your OTP as it is generated.
Absolutely true. I just wanted to help get people started. The code to generate it is open source. 😊
SC below has a point! But can you not develop a smartphone app which allows msg traffic processing OFF LINE. Before TXing or RXing on-line. It maybe illegal to use radio to use such msg traffic. But nothing in law exists to stop smartphone circumventing such legislation.
Awesome
In your program, capture random mouse moves and then you have non repeatable patterns. Then you do not need to use computer generated pseudo random numbers. Already done this and works great. :-)
John England Your mouse movement is never truly random, so it's not secure for generating a OTP.
Worse yet, generating a OTP on your computer is also insecure, because a government can seize your hard drive and dig out the "deleted" file from which you printed the OTP.
If you print the OTP on a laser printer, guess what gets microprinted on the paper? Identifying codes that tie the printed sheet to that unique printer.
If your printer has any kind of hard drive in its guts that processes printed files, guess what a government can recover from your seized printer? You guessed it: your OTP.
If you want a truly secure OTP you must use a non-computerized manual method that's truly random (say, rolling a bunch of ten-sided dice over and over), and you can't type the OTP into a seizable computer or print it on a seizable printer.
Yes, the OTP is technically unbreakable if you create it correctly, but creating it correctly AND USING A METHOD THAT CAN'T BE COPIED/HACKED/DISCOVERED is a true pain in the ass.
And don't get me started about secure storage and destruction of paper OTPs. Yikes.
✔