ottools
2022-07-15 12:40 UTC
Metadata
| Description: | Tools for encrypting files with one-time pads. |
| Latest Version: | 2013.3 |
| Source Code: | src/ |
| Architecture: |
|
| Provides: |
|
| Replaces: |
|
| Conflicts: |
|
| Arch Repositories: |
|
| AUR Page: | ottools |
| Arch Forum Thread: | 158827 |
| Tags: |
About
This package provides tools for encrypting files with one-time pads. It includes the following:
- otsplit
- A file splitter and joiner that uses one-time pads or random data to encrypt and decrypt files. See the help message below for details.
- otextract
- A utility for extracting an arbitrary contiguous chunk from a file with the option to excise that chunk after successful extraction. This is intended for the managment of one-time pads. In effect, it lets you “tear out pages” from a “pad”, where a page is a chunk and a pad is a file of random data. See the help message below for details.
Caveats
One-time pads provide perfect encryption if used correctly. In the case of otsplit, security depends on the quality of the random source and its continued unattainability to attackers.
By default otsplit uses /dev/urandom as a
random data source. It is up to you to decide if this provides
sufficient entropy for your intended application. The input source can
be changed with the -r option otherwise.
Users who wish to use /dev/random may be interested in
the haveged.1
Encrypted files retain the same byte-length as the plaintext input file. In some cases this may allow attackers to infer information about the file. The following may alleviate this risk:
- Pad the file with data to increase its length before encryption.
- Add the file to an archive with other files before encryption.
- Encrypt the file with another encryption scheme before encryption.
- Break the file into chunks (e.g. with
lxsplit) before or after encryption and intersperse the sent chunks with dummy chunks.
Obviously complicated schemes will require previous understanding with the recipient, but it should be easy to do that in person and write custom utility scripts to automate the process later.
DISCLAIMER
This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
If you require reliable cryptography, check the source code yourself to ensure that it satisfies your requirements. I will not be held responsible for any use of this software, successful or otherwise.2
otsplit Help Message
$ otsplit -h
ABOUT
otsplit - split and join files via cryptologically secure one-time pads
There are two splitting modes: random and pre-existing pad.
The random mode uses a random input source to generate (n-1) of the given n
output files. The final output file is computed from the bitwise compliment of
the other generated files. Taken together, the (n-1) generated files may be
considered as a one-time-pad for the encrypted data, although the distinction
of which file is the encrypted data is trivial.
The pre-existing pad mode uses an existing file to encrypt the data. This mode
will only generate one output file, which is the file encrypted with the pad
data.
There is only one joining mode. Randomly split files may be recovered by
passing all of them in any order. A file encrypted with a pre-existing pad may
be recovered by passing it first followed by the one-time-pad that was used to
create it. The order is important if the one-time-pad is not the exact same
byte length as the encrypted file.
USAGE
otsplit [options] <filepath> [<filepath>...]
-h : display this message and exit
-j : join mode
-o <offset> : offset of random input or pad when splitting
offset of last file or pad when joining
-p <filepath> : use existing one-time pad
-r <filepath> : input device for random data (default: /dev/urandom)
-s : split mode (default)
"-" may be passed as a special filepath argument. When splitting it will
redirect output to STDOUT. When joining it will read input from STDIN.
Offsets and lengths may include a prefix (k,M,G,T,P,E,Z,Y) and may be
followed by "B" or "iB". If followed by "B" the prefix is interpretted
as an SI prefix (e.g. "1kB" = 1000 bytes), otherwise it is interpretted as
a binary prefix (e.g. "1k" = "1kiB" = 1024 bytes).
EXAMPLES
otsplit -s foo.a foo.b foo.c foo.d < bar
otsplit -j foo.a foo.b foo.c foo.d > bar.copy
otsplit -s -r /dev/random foo.a foo.b < bar
otsplit -j foo.a foo.b > bar.copy
otsplit -s -p pad foo < bar
otsplit -j -p pad foo > bar.copy
otsplit -s -p pad foo < bar
otsplit -j foo pad > bar.copy
otsplit -s -o 15678 -p pad foo < bar
otsplit -j -o 15678 -p pad foo > bar.copy
DISCLAIMER
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
If you require reliable cryptography, check the source code yourself to
ensure that it satisfies your requirements.
AUTHOR
Xyne, 2013otextract Help Message
$ otextract -h
NAME
otextract - extract and save chunks from a file
USAGE
otextract [options] <source path> <extract path>
OPTIONS
-s : start
-e : end
-l : length
-r <filepath> : use length of given reference file
-x : remove extracted chunk from source file
At least 1 and no more than 2 of -s, -e and -l must be set.
-r is considered the same as -l in this context.
Negative values are allowed and indicate offsets from the end of the file.
If only the length is given then it is interpretted as a length from the
of the file if positive or a length from the end of the file if negative.
-x will remove the extracted chunk from the source file and shift the
contents at the end to fill in the excised chunk. This is intended for
managing one-time pads.
Offsets and lengths may include a prefix (k,M,G,T,P,E,Z,Y) and may be
followed by "B" or "iB". If followed by "B" the prefix is interpretted
as an SI prefix (e.g. "1kB" = 1000 bytes), otherwise it is interpretted as
a binary prefix (e.g. "1k" = "1kiB" = 1024 bytes).
EXAMPLES
Extract a chunk from a one-time pad named "pad" to a file named "page"
and use it to encrypt a file named "foo" with otsplit. The extracted page
is removed from the pad.
otextract name -xr foo pad page
otsplit -s -p page foo.encrypted < foo
If the pad has been shared with someone securely (e.g. transferred in
person) then the encrypted file can be sent to that person for decryption via
an insecure channel. As long as the pad is never comprimised, the data should
be safe. (Note however that the filesize will be visible and may be used to
inferred the contents of the file. In this is a risk then the file size
be modified to disguise it, e.g. by padding it with zeros, compressing it, or
breaking it into chunks and sent with dummy chunks.)
To decrypt the file on the other end, extract a page of the same size used to
encrypt the data and then decrypt it with otsplit.
otextract name -xr foo.encrypted pad page
otsplit -j -p page foo.encrypted > foo
Both pads are now in the same state and can be used for further encryption.
Extra caution may be taken with the pad by omitting the -x option to first
extract a page without removing it from the pad. The command can then be
rerun with -x after confirmation of successful decryption.
DISCLAIMER
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
If you require reliable cryptography, check the source code yourself to
ensure that it satisfies your requirements.
AUTHOR
Xyne, 2013CHANGELOG
2013-02-28
- renamed package to “ottools”
- added
otextractutility - improved parsing of user-specified lengths and offsets (e.g. “5MB”)
- Contact
- echo xyne.archlinux.org | sed 's/\./@/'
- Validation
- XHTML 1.0 Strict CSS level 3 Atom 1.0