ottools

2022-07-15 12:40 UTC
  • Xyne

Metadata

Description: Tools for encrypting files with one-time pads.
Latest Version: 2013.3
Source Code: src/
Architecture:
  • i686
  • x86_64
Provides:
  • otsplit
Replaces:
  • otsplit
Conflicts:
  • otsplit
Arch Repositories:
  • [xyne-i686]
  • [xyne-x86_64]
AUR Page: ottools
Arch Forum Thread: 158827
Tags:

About

This package provides tools for encrypting files with one-time pads. It includes the following:

otsplit
A file splitter and joiner that uses one-time pads or random data to encrypt and decrypt files. See the help message below for details.
otextract
A utility for extracting an arbitrary contiguous chunk from a file with the option to excise that chunk after successful extraction. This is intended for the managment of one-time pads. In effect, it lets you “tear out pages” from a “pad”, where a page is a chunk and a pad is a file of random data. See the help message below for details.

Caveats

One-time pads provide perfect encryption if used correctly. In the case of otsplit, security depends on the quality of the random source and its continued unattainability to attackers.

By default otsplit uses /dev/urandom as a random data source. It is up to you to decide if this provides sufficient entropy for your intended application. The input source can be changed with the -r option otherwise.

Users who wish to use /dev/random may be interested in the haveged.1

Encrypted files retain the same byte-length as the plaintext input file. In some cases this may allow attackers to infer information about the file. The following may alleviate this risk:

  • Pad the file with data to increase its length before encryption.
  • Add the file to an archive with other files before encryption.
  • Encrypt the file with another encryption scheme before encryption.
  • Break the file into chunks (e.g. with lxsplit) before or after encryption and intersperse the sent chunks with dummy chunks.

Obviously complicated schemes will require previous understanding with the recipient, but it should be easy to do that in person and write custom utility scripts to automate the process later.

DISCLAIMER

This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

If you require reliable cryptography, check the source code yourself to ensure that it satisfies your requirements. I will not be held responsible for any use of this software, successful or otherwise.2

otsplit Help Message

$ otsplit -h

ABOUT
  otsplit - split and join files via cryptologically secure one-time pads

  There are two splitting modes: random and pre-existing pad.

  The random mode uses a random input source to generate (n-1) of the given n
  output files. The final output file is computed from the bitwise compliment of
  the other generated files. Taken together, the (n-1) generated files may be
  considered as a one-time-pad for the encrypted data, although the distinction
  of which file is the encrypted data is trivial.

  The pre-existing pad mode uses an existing file to encrypt the data. This mode
  will only generate one output file, which is the file encrypted with the pad
  data.

  There is only one joining mode. Randomly split files may be recovered by
  passing all of them in any order. A file encrypted with a pre-existing pad may
  be recovered by passing it first followed by the one-time-pad that was used to
  create it. The order is important if the one-time-pad is not the exact same
  byte length as the encrypted file.

USAGE
  otsplit [options] <filepath> [<filepath>...]

  -h            : display this message and exit
  -j            : join mode
  -o <offset>   : offset of random input or pad when splitting
                  offset of last file or pad when joining
  -p <filepath> : use existing one-time pad
  -r <filepath> : input device for random data (default: /dev/urandom)
  -s            : split mode (default)

  "-" may be passed as a special filepath argument. When splitting it will
  redirect output to STDOUT. When joining it will read input from STDIN.

  Offsets and lengths may include a prefix (k,M,G,T,P,E,Z,Y) and may be
  followed by "B" or "iB". If followed by "B" the prefix is interpretted
  as an SI prefix (e.g. "1kB" = 1000 bytes), otherwise it is interpretted as
  a binary prefix (e.g. "1k" = "1kiB" = 1024 bytes).

EXAMPLES
  otsplit -s foo.a foo.b foo.c foo.d < bar
  otsplit -j foo.a foo.b foo.c foo.d > bar.copy

  otsplit -s -r /dev/random foo.a foo.b < bar
  otsplit -j foo.a foo.b > bar.copy

  otsplit -s -p pad foo < bar
  otsplit -j -p pad foo > bar.copy

  otsplit -s -p pad foo < bar
  otsplit -j foo pad > bar.copy

  otsplit -s -o 15678 -p pad foo < bar
  otsplit -j -o 15678 -p pad foo > bar.copy

DISCLAIMER
  This program is distributed in the hope that it will be useful,
  but WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

  If you require reliable cryptography, check the source code yourself to
  ensure that it satisfies your requirements.

AUTHOR
  Xyne, 2013

otextract Help Message

$ otextract -h

NAME
  otextract - extract and save chunks from a file

USAGE
  otextract [options] <source path> <extract path>

OPTIONS
  -s            : start
  -e            : end
  -l            : length
  -r <filepath> : use length of given reference file
  -x            : remove extracted chunk from source file

  At least 1 and no more than 2 of -s, -e and -l must be set.
  -r is considered the same as -l in this context.
  Negative values are allowed and indicate offsets from the end of the file.
  If only the length is given then it is interpretted as a length from the
  of the file if positive or a length from the end of the file if negative.

  -x will remove the extracted chunk from the source file and shift the
  contents at the end to fill in the excised chunk. This is intended for
  managing one-time pads.

  Offsets and lengths may include a prefix (k,M,G,T,P,E,Z,Y) and may be
  followed by "B" or "iB". If followed by "B" the prefix is interpretted
  as an SI prefix (e.g. "1kB" = 1000 bytes), otherwise it is interpretted as
  a binary prefix (e.g. "1k" = "1kiB" = 1024 bytes).

EXAMPLES
  Extract a chunk from a one-time pad named "pad" to a file named "page"
  and use it to encrypt a file named "foo" with otsplit. The extracted page
  is removed from the pad.

    otextract name -xr foo pad page
    otsplit -s -p page foo.encrypted < foo

  If the pad has been shared with someone securely (e.g. transferred in
  person) then the encrypted file can be sent to that person for decryption via
  an insecure channel. As long as the pad is never comprimised, the data should
  be safe. (Note however that the filesize will be visible and may be used to
  inferred the contents of the file. In this is a risk then the file size
  be modified to disguise it, e.g. by padding it with zeros, compressing it, or
  breaking it into chunks and sent with dummy chunks.)

  To decrypt the file on the other end, extract a page of the same size used to
  encrypt the data and then decrypt it with otsplit.

    otextract name -xr foo.encrypted pad page
    otsplit -j -p page foo.encrypted > foo

  Both pads are now in the same state and can be used for further encryption.
  Extra caution may be taken with the pad by omitting the -x option to first
  extract a page without removing it from the pad. The command can then be
  rerun with -x after confirmation of successful decryption.

DISCLAIMER
  This program is distributed in the hope that it will be useful,
  but WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

  If you require reliable cryptography, check the source code yourself to
  ensure that it satisfies your requirements.

AUTHOR
  Xyne, 2013

CHANGELOG

2013-02-28

  • renamed package to “ottools”
  • added otextract utility
  • improved parsing of user-specified lengths and offsets (e.g. “5MB”)

  1. The package is available in [extra] at the time of writing. The package page can be found here.↩︎

  2. If you find a way to improve the software, let me know how.↩︎

Contact
echo xyne.archlinux.org | sed 's/\./@/'
Validation
XHTML 1.0 Strict CSS level 3 Atom 1.0