Infinite One-Time Pad, is this product BS?
in [Cryptography]
|
Prev: Certificates
Next: Q: Kerchhoffs' principle
From: Ohm on 3 Jan 2010 20:25 I was searching for real One Time Pad encryption software and I came across this product called Infinite One-Time Pad (IO-TP). I have been reading their FAQ and it sounds like a load of BS, but I wanted a confirmation from someone who understands how this stuff works. I will post some of their FAQ here so there is no need to visit their website. ------------------------ Infinite One-Time Pad (IO-TP) http://www.hiddentools.com/io-tp/ Infinite One-Time Pad (IO-TP) is super secure text encryption and decryption software. It implements the concept of the true One-Time Pad to produce a ciphertext that is unbreakable. This software solves the problem of key distribution and random key generation. Instead of using a perfect random key, the key material is obtained from any file of your choice. An image file of size 300 KB (jpg) for example is more than enough for most messages. Infinite One-Time Pad uses series of different irreversible algorithms to transform the extracted key. The calculations cannot be reversed and the transformed key has high unpredictability similar to a perfect random key. The transformation depends on the secret code and the password used. Infinite number of keys can be generated from a single key file by using different passwords. This is why it is called Infinite One-Time Pad. It has the strength of the True One-Time Pad and yet, easier to use and implement. FAQ Main Features: Unbreakable Encryption - Text encrypted with Infinite One Time Pad is invulnerable to cryptanalytic attacks. Built-in Authentication System - You have the option to include origin data such as IP Address, Document Hash Code, Encryption Date, and more. The selected data will be encrypted automatically together with the text and will be used to verify the authenticity of the ciphertext. Hexadecimal and Base64 Encoding - The cipher text format can be either hexadecimal or base64. These formats are printable and can be delivered via e-mail. There are 5 protections available. Those in red font are under your control. Compression - The plain text is compressed in memory to eliminate regularities. This eliminates patterns in the frequency of the occurrence of a specific character in the text. Secret Key File - You can use any file as a source of key material. The software extracts the non-redundant characters and applies irreversible algorithms to produce a unique key with high entropy that is equal in length with the compressed text. Secret Code - You can create a new secret code so that the software will use this value every time you encrypt a text. The secret code is used to transform the input text and the key. Every single character of the secret code is used in the transformation. The number of transformations is equal to the length of the secret code. Key Modification - You can insert words or characters to the key for additional protection. Password - The password transforms the input text and the key. Every single character of the password is used in the transformation. The number of transformations is equal to the length of the password. FAQ 2 Perfect randomness is often viewed as a stringent requirement to attain perfect secrecy. This is true in the case of One-Time Pad. To attain Shannon Security, a key should be perfectly unpredictable random data. Perfect randomness is applicable to the True One-Time Pad simply because the key is directly applied with the plain text hence it is vulnerable to cryptanalytic attacks. If the key material is not truly random, the ciphertext could leak information and the message could be deduced eventually. Perfect randomness cannot be attained using Pseudo Random Generators (PRNG's) or any algorithms. The output could appear random but the security only lies with the seed of the PRNG which could be subjected to exhaustive attacks. If a secret algorithm is used on software, a clever hacker could possibly analyze and derive the algorithm. Secure encryption software therefore must not rely on the secrecy of the methods or algorithms used. Absolute randomness is not the only key to perfect secrecy. Belief to the contrary is a delusion. Infinite One-Time Pad implements the use of any file as a source of key material. To generate a key with unpredictable data from a key file, the algorithm must be irreversible. Cryptanalysts must not be able to determine the original key even if both the algorithm and the transformed key are known. If this is met, even a simple text file could be used as a source of secure key material. Infinite One-Time Pad works on both the key and the plain text to produce a ciphertext that cannot be analyzed. The plain text is compressed and transformed. The key is also transformed using series of different irreversible algorithms. The compression information is already lost and cannot be recovered from the ciphertext. The attacker must provide the exact key or else it will fail to decompress. It is impossible for an attacker to reconstruct the exact key by any means. Ciphertext generated using Infinite One-Time Pad does not leak information hence; perfect randomness is not a stringent requirement. The key transformed using the irreversible algorithms has high unpredictability. Moreover, if password protection is used, the ciphertext cannot be broken by brute force. If the password is wrong, it will fail to decompress even if the key is correct. (Further information at http://www.hiddentools.com/io-tp/)
From: unruh on 3 Jan 2010 20:51 On 2010-01-04, Ohm <Ohm(a)no.no> wrote: > > I was searching for real One Time Pad encryption software and I came > across this product called Infinite One-Time Pad (IO-TP). > > I have been reading their FAQ and it sounds like a load of BS, but > I wanted a confirmation from someone who understands how this stuff > works. > > I will post some of their FAQ here so there is no need to visit > their website. > > > ------------------------ > Infinite One-Time Pad (IO-TP) > http://www.hiddentools.com/io-tp/ > > > Infinite One-Time Pad (IO-TP) is super secure text encryption and > decryption software. It implements the concept of the true One-Time Pad to > produce a ciphertext that is unbreakable. This software solves the problem > of key distribution and random key generation. > > Instead of using a perfect random key, the key material is obtained from > any file of your choice. An image file of size 300 KB (jpg) for example is > more than enough for most messages. Infinite One-Time Pad uses series of > different irreversible algorithms to transform the extracted key. The > calculations cannot be reversed and the transformed key has high > unpredictability similar to a perfect random key. The transformation > depends on the secret code and the password used. Infinite number of keys > can be generated from a single key file by using different passwords. This > is why it is called Infinite One-Time Pad. It has the strength of the True > One-Time Pad and yet, easier to use and implement. As soon as they say they are not using a perfect random key, it is not a one time pad. a) They have to make sure that both sides have "the file of your choice" and the key. the secret code is NOT secret. Anyone worth his salt as an adversary will discover what that secret code is. The fact that the transformation (hash?) cannot be reveresed is irrelevant. If we map all bytes down to the single byte 0, that transformation cannot be reveresed, but it is sure not a very secure transofmation. It does NOT have the strength of a one time pad. > > FAQ > > Main Features: > > Unbreakable Encryption - Text encrypted with Infinite One Time Pad is > invulnerable to cryptanalytic attacks. False. > > Built-in Authentication System - You have the option to include origin > data such as IP Address, Document Hash Code, Encryption Date, and more. > The selected data will be encrypted automatically together with the text > and will be used to verify the authenticity of the ciphertext. How will that authenticate it? I as your adversary can include the same infomations in files I send you, pretending to be you. > > Hexadecimal and Base64 Encoding - The cipher text format can be either > hexadecimal or base64. These formats are printable and can be delivered > via e-mail. > > There are 5 protections available. Those in red font are under your > control. > > Compression - The plain text is compressed in memory to eliminate > regularities. This eliminates patterns in the frequency of the occurrence > of a specific character in the text. So what? This is of no help if you have a decent encryption program. > > Secret Key File - You can use any file as a source of key material. The > software extracts the non-redundant characters and applies irreversible > algorithms to produce a unique key with high entropy that is equal in > length with the compressed text. And how does the person you communicate with get that "secret key file"? > > Secret Code - You can create a new secret code so that the software will > use this value every time you encrypt a text. The secret code is used to > transform the input text and the key. Every single character of the secret > code is used in the transformation. The number of transformations is equal > to the length of the secret code. ???? > > Key Modification - You can insert words or characters to the key for > additional protection. This helps how? > > Password - The password transforms the input text and the key. Every > single character of the password is used in the transformation. The number > of transformations is equal to the length of the password. > > FAQ 2 > > Perfect randomness is often viewed as a stringent requirement to attain > perfect secrecy. This is true in the case of One-Time Pad. > > To attain Shannon Security, a key should be perfectly unpredictable random > data. Perfect randomness is applicable to the True One-Time Pad simply > because the key is directly applied with the plain text hence it is > vulnerable to cryptanalytic attacks. If the key material is not truly > random, the ciphertext could leak information and the message could be > deduced eventually. > > Perfect randomness cannot be attained using Pseudo Random Generators > (PRNG's) or any algorithms. The output could appear random but the > security only lies with the seed of the PRNG which could be subjected to > exhaustive attacks. If a secret algorithm is used on software, a clever > hacker could possibly analyze and derive the algorithm. Secure encryption > software therefore must not rely on the secrecy of the methods or > algorithms used. > > Absolute randomness is not the only key to perfect secrecy. Belief to the > contrary is a delusion. The write of this is deluded. > > Infinite One-Time Pad implements the use of any file as a source of key > material. To generate a key with unpredictable data from a key file, the > algorithm must be irreversible. Cryptanalysts must not be able to > determine the original key even if both the algorithm and the transformed > key are known. If this is met, even a simple text file could be used as a > source of secure key material. ??? The algorithm must be irreversible why? And irreversibility does nothing magic. > > Infinite One-Time Pad works on both the key and the plain text to produce > a ciphertext that cannot be analyzed. The plain text is compressed and Anything can be analyzed. > transformed. The key is also transformed using series of different > irreversible algorithms. The compression information is already lost and > cannot be recovered from the ciphertext. Then how does the recipient recover the message, since all the information is lost? > > The attacker must provide the exact key or else it will fail to > decompress. It is impossible for an attacker to reconstruct the exact key > by any means. Ciphertext generated using Infinite One-Time Pad does not Just try them all. One of them will work. > leak information hence; perfect randomness is not a stringent requirement. > The key transformed using the irreversible algorithms has high > unpredictability. Moreover, if password protection is used, the ciphertext > cannot be broken by brute force. If the password is wrong, it will fail to > decompress even if the key is correct. > > (Further information at http://www.hiddentools.com/io-tp/) Yes, it is nonesense. That does not mean that it is not a good encryption algorithm. There is no information here to be able to say if it is any good. However, the obvious either ignorance or deception of the writers make one doubt strongly that it is any good.
From: rossum on 4 Jan 2010 10:44 On Mon, 04 Jan 2010 02:25:13 +0100, Ohm <Ohm(a)no.no> wrote: > >I was searching for real One Time Pad encryption software and I came >across this product called Infinite One-Time Pad (IO-TP). By definition a One Time Pad must be infinite so the fact that they feel it neccessary to state it is probably not a good sign. > >I have been reading their FAQ and it sounds like a load of BS, but >I wanted a confirmation from someone who understands how this stuff >works. > >I will post some of their FAQ here so there is no need to visit >their website. > > >------------------------ >Infinite One-Time Pad (IO-TP) >http://www.hiddentools.com/io-tp/ > > >Infinite One-Time Pad (IO-TP) is super secure text encryption and >decryption software. It implements the concept of the true One-Time Pad to >produce a ciphertext that is unbreakable. This software solves the problem >of key distribution and random key generation. > >Instead of using a perfect random key, the key material is obtained from >any file of your choice. Ding! If it is not a "perfect random key" then it is not a One Time Pad. The OTP *requires* a 'perfect random key'. >Infinite number of keys can be generated from a single key file by using >different passwords. Bullshit. That requires an infinite length password and an infinite length hash. 2^128 != oo More snake oil. This is not a One Time Pad, so to that extent it is snake oil. It may or may not be a secure cypher, but I would not be inclined to risk using it without a lot of further study. Safer to use one of the more established cyphers. The idea of using existing files as a key is not new, and can be used to make a secure cypher, see Maurer: ftp://ftp.inf.ethz.ch/pub/crypto/publications/Maurer92b.pdf rossum
From: Richard Outerbridge on 4 Jan 2010 11:23 In article <5b24k5970vopcd86071vb2vga461qeahso(a)4ax.com>, rossum <rossum48(a)coldmail.com> wrote: > On Mon, 04 Jan 2010 02:25:13 +0100, Ohm <Ohm(a)no.no> wrote: > This is not a One Time Pad, so to that extent it is snake oil. It may > or may not be a secure cypher, but I would not be inclined to risk > using it without a lot of further study. Safer to use one of the more > established cyphers. What if one were to take Marsglia's recent Super_KISS generator? The internal states seem to me to be: superKISS32 internal state Q[] 41265 * 32 = 1320480 carry 1 * 32 = 32 xcng 1 * 32 = 32 xs 1 * 32 = 32 indx 1 * 15.33 = 15 More-or-less ~1320591 bits superKISS64 internal state Q[] 20632 * 64 = 1320448 carry 1 * 64 = 64 xcng 1 * 64 = 64 xs 1 * 64 = 64 indx 1 * 14.33 = 14 More-or-less ~1320654 bits Now, obviously, 1320000 bits is nowhere close to infinity, but it's easily conveyed, transported and pre-established. If SuperKISS is all Marsaglia claims it to be, why couldn't it form the basis of a practical, unbreakable, one-time-pad system? The usual caveats apply. outer -- "Sim, Sim, Salabim!"
From: rossum on 4 Jan 2010 12:49
On Mon, 04 Jan 2010 11:23:32 -0500, Richard Outerbridge <outer(a)interlog.com> wrote: >Now, obviously, 1320000 bits is nowhere close to infinity, >but it's easily conveyed, transported and pre-established. > >If SuperKISS is all Marsaglia claims it to be, why couldn't >it form the basis of a practical, unbreakable, one-time-pad >system? It could possibly be the basis of a perfectly good practical stream cypher. It could never be a One Time Pad. If there is no TRNG involved then there is no OTP either. KISS may well be a very good PRNG but it is not a TRNG. rossum |