One-time pad OTP Crypto System [160510]
A logical sequel to RNG-5 hardware random number generator- one-time pad crypto system, very secure, virtually unbreakable peer-to-peer communication!
This is part two in a series about secure communication:
1. Random Number Generator [150116]
2. One-time pad OTP Crypto System [160510] (this article)
3. Tamper-evident paper-mail box for secure distribution of one-time pads
After creating a good random numbers sequence from RNG-5 generator (see Part 1), you can use it as OTP key for peer-to-peer communication. Offline mode - encrypt the message with this device, store it to SD card and send it later. Online mode - OTP encrypted chat-teletype. A small and cheap 7-inch mini-laptop is used as a terminal emulator that communicates with the device thru ATmega328 UART port. The MCU processes de/encryption with OTP key stored on the SD card. Messages are de/modulated with a simple FSK modem, at cca 1000 bps, to be conveyed by ANY device with MIC-in and EAR-out port with a bandwidth of cca. 4000 Hz.
So, the hardware needed for highly secure communication is: 1.) this simple OTP crypto device built around ATmega328, 2.) RNG-5 random number generator, 3.) a cheap 7-inch mini laptop (50-70 EUR), used as a dumb terminal and for management of OTP keyfiles, 4.) a GSM cellphone, a WiFi smartphone with Viber or Skype, a portable VHF/UHF transceiver, anything with half-duplex or even simplex 4kHz audio channel.
There are many overhyped "cryptophones" and crypto software programs available today. The problem is that you can't trust them. Trojanized versions of good programs like PGP (with weakened encryption) and software keyloggers for all kinds of operating systems (that simply leak your plaintext to some IP address) are a common thing. By the year 2020, every computer connected to the internet will have to be considered as compromised. Systems are becomming more and more complex and consequently less and less secure.
This device does all highly critical work inside one Atmega328 MCU with cca 20 kB of firmware. It's written in C, cca. 16 kB of it is FAT32 library, open-source. This is all you need to analyze to confirm its security. It is very difficult to attack. Remove WiFi module from 7-inch laptop, never connect it to the internet again, use it only for this system, and you will have one TRULY SECURE CRYPTO system!
Offline mode is completed and tested. Unencrypted (plaintext) online mode has been tested with ATmega8 thru Skype audio channel and it worked. These two modes need to be integrated to one complete ATmega328 system.
1. Random Number Generator [150116]
2. One-time pad OTP Crypto System [160510] (this article)
3. Tamper-evident paper-mail box for secure distribution of one-time pads
After creating a good random numbers sequence from RNG-5 generator (see Part 1), you can use it as OTP key for peer-to-peer communication. Offline mode - encrypt the message with this device, store it to SD card and send it later. Online mode - OTP encrypted chat-teletype. A small and cheap 7-inch mini-laptop is used as a terminal emulator that communicates with the device thru ATmega328 UART port. The MCU processes de/encryption with OTP key stored on the SD card. Messages are de/modulated with a simple FSK modem, at cca 1000 bps, to be conveyed by ANY device with MIC-in and EAR-out port with a bandwidth of cca. 4000 Hz.
So, the hardware needed for highly secure communication is: 1.) this simple OTP crypto device built around ATmega328, 2.) RNG-5 random number generator, 3.) a cheap 7-inch mini laptop (50-70 EUR), used as a dumb terminal and for management of OTP keyfiles, 4.) a GSM cellphone, a WiFi smartphone with Viber or Skype, a portable VHF/UHF transceiver, anything with half-duplex or even simplex 4kHz audio channel.
There are many overhyped "cryptophones" and crypto software programs available today. The problem is that you can't trust them. Trojanized versions of good programs like PGP (with weakened encryption) and software keyloggers for all kinds of operating systems (that simply leak your plaintext to some IP address) are a common thing. By the year 2020, every computer connected to the internet will have to be considered as compromised. Systems are becomming more and more complex and consequently less and less secure.
This device does all highly critical work inside one Atmega328 MCU with cca 20 kB of firmware. It's written in C, cca. 16 kB of it is FAT32 library, open-source. This is all you need to analyze to confirm its security. It is very difficult to attack. Remove WiFi module from 7-inch laptop, never connect it to the internet again, use it only for this system, and you will have one TRULY SECURE CRYPTO system!
Offline mode is completed and tested. Unencrypted (plaintext) online mode has been tested with ATmega8 thru Skype audio channel and it worked. These two modes need to be integrated to one complete ATmega328 system.
Mises à jour de l'auteur