FOTP(1) UTILITY FOTP(1) NAME fotp -- File encryption SYNOPSIS fotp [-option...] [-f pad]... file... DESCRIPTION This command encrypts the contents of one or more files. It may also be used to decrypt the contents of one or more previously encrypted files. If `file' is a `-', input is read from standard input. The encrypted output is written to standard output by default (see the `-o' option). Passwords (also called encryption keys) may be up to 32 characters (256 bits) long. Options: -? Display information about this program. -d Decrypt. -e Encrypt (default). -f pad This specifies file `pad' is to be used as a one-time pad for encrypting the input. More than one `-f' option may be given, in which case all of the pad files are used together. This option is required; at least on pad file must be specified. Note that the order of the files is significant. -F num Cipher feedback mode `num', which is one of: 0 ECB, Electronic CodeBook mode (no feedback). 1 CBC, Cipher Block Chaining (default). 2 PBC, Plaintext Block Chaining. -k The password is found in the `CRYPTKEY' environment variable. -o file Output is `file'. (By default, output is written to standard output.) -p word The password (key) is `word'. If the password phrase contains spaces, it must be surrounded by quotes. -q Query the user for a password from the terminal. -v Verbose messages. ALGORITHM The algorithm used encrypts/decrypts the input data by exclusive-oring bytes from the input file(s) with bytes from the one-time pad file(s). If multiple pad files are specified, the exclusive-oring is done using bytes from all of them. The algorithm exhibits secure behavior due to the nature of a one-time pad, ("OTP"), which is theoretically a secret random block of data that only the encrypting and decrypting users share between them. This implementation uses data from one or more files as an OTP; the files are presumed to exist on the systems used by both the encrypting and decrypting users. The security of OTP encryption relies solely on the security of the OTP files. One of the problems with OTP encryption is the secure distribution of the OTP data files between users sharing encrypted information. Ideally, the users would share OTP files that had been randomly generated and transmitted to each user through secure channels. Or, all of the users would be using the same files on the same secure system. Since the ideal situations described above are hard to come by, a reasonable amount security can still be ensured by having a large number of files available for use as OTP files on each system. This implementation allows multiple files to be used as an OTP, increasing the possible number of OTPs that can be used. The more files available, the more combinations are possible, and thus the more unlikely someone else will determine the OTP used. The security of this implementation relies on the obscurity of the OTP file combinations used and the sheer number of possible combinations. In addition, the use of passwords futher increases the number of possible combinations. A starting block offset for each OTP file is derived from the password, increasing the number of possible OTP combinations. The order of the OTP files is significant; the password is used to derive a different block offset for each OTP file. The feedback modes (other than ECB) add another level of security to the encryption. A given encrypted data byte relies on the previous bytes in the encryption stream. If data is meant to be encrypted for a long time, it is not recommended that operating system files (such as programs) be used as OTP files, since these kinds of files are likely to be updated in future software releases. As described above, the only truly secure OTP encryption is one that relies on a secure OTP file (such as one locked away in a vault). NOTES Be aware when using the `-p' option on multiuser systems that other users can see your command line (using the ps(1) command on Unix) and can thus see your password. The `-q' and `-k' options are more secure. The `-k' option is provided for compatibility with the Unix crypt(1) command. Note, however, that crypt(1) can be used to both encrypt and decrypt with the same key, while fotp must be given a `-e' or `-d' option to distinguish between encryption and decryption (but only if more than pad file is specified). When the program queries for a password, leading and trailing spaces are ignored. Entering a blank password causes the prompt to repeat. No allowances are made for end-of-lines, newlines, or otherwise; the data is treated strictly as binary data. CREDITS This program was written by David R. Tribble, Apr 1995. The code is copyrighted. Unlimited use of the program for noncommercial use is hereby granted. For more information about this program, contact: David R. Tribble 6004 Cave River Dr. Plano, TX 75093-6951 +1 972 964-1720 dtribble@technologist.com dtribble@flash.net http://www.flash.net/~dtribble REFERENCES [1] "Applied Cryptography", Bruce Schneier, John Wiley & Sons, Inc., 1994, 0-471-59756-2. schneier@chinet.com VERSION 1.02, 1995-08-30.