Hey, I got some questions about encrypting.


I wan't to know if the method I will explain is still secure.

Let's say I wrote a program and I encrypted the whole program using the one-time-pad, with a key that only I know.
Now I have another little program that asks for the encryption password, and decrypt the program based on the password. So only if the password is right the program will be decrypted the right way.

- Now here is my first problem. I will need a very long key to have the key to be same size as the program.
Is there a way to change this. Let's say that i need to enter the password ( 5 characters ) and that the program calculates the rest of the password based on the password i entered.
^ Is this still Secure?

Now let's say I extend the program a little and the program is bigger in file size.
- Do i need to use a new key to decrypt the whole program? Or can I use the same key and let the other program calculate the rest of the key?


- So my question is: Can I use the same key to encrypt/decrypt different files?
Notice: The key is only in my head, it's not stored into the program.



If I am not clear just say it and I'll try to give a better explanation.

-- thanks for the help --

The best source would be www.openssl.org

Well, if I'm reading you right, there are a couple of problem with what you're talking about.

(1) One-time pads do not have "keys". The pad, a long series of (nearly) random characters, is the key. Therefore, you wouldn't be able to store it in your head.

You could, though, store it on some external medium - like a cd or tape drive.

(2) While having the program calulate the rest of the key based on your password would work, it would not be cryptographically secure. This is because you would (a) have to have part of the equation that computes the key inside the program. And that could be compromised. ( You would eventually get repeating characters, making the key far less secure than a one-time pad.

(3) Enciphering a program? Like and .exe file? In that case you'll need another program - to do the enciphering. Cause once the program is enciphered it will just be meaningless bits to the computer.

(4) If you change what your need enciphered, you should change the key or pad.

While I'm not sure what your doing, I suggest you start small. If you encipher something important without fully undstanding how to decipher it you could end up losing the data.

Good luck!

This post has been edited by MajorWalrus: 3 Aug, 2009 - 01:46 PM

A one time pad is by definition the same length as the encrypted material.. it is a threoretical encryption method that has no real practical use.

No, you can not shorten the key of the one time pad, and have it still be secure, because if there is a method for you to generate the key from a short version of it.. then Alice Bob And Charlie can also generate it from the given short version, the short version can be cracked just like any other key. Besides the basis for a one time pad is that the key does not repeat.. that factor makes it harder to resolve what the key is.

One of the benefits of a one time pad is that each cipher block uses a unique portion of the key. Someone is just as likely to guess the entire contents of the message as they are guessing the key to the message. It can still be done .. but as always, the definition of security is have you made it so that it costs more resources to get to the message than the message information is actually worth.

If the data is not National Security type stuff.. odds are you dont need a one time pad.

encryption of ANY file can be accomplished with several off the shelf products that are secure enough for every day use.. Pretty Good Privacy is an example.

Thanks for the answers.
I found a other way to encrypt something, but thanks for help anyway