One time XOR pad with /dev/urandom

anomit | June 27, 2008

I made one :) I think doing a md5 hash of the resulting ciphertext would add an extra layer of security. What do the others think of this idea? Of course, the safe storage and transmission of the XOR key becomes an issue. Check the code and see if you could come up with suggestions to optimize it. I particularly don’t like the exponential order for loop at the very end. The XOR key is stored in the xor-key file in the same directory where the code is run.

import sys

if len(sys.argv)<=1:
	print 'Usage: python basicsalt.py <input file>'
	sys.exit(1)

frandom=open('/dev/urandom','r')  #open the random device
fpickle=open(sys.argv[1],'r')	#open the input file in read-only mode
bytes=1024

key=open('xor-key','w')	#open/create the xor-key file

picklebuf=fpickle.read() #read the input file
fpickle.close()

fpickle=open(sys.argv[1],'w')	#open the input file in write mode
				#the ciphertext is stored in the same file
tempicklebuf=''			#temporary buffer for storing the ciphertext

fileLen=len(picklebuf)
print fileLen

#a function that doesn't exactly 'add' the salt in the classical sense of the term
def addsalt(pb,sb,fileLen):
	global tempicklebuf
	for i in range(fileLen):
		tempicklebuf+=chr(ord(pb[i]) ^ ord(sb[i]))	#just plain XOR

bufsalt=frandom.read(fileLen)
addsalt(picklebuf,bufsalt,fileLen)
key.write(bufsalt)

fpickle.write(tempicklebuf)
frandom.close()
key.close()
Categories
Coding, GNU/Linux, Security
Tags
,
Comments rss
Comments rss
Trackback
Trackback

« »

2 responses

[python] def main(argv): pass def sweeten(filename,keyfile): input = open(filename).read()

Anirudh | June 28, 2008 
def main(argv):
  pass

def sweeten(filename,keyfile):
  input = open(filename).read()
  key = open(keyfile).read()
  ASSERT_EQ(len(input),len(key))
  output=""
  for i in range(len(input)):
    output+=chr(ord(input[i])^ord(key[i]))
  filename+='_out'
  open(filename,'w').write(output)

if __name__ == '__main__':
  app.run()

Wow. Elegant and nice. Sorry for the comment moderation thing.

anomit | June 28, 2008

Wow. Elegant and nice. Sorry for the comment moderation thing. My captcha plugin started having some problems, so had to re enable the manual moderation. You can use the [ python ] and [ / python ] tags here to paste some code and also get proper highlighting. Also works for c/c++, php, ruby, java etc etc

Leave a comment

You can use these tags : <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>