Introduction
In this article, I'll show how to do a simple but robust encryption/decryption, with the algorithm of Gilbert Sandford, Vernam. This kind of encryption is truly unbreakable as long the key is maintained a secret.
Background
Vernam cipher is a stream cipher where the original or plain data is XORed with a random (actually pseudorandom) stream of data of the same length to generate the encrypted data. When the stream of data used as key is truly random and used only once, it is called a one-time pad. A widely used implementation of the Vernam cipher is RC4.
Advantages
The Vernam cipher with one-time pads is the only known encryption procedure where, in theory, information is secure and can't be deciphered, if the key is randomly and only once used for encryption . For decrypting, only the secret key and the encrypted data is used.
Other encryption methods (such as AES) achieve their security with the immense burden of calculating theoretically conceivable decoding, which is practically not feasible. In other words, a potential attacker lacks the necessary resources (computing capacity or time) to perform his attack successfully. The security of one-time pad, on the other hand, is based on the unique use of the key and sufficient randomness of the used key. Even with increasing computing power, it can't be broken.
Due to the fact that encryption is done by XOR, the algorithm is pretty fast. For decrypting data, the same algorithm can be used - it's symmetric.
Disadvantages
The Vernam cipher requires a key with the same length as the original data. For example, the encryption of a hard disk requires a second hard disk (with at lest the same size) to store the key.
Another disadvantage of one-time pads is that the data of the key has to be, ideally, completely randomly chosen. Most computers are not able to generate really random keys.
How the algorithm works
First, the bytes of the input file are read:
byte[] originalBytes;
using (FileStream fs = new FileStream(originalFile, FileMode.Open))
{
originalBytes = new byte[fs.Length];
fs.Read(originalBytes, 0, originalBytes.Length);
}
Then, the one-time pad - the key - is created. This is done by generating random bytes that are of the same length as the original (plain) bytes. The key bytes get written to the specified file.
byte[] keyBytes = new byte[originalBytes.Length];
Random random = new Random();
random.NextBytes(keyBytes);
using (FileStream fs = new FileStream(keyFile, FileMode.Create))
{
fs.Write(keyBytes, 0, keyBytes.Length);
}
The encryption - for decryption the same algorithm is used - is straightforward, by using XOR.
private void DoVernam(byte[] inBytes, byte[] keyBytes, ref byte[] outBytes)
{
if ((inBytes.Length != keyBytes.Length) ||
(keyBytes.Length != outBytes.Length))
throw new ArgumentException("Byte-array are not of same length");
for (int i = 0; i < inBytes.Length; i++)
outBytes[i] = (byte)(inBytes[i] ^ keyBytes[i]);
}
Using the code
To encrypt/decrypt data, the class provided is quite simple. See the example below.
using gfoidl.Security;
Vernam vernam = new Vernam();
vernam.EncryptFile("Image.gif", "Image_encrypted.gif", "Key01.dat");
vernam.DecryptFile("Image_encrypted.gif", "Key01.dat",
"Image_decrypted.gif");
vernam.EncryptFile("Text.txt", "Text_encrypted.txt", "Key02.dat");
vernam.DecryptFile("Text_encrypted.txt", "Key02.dat",
"Text_decrypted.txt");
vernam.EncryptFile("Text.pdf", "Text_encrypted.pdf", "Key03.dat");
vernam.DecryptFile("Text_encrypted.pdf", "Key03.dat",
"Text_decrypted.pdf");
The key is produced by the class and has the same length as the original data. Randomly generated bytes are used as keys.
For decryption the same key has to be used as for encrypting the file.
