Is this simple XOR encrypted communication absolutely secure?

Filed under:
|
encryption

Say Alice have 4GB USB flash memory and Peter also have 4GB USB flash memory. They once meet and save on both of memories two files named `alice_to_peter.key` (2GB) and `peter_to_alice.key` (2GB) which is randomly generated bits. Then they never meet again and communicate electronicaly. Alice also maintains variable called `alice_pointer` and Peter maintains variable called `peter_pointer` which is both initially set to zero.

Then when Alice needs to send message to Peter they do:

``````encrypted_message_to_peter[n] = message_to_peter[n] XOR alice_to_peter.key[alice_pointer + n]
``````

Where `n` i n-th byte of message. Then `alice_pointer` is attached at begining of the encrypted message and (`alice_pointer` + encrypted message) is sent to Peter and then `alice_pointer` is incremented by length of message (and for maximum security can be used part of key erased)

Peter receives encrypted_message, reads `alice_pointer` stored at beginning of message and do this:

``````message_to_peter[n] = encrypted_message_to_peter[n] XOR alice_to_peter.key[alice_pointer + n]
``````

And for maximum security after reading of message also erases used part of key. - EDIT: In fact this step with this simple algorithm (without integrity check and authentication) decreases security, see Paulo Ebermann post below.

When Peter needs to send message to Alice they do analogical steps with `peter_to_alice.key` and with `peter_pointer`.

With this trivial schema they can send for next 50 years each day 2GB / (50 * 365) = cca 115kB of encrypted data in both directions. If they need more data to send, they simple use larger memory for keys for example with today 2TB harddiscs (1TB keys) is possible to exchange next 50years 60MB/day ! (thats practicaly lots of data for example with using compression its more than hour of high quality voice communication)

It Seems to me there is no way for attacker to read encrypted message without keys even if they have infinitely fast computer. because even with infinitely fast computer with brute force they get ever possible message that can fit to length of message, but this is astronomical amount of messages and attacker dont know which of them is actual message.

I am right? Is this communication schema really absolutely secure? And if its secure, has this communication method its own name? (I mean XOR encryption is well-known, but whats name of this concrete practical application with use large memories at both communication sides for keys? I am humbly expecting that this application has been invented someone before me :-) )

Note: If its absolutely secure then its amazing because with today low cost large memories it is practicaly much cheeper way of secure communication than expensive quantum cryptography and with equivalent security!

EDIT: I think it will be more and more practical in future with lower a lower cost of memories. It can solve secure communication forever. Today you have no certainty if someone succesfuly atack to existing ciphers one year later and make its often expensive implementations unsecure. In many cases before comunication exist step where communicating sides meets personaly, thats time to generate large keys. I think its perfect for military communication for example for communication with submarines which can have installed harddrive with large keys and military central can have harddrive for each submarine they have. It can be also practical in everyday life for example for control your bank account because when you create your account you meet with bank etc.

• Java Inter Process communication and Inter Thread communication ?

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi, First , what is the difference between Thread and a Process in Java context? and How Inter Process communication and Inter Thread communication is acheived in Java? Please point me real time examples. Thx >>> More

• Communication software wanted: email, sms, IM, phone calls [closed]

as seen on Super User - Search for 'Super User'
I am searching for a software solution that integrates / unifies my communication. I use email, instant messaging, SMS and phone. I would like to get all emails, SMS, instant messaging dialogs and meta-data about phone calls into one application. Important is that I can access all past communication… >>> More

• Siebel 8.1.1 for Communication

as seen on Oracle Blogs - Search for 'Oracle Blogs'
The latest release of Siebel CRM 8.1.1 includes many new features and enhancements for the Communications industry. In this webcast, you’ll hear from Brenda Harris, Principal Product Strategy Manager for Communications here at Oracle. She’ll explain how Siebel Communications 8.1.1 will help your communications… >>> More

• Looking for a communication framework for delphi

as seen on Stack Overflow - Search for 'Stack Overflow'
I am looking for a communication framework for delphi, we know there are so many communication frameworks for other languages , wcf, ecf and so forth, but i have nerver found the one for delphi till now , anybody who knows about it can give me an ider? There are some requirements i need ,as follows: Building… >>> More

• That Escalated Quickly

as seen on Geeks with Blogs - Search for 'Geeks with Blogs'
Originally posted on: http://geekswithblogs.net/GruffCode/archive/2014/05/17/that-escalated-quickly.aspxI have been working remotely out of my home for over 4 years now. All of my coworkers during that time have also worked remotely. Lots of folks have written about the challenges inherent in facilitating… >>> More

• SQL SERVER – History of SQL Server Database Encryption

as seen on SQL Authority - Search for 'SQL Authority'
I recently met Michael Coles and Rodeney Landrum the author of one of the kind book Expert SQL Server 2008 Encryption at SQLPASS in Seattle. During the conversation we ended up how Microsoft is evolving encryption technology. The same discussion lead to talking about history of encryption tools in… >>> More

• Encryption is hard: AES encryption to Hex

as seen on Stack Overflow - Search for 'Stack Overflow'
So, I've got an app at work that encrypts a string using ColdFusion. ColdFusion's bulit-in encryption helpers make it pretty simple: encrypt('string_to_encrypt','key','AES','HEX') What I'm trying to do is use Ruby to create the same encrypted string as this ColdFusion script is creating. Unfortunately… >>> More

• Confused about encryption with public and private keys (which to use for encryption)

as seen on Stack Overflow - Search for 'Stack Overflow'
I am making a licensing system when clients ask my server for a license and I send them a license if they are permitted to have one. On my current system I encrypt the license using a single private key and have the public key embedded into the client application that they use to decrypt the license… >>> More

• Encryption Product Keys : Public and Private key encryption

as seen on Stack Overflow - Search for 'Stack Overflow'
I need to generate and validate product keys and have been thinking about using a public/private key system. I generate our product keys based on a client name (which could be a variable length string) a 6 digit serial number. It would be good if the product key would be of a manageable length… >>> More

• Software tools to automatically decrypt a file, whose encryption algorithm (and/or encryption keys)

as seen on Stack Overflow - Search for 'Stack Overflow'
I have an idea for encryption that I could program fairly easily to encrypt some local text file. Given that my approach is novel, and does not use any of the industry standard encryption techniques, would I be able to test the strength of my encryption using 'cracker' apps or suchlike? Or do all… >>> More