This is the comprehensive user documentation for the One-Time Pad encipherment/decipherment software that's been placed in the public domain by Ron Wiesen.  The software is available at the Club 100 website, within the "Personal Libraries" section, under the "Ron Wiesen" member directory, in the "One-Time Pad encipherment~decipherment" subdirectory.

Background

The encryption method with the highest security strength is the famous "One-Time Pad" (OTP), also known as the Vernam cipher.  Where properly used, the OTP is a provably unbreakable cryptosystem.  Described herein is a One-Time Pad encipherment/decipherment BASIC program that is useful to owners of Model T laptop models: M100, M102, M200, KC85, and M10.  Given ordinary textual material, called "cleartext", OTP encipherment produces a corresponding "ciphertext" under an elected "key" or under an elected series of multiple "keys".  Given knowledge of the "key" or series of multiple "keys" that produced a "ciphertext", OTP decipherment reproduces the corresponding "cleartext" textual material.

You can use the OTP BASIC program and elect a key, or series of multiple keys, to encipher your confidential "cleartext" information and thereby obtain its equivalent in "ciphertext".  You then may pass the "ciphertext" through any non-secure channel, such as an Internet email service, or the postal service.  After delivery of the "ciphertext", your intended recipient(s) subsequently can use another Model T laptop and the same OTP BASIC program, plus knowledge of the "key" or series of multiple "keys" that you elected, in order to reproduce the confidential "cleartext".  As long as the "key" or series of multiple "keys" that you elected is not known by any third-party who might intercept the "ciphertext" as it passes through the non-secure channel, you and your intended recipient(s) can rest assured that the high security strength of the OTP safeguards the confidentiality of your communication.

Textual Source Files and BASIC Program Files

The One-Time Pad encipherment/decipherment software is provided by each of two textual source files: OTPIC.DO and OTPWC.DO.  OTPIC stands for "One-Time Pad Including Commentary"; OTPWC stands for "One-Time Pad Without Commentary".  Use source file OTPIC.DO to spawn BASIC program file OTPIC.BA or use source file OTPWC.DO to spawn BASIC program file OTPWC.BA.  The two are operationally identical, and they differ only in regard to commentary: OTPIC.DO and OTPIC.BA include commentary, and OTPWC.DO and OTPWC.BA lack commentary.

The presence or absence of commentary manifests a substantial difference in the Random Access Memory (RAM) volume that is consumed by a source file, and that difference in RAM volume is reflected in its corresponding BASIC program file.  See the chart shown below.

+---------------------------+----------------------------------+
| Source File & RAM volume  | BASIC Program File & RAM volume  |
+---------------------------+----------------------------------+
| OTPIC.DO    | 1,350 bytes | OTPIC.BA           | 1,098 bytes |
| OTPWC.DO    |   985 bytes | OTPWC.BA           |   717 bytes |
+-------------+-------------+--------------------+-------------+

Using file OTPWC.BA for the OTP BASIC program consumes only 717 bytes of RAM, in contrast to using file OTPWC.BA which consumes 1,098 bytes of RAM.

Key Election

The first thing the OTP BASIC program prompts you for is a Key number.  You can elect any Key number from 0 through 481 -- a total of 482 possibilities.  Type your elected Key number and then press the Enter key.

Encipher or Decipher

The second thing the OTP BASIC program prompts you for is your choice to encipher or to decipher.  Simply strike a single key in order to make your choice.  To encipher, strike the [E] key, or any key that has an odd value character code (e.g., the Enter key).  To decipher, strike the [D] key, or any key that has an even value character code (e.g., the Spacebar).

First Filename Selection

After displaying a list of all filenames currently present in the laptop, the third thing the OTP BASIC program prompts you for is your selection of an existing filename.

In the case of encipherment, the filename you select identifies a file of "cleartext" to encipher.  In the case of decipherment, the filename you select identifies a file containing "ciphertext" to decipher.

Second Filename Selection

After you make a first filename selection, the fourth thing the OTP BASIC program prompts you for is your selection of a second filename.  Your second filename selection must be different than the first filename selection.  Your second filename selection may identity either a file which will be created or an existing file which will be overwritten.

In the case of encipherment, the filename you select identifies a file in which to gather the "ciphertext".  In the case of decipherment, the filename you select identifies a file in which to deposit the "cleartext".

In all cases, the main menu appears after the OTP BASIC program completes the operation that you chose (i.e., encipher or decipher).

File Volumes

Within the Random Access Memory (RAM) of a Model T laptop, every textual file carries one End_Of_File character which delimits the end of the textual file.  The End_Of_File character is not involved in the encipherment and decipherment operations of the OTP BASIC program.  Ignoring the End_Of_File character, operations by the OTP BASIC program always result in a 1-to-4 ratio of file volume between a file containing "cleartext" and a file containing the equivalent "ciphertext".

For example, an encipher operation involving a "cleartext" file that has a volume of 47 bytes creates a "ciphertext" file that has a volume of 185 bytes.  In this example note that the "cleartext" file consists of 46 bytes that are subject to the 1-to-4 ratio plus one End_Of_File character.  By the 1-to-4 ratio, 46 bytes of "cleartext" produce 184 bytes of equivalent "ciphertext".  Accounting for its End_Of_File character, the "ciphertext" file has a volume of 185 bytes (i.e., 184 bytes of "ciphertext" appended by 1 End_Of_File character).

Single Level and Multi Level Encipherment

Using a single encipherment operation under an elected Key number results in single level encipherment.  Single level encipherment provides an ordinary degree of security which, nevertheless, is quite high security.

Using more than one encipherment operation under various elected Key numbers results in multi level encipherment.  Multi level encipherment provides an extraordinary degree of security.  The more encipherment operations that are used to obtain a multilevel encipherment, the greater becomes the degree of security.

In multi level encipherment, the "ciphertext" result of one encipherment operation is used as if it were "cleartext" in each subsequent encipherment operation.  The extraordinary degree of security in multi level encipherment emanates from the particular Key numbers that are elected for each encipherment operation, and the order in which the Key numbers are elected during a multi level encipherment.

Multi Level Decipherment

Knowledge of the Key numbers and the order in which they were elected is required to successfully perform the multiple decipherment operations that reproduce the "cleartext".  Successful multiple decipherment occurs only where the Key numbers are applied in the exact reverse-order to the order in which they were elected during the multi level encipherment.  A multi level encipherment in which the applied Key number sequence was 361, 399, 11, requires a multilevel decipherment where the elected Key number sequence is 11, 399, 361, in order to reproduce the "cleartext".

Communicating Key Knowledge

Presented herein are four methods to communicate knowledge of the Key numbers to your intended recipient(s).

The first method is to pass the Key knowledge to a recipient in a covert fashion during a clandestine in-person meeting at a public place (e.g., library).  This method is impractical in cases where you and the recipient are not located close to each other.

The second method is to append a character string to the "ciphertext" file before you pass it through the non-secure channel to the recipient.  The character string is "shorthand" that clearly identifies the Key(s) used to produce the "ciphertext".  Upon receipt of the "ciphertext" file, the recipient reads the "shorthand" to obtain the Key knowledge and then deletes if from the "ciphertext" file before commencing decipherment.  This method is a security risk in that the Key knowledge that's present in the appended character string is not subjected to any encryption or other means to conceal it.

The third method is to have the Key(s) election be contingent with some text found within a widely published daily newspaper, such as the New York Times.  Similar to the second method, a character string of "shorthand" is appended to the "ciphertext" file.  In this method however, the "shorthand" character string clandestinely identifies the newspaper publication date and the particular location of the text within that publication where the knowledge of the Key(s) is communicated by a covert algorithm.  Where the covert algorithm is employed by all parties, this method is both practical and secure.  Its details are given in the following section.

Covert Algorithm using New York Times newspaper to Communicate Key Knowledge

Use the front page of the current issue of the New York Times newspaper.  Identify the day name, month name, and day of month number for its publication: use a character from the SMTWTFS set for day name, use a character from the JFMAMJJASOND set for month name, use a 2-digit value for day of month where a leading 0 digit is used when the day of month number is less than 10.  For example, the "SUNDAY, AUGUST 14, 2011" issue of the New York Times is identified by "SA14".  Identify the depth of the encipherment: character 1 for single level encipherment, character 2 for double level encipherment, character 3 for triple level encipherment, and so on.  With triple level encipherment, the prior example is identified by "SA143".  Then select an extreme position column: left-hand or right-hand.  Identify the extreme column position: use character L for left-hand, or use character R for right-hand.  With the left-hand extreme column position selected, the prior example is identified by "SA143L".

The character string SA143L is "shorthand" representation of the Key knowledge, which may appended to the "ciphertext" file after the encipherment operation is concluded.  Key knowledge, in the form of the "shorthand" character string SA143L, may be communicated to the recipient(s) in sundry ways.  One convenient way is by appending character string SA143L to the "ciphertext" file after the encipherment operation.

Both the party who originates the "ciphertext", and the recipient(s) of the "ciphertext", must possess the front page from the particular issue of the New York Times newspaper that is specified by character string SA143L.  Using character string SA143L for guidance, the originating party obtains Key knowledge and applies it during the encipherment operation; using character string SA143L for guidance, a recipient party obtains Key knowledge and applies it during the decipherment operation.  The following two paragraphs explain the covert algorithm that each party employs.

In the selected extreme column, find the article at the very top of the column and, ignoring its title lines and its bylines, use only the subsequent textual lines in the article.  Take the leftmost alphabetic character from each line, ignoring any line where its leftmost character is a numeral, punctuation mark, or otherwise not an alphabetic character.  Using the alphabetic characters A through Z to represent values 00 through 25, take the alphabetic character from two consecutive lines and then multiply their values together.  If the product of the multiplication exceeds 481, then subtract 482.  The result obtained by this covert algorithm identifies a Key number which is to be used in the encipherment operation in order to produce the "ciphertext".

For "ciphertext" produced by single level encipherment, a single Key number is all that is needed.  But "ciphertext" produced by multi level encipherment has more than one Key number, so in addition to the identified Key number which corresponds to the 1st level Key number, the next two consecutive lines are used to obtain the 2nd level Key number, and after that the next two consecutive lines are used to obtain the 3rd level Key number, and so on.

Example Character String SA143L and SUNDAY, AUGUST 14, 2011 Issue of New York Times

As identified by the example character string SA143L (triple level encipherment and selection of the left-hand extreme column position), the front page of the "SUNDAY, AUGUST 14, 2011" issue of the New York Times newspaper provides the paragraph listed below.  The leftmost alphabetic characters extracted from its first 6 lines are used to obtain the Key number series 361, 399, 11 which is the order in which the Keys are to be applied during the encipherment process to produce the "ciphertext".  The recipient(s) of the "ciphertext" must apply the reverse-order Key number series of 11, 399, 361 during the decipherment process in order to obtain the "cleartext".

"SA143L"
The District of Columbia is not          T=19,
thrilled that its residents are          t=19, 19 times 19 equals 361 as 1st level Key number
traveling to Maryland, Pennsyl-          t=19,
vania and West Virginia to gam-          v=21, 19 times 21 equals 399 as 2nd level Key number
ble in casinos. Starved for cash,        b=1,
like states across the country, the      l=11, 1 times 11 equals 11 as 3rd level Key number
district wants some of the mil-
lions in revenue that gambling
generates each year.

Example Character String SA143R and SUNDAY, AUGUST 14, 2011 Issue of New York Times

As identified by the example character string SA143R (triple level encipherment and selection of the right-hand extreme column position), the front page of the "SUNDAY, AUGUST 14, 2011" issue of the New York Times newspaper provides the paragraph listed below.  The leftmost alphabetic characters extracted from its first 6 lines are used to obtain the Key number series 418, 20, 100 which is the order in which the Keys are to be applied during the encipherment process to produce the "ciphertext".  The recipient(s) of the "ciphertext" must apply the reverse-order Key number series of 100, 20, 418 during the decipherment process in order to obtain the "cleartext".

"SA143R"
TRIPOLI, Libya -- Saddled                T=19,
with infighting and undetermined         w=22, 19 times 22 equals 418 as 1st level Key number
by the occasionally ruthless and         b=1,
undisciplined behavior of its            u=20, 1 times 20 equals 20 as 2nd level Key number
fighters, the six-month-old rebel        f=5,
uprising against Col. Muammar            u=20, 5 times 20 equals 100 as 3rd level Key number
el-Qaddafi is showing signs of
sliding from a struggle to over-
throw an autocrat into a murkier
contest between factions and
tribes.

Filename as Keyword that Encrypts Key Numbers

The fourth method to communicate knowledge of the Key numbers to your intended recipient(s) is to assign a filename to the "ciphertext" file that is a benign appearing name, but in reality is a "keyword" that encrypts the Key numbers.  The most practical procedure is to first choose the "keyword", then decrypt the chosen "keyword" in order to obtain the Key(s) which are to be used during the encipherment operation(s), and then perform the encipherment operation(s) accordingly: using the Key number(s) that the "keyword" identifies, and selecting the filename of the "ciphertext" file so that it matches the "keyword".  This method is secure as long as the chosen "keyword" is innocuous, because its appearance as a filename will not draw scrutiny should there be any surveillance of the non-secure channel through which the "ciphertext" file passes.  In other words, "keyword" choices such as COVERT, HIDDEN, and SECURE should be avoided, while "keyword" choices such as ABACUS, DINNER, and LETTER and the like are preferable.

Keywords must be composed of letters (i.e., alphabetic characters) only, no numerals are used.  In regard to the encryption of Key numbers, each pair of letters encrypts one Key number.  The letters A through Z represent the values 00 through 25, as shown in the chart below.

ABCDEFGHIJKLMNOPQRSTUVWXYZ
00000000001111111111222222
01234567890123456789012345

Note that there are 676 possible combinations (i.e., 26^2) for a pair of letters.  This is more combinations than the 482 possible combinations for a Key number.  The use of modulus 482 arithmetic assures that the range of a Key number is confined to 000 through 481.  The value that's represented by the first letter of a pair is multiplied by 26 and then the value that's represented by the second letter of the pair is added.  If the resulting sum exceeds 481, then 482 is subtracted to produce a modulus 482 result.

Below is a table that lists filenames born of 26 "keywords", each of which is the 6-letter name of a major city in the world.  From a security standpoint, the appearance of any filename bearing one of these "keywords" will not draw unwelcome scrutiny.  For each filename, the table lists its three letter pairs and their corresponding Key numbers.  Three letter pairs can support single-level encipherment, double-level encipherment, and triple-level encipherment.  Note that the Key number listed in the Level #1 column of the table is always relevant: it's used first during encipherment, and it's used last during decipherment.

+-----------+----------+----------+----------+
| Filename  | Level #1 | Level #2 | Level #3 |
|           | Pair Key | Pair Key | Pair Key |
+-----------+----------+----------+----------+
| ATHENS.DO | AT   019 | HE   186 | NS   356 |
| BERLIN.DO | BE   030 | RL   453 | IN   221 |
| CANCUN.DO | CA   052 | NC   340 | UN   051 |
| DUBLIN.DO | DU   098 | BL   037 | IN   221 |
| ELBLAG.DO | EL   115 | BL   037 | AG   006 |
| FUZHOU.DO | FU   150 | ZH   175 | OU   384 |
| GENEVA.DO | GE   160 | NE   342 | VA   064 |
| HAVANA.DO | HA   182 | VA   064 | NA   338 |
| INDORE.DO | IN   221 | DO   092 | RE   446 |
| JAIPUR.DO | JA   234 | IP   223 | UR   055 |
| KRAKOW.DO | KR   277 | AK   010 | OW   386 |
| LONDON.DO | LO   300 | ND   341 | ON   377 |
| MOSCOW.DO | MO   326 | SC   470 | OW   386 |
| NASSAU.DO | NA   338 | SS   004 | AU   020 |
| OTTAWA.DO | OT   383 | TA   012 | WA   090 |
| PRAGUE.DO | PR   407 | AG   006 | UE   042 |
| QUEBEC.DO | QU   436 | EB   105 | EC   106 |
| RENNES.DO | RE   446 | NN   351 | ES   122 |
| SYDNEY.DO | SY   010 | DN   091 | EY   128 |
| TAHITI.DO | TA   012 | HI   190 | TI   020 |
| USTICA.DO | US   056 | TI   020 | CA   052 |
| VIENNA.DO | VI   072 | EN   117 | NA   338 |
| WARSAW.DO | WA   090 | RS   460 | AW   022 |
| XAIMEN.DO | XA   116 | IM   220 | EN   117 |
| YOKOTA.DO | YO   156 | KO   274 | TA   012 |
| ZURICH.DO | ZU   188 | RI   450 | CH   059 |
+-----------+----------+----------+----------+

Three Decipherment Operations Produces Cleartext

In this method, the filename always encrypts three Key numbers.  Note that all three Key numbers are needed to produce a triple-encipherment "ciphertext" file.  However, the originator of the "ciphertext" file might have used only two Key numbers and produced a double-encipherment "ciphertext" file.  Or, the originator of the "ciphertext" file might have used only one Key number and produced a single-encipherment "ciphertext" file.  The recipient(s) can not know how many levels of encipherment the originator of the "ciphertext" file employed.  Regardless of how many levels of encipherment the originator employed, the recipient(s) can use the following procedure in order to obtain the "cleartext" in three decipherment operations.

1.  Elect the Level #3 Key number and perform a decipherment operation by selecting the filename which is derived from the 6-letter "keyword" (e.g., ZURICH.DO) and selecting filename "LEVEL2" to identify the file in which to deposit the result.

2.  When the main menu appears on the laptop screen, use the arrow keys to place the wide bar cursor over the LEVEL2.DO and then press ENTER in order to view its content.

3.  If the content of file LEVEL2.DO reflects the format of an encipherment, where a series of 3-digit values are seen, then the originator produced a triple-encipherment "ciphertext" file.  In this case, perform two more decipherment operations to obtain the "cleartext": elect the Level #2 Key number for decipherment of file LEVEL2.DO and select filename "LEVEL1" to identify the file in which to deposit an intermediate result, and afterwards KILL file LEVEL2.DO; and then elect the Level #1 Key number for decipherment of file LEVEL1.DO and select filename "CLRTXT" to identify the file in which to deposit the result of the final decipherment operation which produces the "cleartext".  Afterwards, KILL file LEVEL1.DO.  This procedure now is complete.

If the content of file LEVEL2.DO does not reflect the format of an encipherment, then KILL file LEVEL2.DO and proceed to step 4.

4.  Elect the #2 Key number and perform a decipherment operation by selecting the filename which is derived from the 6-letter "keyword" (e.g., ZURICH.DO) and selecting filename "LEVEL1" to identify the file in which to deposit the result.

5.  When the main menu appears on the laptop screen, use the arrow keys to place the wide bar cursor over the LEVEL1.DO and then press ENTER in order to view its content.

6.  If the content of file LEVEL1.DO reflects the format of an encipherment, where a series of 3-digit values are seen, then the originator produced a double-encipherment "ciphertext" file.  In this case, perform one more decipherment operation to obtain the "cleartext": elect the Level #1 Key number for decipherment of file LEVEL1.DO and select filename "CLRTXT" to identify the file in which to deposit the result of the final decipherment operation which produces the "cleartext".  Afterwards, KILL file LEVEL1.DO.  This procedure now is complete.

If the content of file LEVEL1.DO does not reflect the format of an encipherment, then the originator produced a single-encipherment "ciphertext" file.  In this case, KILL file LEVEL1.DO and proceed to step 7.

7.  Elect the #1 Key number and perform a decipherment operation by selecting the filename which is derived from the 6-letter "keyword" (e.g., ZURICH.DO) and selecting filename "CLRTXT" to identify the file in which to deposit the result of the decipherment operation which produces the "cleartext".  This procedure now is complete.

Sample Files Provided for Inspection and Experimentation

In addition to the two textual source files OTPIC.DO and OTPWC.DO, there are four sample files available at the Club 100 website, within the "Personal Libraries" section, under the "Ron Wiesen" member directory, in the "One-Time Pad encipherment~decipherment" subdirectory.  The sample files are provided for inspection and experimentation purposes.  See the chart below.

+---------------------------+-----------------------------------------+
| Sample File & RAM volume  | Description                             |
+---------------------------+-----------------------------------------+
| ORIG.DO     |    47 bytes | Original "cleartext" for encipherment   |
| ONCE.DO     |   185 bytes | Single-encipherment by Key 188          |
| TWICE.DO    |   737 bytes | Double-encipherment by Keys 188 450     |
| THRICE.DO   | 2,945 bytes | Triple-encipherment by Keys 188 450 059 |
+-------------+-------------+-----------------------------------------+