Date: Sat, 8 Jul 2000 00:36:47 -0400 (EDT) From: Trevor Johnson <trevor@jpj.net> To: FreeBSD-gnats-submit@FreeBSD.ORG Subject: ports/19778: new port: security/pad Message-ID: <Pine.BSI.4.21.0007080030560.17008-100000@blues.jpj.net>
next in thread | raw e-mail | index | archive | help
>Number: 19778 >Category: ports >Synopsis: new port: security/pad >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Fri Jul 07 21:40:01 PDT 2000 >Closed-Date: >Last-Modified: >Originator: Trevor Johnson >Release: 4.0-STABLE i386 >Organization: myself >Environment: only tested under FreeBSD 4.0-STABLE #0: Fri May 5 23:39:48 PDT 2000 root@invalid:/usr/src/sys/compile/FREEBASE50b i386 >Description: a utility for encrypting files >How-To-Repeat: N/A >Fix: # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # pad # pad/files # pad/files/md5 # pad/patches # pad/patches/patch-pad_c # pad/patches/patch-README # pad/pkg # pad/pkg/COMMENT # pad/pkg/DESCR # pad/pkg/PLIST # pad/Makefile # echo c - pad mkdir -p pad > /dev/null 2>&1 echo c - pad/files mkdir -p pad/files > /dev/null 2>&1 echo x - pad/files/md5 sed 's/^X//' >pad/files/md5 << 'END-of-pad/files/md5' XMD5 (pad-0.5.tgz) = 5541ecdfcf73569f0fee5d0cbdf1cf2f END-of-pad/files/md5 echo c - pad/patches mkdir -p pad/patches > /dev/null 2>&1 echo x - pad/patches/patch-pad_c sed 's/^X//' >pad/patches/patch-pad_c << 'END-of-pad/patches/patch-pad_c' Xpad.c:19: conflicting types for `RAND_bytes' X/usr/include/openssl/rand.h:77: previous declaration of `RAND_bytes' X X--- pad.c.orig Fri Jul 7 05:36:37 2000 X+++ pad.c Sat Jul 8 03:07:17 2000 X@@ -16,8 +16,6 @@ X #include <openssl/rand.h> X #include "pad.h" X X-int RAND_bytes(unsigned char *buf,int num); X- X int main(argc, argv) X int argc; X char **argv; END-of-pad/patches/patch-pad_c echo x - pad/patches/patch-README sed 's/^X//' >pad/patches/patch-README << 'END-of-pad/patches/patch-README' X--- README.orig Fri Jul 7 22:14:26 2000 X+++ README Sat Jul 8 04:21:47 2000 X@@ -1,51 +1,60 @@ X-PAD is a small command-line utility to seperate one file into two- each X-indistinguishable from white noise, and put them back together into the X-original. X+PAD is a small command-line utility to separate one file into two, X+each indistinguishable from white noise, and put them back together X+into the original. X X Usage: pad <input 1> [<input 2> [output]] X X-Where input1 is the name of the file to be broken up, pad will name write X-<filename>.pad1 and <filename>.pad2. X+Where input1 is the name of the file to be broken up, pad will name X+write <filename>.pad1 and <filename>.pad2. X X-If <input2> is given, pad will combine the two into one file, and store the X-result in <output>. If <output> is omitted, the file will be written to X-stdout. X+If <input2> is given, pad will combine the two into one file, and X+store the result in <output>. If <output> is omitted, the file will X+be written to stdout. X X X-Example: X+Examples: X X-pad myfile.txt X-# you now have myfile.txt.pad1 and myfile.txt.pad2. X-pad myfile.txt.pad1 myfile.txt.pad2 outputfile X-# you now have outputfile, which is identical to the original myfile.txt, built from your two pad files. X+ pad myfile.txt X+ X+You now have myfile.txt.pad1 and myfile.txt.pad2. X X+ pad myfile.txt.pad1 myfile.txt.pad2 outputfile X X-The interesting thing about the .padx files are that they both look like random X-data (in fact, one actually is random data generated by OpenSSL), but only X-together will produce anything at all. X+You now have outputfile, which is identical to the original X+myfile.txt, built from your two pad files. X+ X+ X+The interesting thing about the .padx files are that they both look X+like random data (in fact, one actually is random data generated X+by OpenSSL), but only together will produce anything at all. X X Possible uses- X X Free speech enforcement: X- Let's say you have a file called decss.c (for example ;), and want to X- distribute it, but are afraid of censorship. Break it up into two pad files, X- distribute these each on seperate unrelated systems, and tell people where to X- get each (and how to re-assemble them). Should someone go to one (or both) of X- the hosting systems and pressure them to remove it, each can claim they're X- only hosting harmless, random data. It is methematically impossible to prove X- that either one is the random one and the other was derived from the original X- file. X+ X+ Let's say you have a file called decss.c (for example ;), X+ and want to distribute it, but are afraid of censorship. X+ Break it up into two pad files, distribute these each on X+ separate unrelated systems, and tell people where to get X+ each (and how to re-assemble them). Should someone go to X+ one (or both) of the hosting systems and pressure them to X+ remove it, each can claim they're only hosting harmless, X+ random data. It is mathematically impossible to prove that X+ either one is the random one and the other was derived from X+ the original file. X X Privacy: X- One-Time-Pad (OTP) encryption dates to long ago, and is in many ways much more X- secure than other forms of encryption that can be brute forced. Keep a private X- random pad between those you want to share data with, and simply transmit X- messages that have been merged with this pad, via any medium. X- OTP encryption is as secure as your random source (in this case, from OpenSSL), X- and the pad itself. Keep in mind it's called <b>One</b>-time pad for a reason -- X- If you use the same pad on two different plaintexts, the messages (either one) X- can no longer be considered secure. X X+ One-Time Pad (OTP) encryption dates to long ago, and is in X+ many ways much more secure than other forms of encryption X+ that can be brute forced. Keep a private random pad between X+ those you want to share data with, and simply transmit X+ messages that have been merged with this pad, via any X+ medium. OTP encryption is as secure as your random source X+ (in this case, from OpenSSL), and the pad itself. Keep in X+ mind it's called a "one-time pad" for a reason: if you X+ use the same pad on two different plaintexts, the messages X+ (either one) can no longer be considered secure. X X Please let me know if you can think of others. X END-of-pad/patches/patch-README echo c - pad/pkg mkdir -p pad/pkg > /dev/null 2>&1 echo x - pad/pkg/COMMENT sed 's/^X//' >pad/pkg/COMMENT << 'END-of-pad/pkg/COMMENT' XEncrypt files END-of-pad/pkg/COMMENT echo x - pad/pkg/DESCR sed 's/^X//' >pad/pkg/DESCR << 'END-of-pad/pkg/DESCR' Xfrom the README: X XThis is a small command-line utility to turn one file into two, each Xindistinguishable from noise, and put them back together into Xthe original. X Xfrom the maintainer: X XNote that the resulting files are the same size as the original. X XWWW: http://www.lammah.com/pad/ X XTrevor Johnson Xtrevor@jpj.net END-of-pad/pkg/DESCR echo x - pad/pkg/PLIST sed 's/^X//' >pad/pkg/PLIST << 'END-of-pad/pkg/PLIST' Xbin/pad Xshare/doc/pad/README X@dirrm share/doc/pad END-of-pad/pkg/PLIST echo x - pad/Makefile sed 's/^X//' >pad/Makefile << 'END-of-pad/Makefile' X# New ports collection makefile for: pad X# Date created: 2000-07-08 X# Whom: Trevor Johnson X# X# $FreeBSD$ X# X XPORTNAME= pad XPORTVERSION= 0.5 XCATEGORIES= security XMASTER_SITES= http://www.lammah.com/pad/ XEXTRACT_SUFX= .tgz X XMAINTAINER= trevor@jpj.net X Xpost-extract: X @${RM} ${WRKSRC}/install-sh ${WRKSRC}/mkinstalldirs \ X ${WRKSRC}/missing ${WRKSRC}/INSTALL ${WRKSRC}/COPYING X @${TOUCH} ${WRKSRC}/install-sh ${WRKSRC}/mkinstalldirs \ X ${WRKSRC}/missing ${WRKSRC}/INSTALL ${WRKSRC}/COPYING X XGNU_CONFIGURE= yes XUSE_AUTOMAKE= yes XUSE_GMAKE= yes X Xpost-install: X.if !defined(NOPORTDOCS) X @${MKDIR} ${PREFIX}/share/doc/pad X @${INSTALL_DATA} ${WRKSRC}/README ${PREFIX}/share/doc/pad X.endif X X.include <bsd.port.mk> END-of-pad/Makefile exit >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSI.4.21.0007080030560.17008-100000>