Download OneTime version 1.135

OneTime is a public domain, open source encryption program that uses the one-time pad algorithm to allow two parties to communicate securely, without worrying about unauthorized people listening in. OneTime has features to assist with the bureaucracy of pad management and comes with built-in help. It is written in the Python programming language and requires a Python interpreter to run.

In Debian GNU/Linux or Ubuntu, you can just use the package manager to install the "onetime" package.

To use OneTime reliably, you need a source of good random data. On modern Unix systems, the /dev/random device is probably good enough (I haven't done the math myself, I'm just taking other people's word for it). On non-Unix systems, you're on your own. Whatever your source of random data, store the data in a file (that's the "pad") and point to it using OneTime's -p option when you encrypt; the recipient must use the same pad to decrypt, of course. Note that the one-time pad method depends completely on the quality of the pad data; if the pad is not truly random, the security of your messages cannot be guaranteed. Never encrypt different plaintexts with the same stretch of pad — doing so could reveal some or all of the used pad to eavesdroppers. OneTime's default behavior is to always avoid reusing pad data, unless you tell it otherwise.

OneTime was written by Karl Fogel.

Here is the output of 'onetime --intro':

   Encoder/decoder for one-time pads.  Run 'onetime --help' for usage.
   
   The usual public-key encryption programs, such as GnuPG, are probably
   secure for everyday purposes, but their implementations are too
   complex for all but the most knowledgeable programmers to vet, and
   anyway there are too many vulnerable steps in the supply chain between
   GPG's authors and the end user.
   
   Hence this script, OneTime, a simple encryption program that works with
   one-time pads.  If you don't know what one-time pads are, you probably
   wouldn't be able to use them securely, so this program is not for you.
   
   If you do know what they are and how to use them, OneTime will take care
   of some of the pad-management bureacracy for you.  It avoids re-using
   pad data -- except when decrypting the same encrypted message twice, of
   course -- by maintaining records of pad usage in ~/.onetime/pad-records.
   And if you keep your ~/.onetime configuration area under version control
   with Subversion or CVS, OneTime will automatically update it to get the
   latest pad usage records before using a pad, and will commit new records
   after using a pad.  Thus, by sharing a single configuration area via
   version control, you and your interlocutors can more easily avoid the
   sin of pad range reuse.  (The pads themselves are not stored in the
   configuration area, just records about pad usage.)
   
   See http://en.wikipedia.org/wiki/One-time_pad for more information
   about one-time pads in general.
   
   OneTime is written by Karl Fogel and is in the public domain.  Its
   home page is http://www.red-bean.com/onetime/.

And here is the output of 'onetime --help':

   OneTime version 1.135, an encoder/decoder for one-time pads.  Standard usage:
   
     onetime -e -p PAD INPUT           (encrypt; write output to 'INPUT.onetime')
     onetime -d -p PAD INPUT.onetime   (decrypt; output loses '.onetime' suffix)
   
   Other usage modes:
   
     onetime [-e|-d] -p PAD INPUT -o OUTPUT  (both INPUT and OUTPUT are files)
     onetime [-e|-d] -p PAD INPUT -o -       (output goes to stdout)
     onetime [-e|-d] -p PAD                  (input from stdin, output to stdout)
     onetime [-e|-d] -p PAD -o OUTPUT        (input from stdin, output to OUTPUT)
   
   OneTime remembers what ranges of what pad files have been used, and avoids
   re-using those ranges when encoding.
   
   All options:
   
      -e                      Encrypt
      -d                      Decrypt
      -p PAD | --pad=PAD      Use PAD for pad data.
      -o OUT | --output=OUT   Output to file OUT ("-" for stdout)
      --offset=N              Control the pad data start offset
      -n | --no-trace         Leave no record of pad usage in your config
      -C DIR | --config=DIR   Specify DIR (instead of ~/.onetime) as config area
      --no-vc                 Ignore SVN/CVS control of the config area
      --intro                 Show an introduction to OneTime and one-time pads
      -v | -V | --version     Show version information
      -? | -h | --help        Show usage
   

---

OneTime is under version control at http://svn.red-bean.com/repos/onetime/trunk/,
ViewVC repository browsing at http://svn.red-bean.com/viewcvs/onetime/.

---