OneTime — Encryption with One-Time Pads
Update (2016-10-29): OneTime 2.0 is currently in beta testing. The latest version is 2.0-beta15 — please give it a try and report any bugs you find. See the release notes for details about what's new in 2.0.
OneTime is an open source encryption program that uses the one-time pad algorithm to allow two parties to communicate privately. It has features to assist with pad management, and comes with built-in help.
OneTime is for users who are comfortable with command-line programs. It requires Python 2.6 or higher, but has not been ported to Python 3 (there's an open ticket for that and patches are welcome).
This is the output of 'onetime --intro':
This is the output of 'onetime --help':
Here is how to generate a one-time pad (this is the output of 'onetime --pad-help'):
Pad data must be truly random:
Note that the one-time pad method depends completely on the quality of the pad data: if the pad is not truly random, the security of your messages cannot be guaranteed. So to use OneTime reliably, you need a source of good random data to create pad files. On modern Linux systems, the /dev/random device is probably good enough (I haven't done the math myself — I'm just taking other people's word for it). Elsewhere, you're on your own.
Never re-use pad data:
If the same pad data is used to encrypt different messages — no matter how similar or different those messages are — then the security of the system can be greatly compromised. Never encrypt different messages with the same stretch of pad! Doing so could reveal some or all of the used pad to eavesdroppers. OneTime's default behavior is to always avoid reusing pad data, unless you tell it otherwise.
If you are Alice communicating with Bob, then keep two different pads, alice_to_bob.pad and bob_to_alice.pad, as opposed to sharing the same pad for both directions of communication. With two separate pads, even if you each send a message simultaneously to the other with no advance planning, you still won't accidentally use any of the same pad data twice, assuming you let OneTime do its bookkeeping naturally.
Who uses OneTime, and why?
I don't know — I just get enough bug reports and feature requests to know that there are people using this. Some are anonymous, some are not.
One-time pad systems are inconvenient, because of the difficulty of pad generation and exchange. There are many easier cryptography systems out there. If you don't have a reason to use OneTime, then don't. Its existence does not imply a rejection of other cryptosystems; in fact, I normally use GPG myself. OneTime might be handy in a few rare situations:
You're not completely confident about the provenance of GnuPG, or underlying system libraries, on your computer.
To bootstrap trust: i.e., to have a reliable fallback method for exchanging other, more convenient keys.
To have an encryption program whose code is small and simple enough that you can inspect and understand it.
To throw a little diversity into the surveillance stream. Bots are watching for & saving messages in the popular encryption formats. OneTime makes 'em work a little harder! :-)