One Time Pad Password Protection: Using T.E.C. Steganography and Secure Password Transmission Protocols

TL;DR

This paper introduces a novel steganographic one-time pad encryption method for secure password transmission, aiming to prevent password file hacking by providing cryptanalytically unbreakable encryption for short passwords.

Contribution

The paper presents a unique variant of one-time pad encryption using a new bit insertion technique, which is claimed to be unbreakable and suitable for securing passwords against hacking.

Findings

The method is cryptanalytically unbreakable for short passwords.

It offers a secure alternative to hash-based password storage.

The approach is computationally feasible for short password lengths.

Abstract

A while ago, I developed what I called an encryption method. The most favorable of reviews did not see a method but a collection of techniques. Be that as it may, the process used, is described in the paper, Windtalking Computers. This paper is about the steganographic method described, the cryptanalysis efforts of that method and; a real world application of that method as an answer to the increasing problem of password file hacking. The premise is that the technique is a variant of one time pad, using a novel way to produce one time pad output for digital input. There is no record in the literature of such a method being used for encryption at all. Digital encryption generally treats the letters of the plaintext as a binary number and does some mathematical computation to produce ciphertext. The idea of inserting bits with a random generated key is new. Therefore (because a uniquely random generated key is used), the encryption is cryptanalytically unbreakable and/or computationally secure and/or information theoretic. An academic version was made. Challenges for decryption have not produced to-date a decryption. Advantages and disadvantages of the method are discussed. Hackers are constantly penetrating networks and stealing password files. Which, once in possession of a password file, hackers individually or collectively with distributed processing over the Internet, decrypt the values of the hash passwords. Thereby gaining access to systems. This problem has become sufficiently significant for CAESAR (Competition for Authenticated Encryption: Security, Applicability, and Robustness) to make calls for papers for solutions. Herein is one proposed solution. While one time pad presents a problem being computationally intensive, for the relatively short length of passwords, the cost of computation may be cost effective for the security provided.