CodeProject: Vernam encryption/decryption of files. Free source code and programming help

Announcements

	Windows 7 Comp Win a laptop!
	Monthly Competition

Articles

Desktop Development

Web Development

Enterprise Systems

Content Management Server

Microsoft BizTalk Server

SQL Reporting Services

Platforms, Frameworks & Libraries

Windows Communication Foundation

Windows Presentation Foundation

Windows Workflow Foundation

Cryptography & Security

Threads, Processes & IPC

WinHelp / HTMLHelp

Uncategorised Quick Answers

Graphics / Design

Expression

Usability

Development Lifecycle

Debug Tips

Design and Architecture

Uncategorised Technical Blogs

Services

Code-signing Certificates

Job Board

CodeProject VS2008 Addin

Feature Zones

Product Showcase

Code Signing Resources

WhitePapers / Webcasts

ASP.NET Web Hosting

Advanced Search
Add to IE Search

Discuss

Report

5 votes for this article.

Popularity: 3.26 Rating: 4.67 out of 5

Introduction

In this article, I'll show how to do a simple but robust encryption/decryption, with the algorithm of Gilbert Sandford, Vernam. This kind of encryption is truly unbreakable as long the key is maintained a secret.

Background

Vernam cipher is a stream cipher where the original or plain data is XORed with a random (actually pseudorandom) stream of data of the same length to generate the encrypted data. When the stream of data used as key is truly random and used only once, it is called a one-time pad. A widely used implementation of the Vernam cipher is RC4.

Advantages

The Vernam cipher with one-time pads is the only known encryption procedure where, in theory, information is secure and can't be deciphered, if the key is randomly and only once used for encryption . For decrypting, only the secret key and the encrypted data is used.

Other encryption methods (such as AES) achieve their security with the immense burden of calculating theoretically conceivable decoding, which is practically not feasible. In other words, a potential attacker lacks the necessary resources (computing capacity or time) to perform his attack successfully. The security of one-time pad, on the other hand, is based on the unique use of the key and sufficient randomness of the used key. Even with increasing computing power, it can't be broken.

Due to the fact that encryption is done by XOR, the algorithm is pretty fast. For decrypting data, the same algorithm can be used - it's symmetric.

Disadvantages

The Vernam cipher requires a key with the same length as the original data. For example, the encryption of a hard disk requires a second hard disk (with at lest the same size) to store the key.

Another disadvantage of one-time pads is that the data of the key has to be, ideally, completely randomly chosen. Most computers are not able to generate really random keys.

How the algorithm works

First, the bytes of the input file are read:

byte[] originalBytes;
using (FileStream fs = new FileStream(originalFile, FileMode.Open))
{
    originalBytes = new byte[fs.Length];
    fs.Read(originalBytes, 0, originalBytes.Length);
}

Then, the one-time pad - the key - is created. This is done by generating random bytes that are of the same length as the original (plain) bytes. The key bytes get written to the specified file.

byte[] keyBytes = new byte[originalBytes.Length];
Random random = new Random();
random.NextBytes(keyBytes);

// Write the key to the file:
using (FileStream fs = new FileStream(keyFile, FileMode.Create))
{
    fs.Write(keyBytes, 0, keyBytes.Length);
}

The encryption - for decryption the same algorithm is used - is straightforward, by using XOR.

private void DoVernam(byte[] inBytes, byte[] keyBytes, ref byte[] outBytes)
{
    // Check arguments:
    if ((inBytes.Length != keyBytes.Length) ||
        (keyBytes.Length != outBytes.Length))
        throw new ArgumentException("Byte-array are not of same length");

    // Encrypt/decrypt by XOR:
    for (int i = 0; i < inBytes.Length; i++)
        outBytes[i] = (byte)(inBytes[i] ^ keyBytes[i]);
}

Using the code

To encrypt/decrypt data, the class provided is quite simple. See the example below.

using gfoidl.Security;

// Create an instance of the class:
Vernam vernam = new Vernam();

// Test with an image:
vernam.EncryptFile("Image.gif", "Image_encrypted.gif", "Key01.dat");
vernam.DecryptFile("Image_encrypted.gif", "Key01.dat", 
                   "Image_decrypted.gif");

// Test with text file:
vernam.EncryptFile("Text.txt", "Text_encrypted.txt", "Key02.dat");
vernam.DecryptFile("Text_encrypted.txt", "Key02.dat", 
                   "Text_decrypted.txt");

// Test with pdf file:
vernam.EncryptFile("Text.pdf", "Text_encrypted.pdf", "Key03.dat");
vernam.DecryptFile("Text_encrypted.pdf", "Key03.dat", 
                   "Text_decrypted.pdf");

The key is produced by the class and has the same length as the original data. Randomly generated bytes are used as keys.

For decryption the same key has to be used as for encrypting the file.

License

This article, along with any associated source code and files, is licensed under The Common Development and Distribution License (CDDL)

About the Author

Günther M. FOIDL

Member

Engineer in combustion engine development.
Programming languages: C#, FORTRAN 95, Matlab

FIS-overall wordlcup winner in Speedski (Downhill) 2008/09.

Occupation:	Software Developer (Senior)
Company:	Foidl Günther
Location:	Austria

Other popular Cryptography & Security articles:

Understanding .NET Code Access Security
A full length article on .NET Code Access Security
Hiding a text file in a bmp file
How to hide a text file in a bmp file
.NET Encryption Simplified
A simple, string-oriented class for symmetric encryption, asymmetric encryption, and hashing.
Using XML Digital Signatures for Application Licensing
Use XML Digital Signatures for a request- and signing-based licensing mechanism for your applications.
Strong Names Explained
.NET Strong Name technology explained