# Tag: cryptography

With aÂ âˆˆ {0,1} and bÂ âˆˆ {0,1}, the XOR function {0,1}â†’{0,1} can be defined by the truth table:

 a b a XOR b 0 0 0 0 1 1 1 0 1 1 1 0

Gimp doesn’t have a layer operation called XOR but there is the “Difference” mode defined by the Gimp User Manual by the equation:

$E =|I - M|$

Applying the formula to the Red Green Blue color mode for a pixel we have:

$rgb(|r_I-r_M|,|g_I-g_M|,|b_I-b_M|) =|rgb(r_I,g_I,b_I) - rgb(r_M,g_M,b_M)|$

The truth table for the “difference” mode is:

 I M |I – M| rgb(0,0,0) rgb(0,0,0) rgb(0,0,0) rgb(0,0,0) rgb(255,255,255) rgb(255,255,255) rgb(255,255,255) rgb(0,0,0) rgb(255,255,255) rgb(255,255,255) rgb(255,255,255) rgb(0,0,0)

Let’s call black-white representation this binary pallet:

• the white color, i.e. rgb(255,255,255), represent the number 1
• the black color, i.e. rgb(0,0,0), represent the number 0.

Then the truth table for the difference is the same as the XOR one.

## Experimenting with images

Let A_0101.png be this image:

And B_0011.png be this image:

Notice that each image use the black-white representation of the binary message in the file name.

After we apply the “Difference” layer mode with the two images we have what we can call AXORB_0110.png:

Let message.png be this 512×512 image using a 1-bit pallet (Lena with Floydâ€“Steinberg dithering):

And key.png a image of the same size and pallet with random content:

We can create a image messageXORkey.png using the Gimp’s different mode:

The messageXORkey.png looks as random as the key or any other random key.

Someone in possession of messageXORkey.png and key.png can apply a XOR to retrieve message.png. That’s because:

messageXORkey.png = message.png XOR key.png
messageXORkey.png XOR key.png = message.png XOR key.png XOR key.png
messageXORkey.png XOR key.png = message.png XOR 0
messageXORkey.png XOR key.png = message.png

## Considerations

This was a demonstration of how to use GIMP to encode and decode one-time pads. There are several constraints to use one-time pads in a secure way for practical purposes that you should know before using it in a real situation.

Can I have a secret?
Can I tell you a secret?
Can I tell you a secret when we know there is someone snooping around?

I’d like to share this graphical explanation of the Diffie-Hellman key exchange principle without going into the details about the math behind it. It uses physical abstractions as padlocks, keys, and treasure chests. The goal of the key exchange is to allow two parties to establish a shared secret key over an insecure communication channel.

Alice and Bob, a complicated couple, would like to talk through an insecure channel.

## Step by step

1. Alice has the padlocks A and C, two keys C and one key A. Bob has the padlock B, key B, and the letter he wants to send to Alice through the insecure channel.
2. Alice puts the padlock and key C in the chest.
3. Alice locks the treasure chest using the padlock A, and sends to Bob.
4. Bob receives the chest. He can’t open it because he doesn’t have the key A. He puts one more lock, the padlock B, in the treasure chest and send it back to Alice. Alice also can’t open the chest, as she doesn’t have the key B.
5. But Alice does have the key A, which she uses to remove the padlock A from the chest and send it back to Bob.
6. Bob now receives a chest which he can open. He opens it and receive the padlock and key C. At this point the key exchange is done. He can either keep the chest and padlock C to send something to Alice, or he can use the same key exchange technique from steps 1 to 6 to send the padlock C back to Alice.
7. Bob decides to send Alice a letter using the padlock C. He puts the letter in the chest.
8. Bob locks the chest using the padlock C, send it to Alice. He keeps key C.
9. Alice received the letter and now they both have the key C.

## Notice

• Alice’s key A never left her inventory. Bob’s key B never left his inventory.
• Neither Alice nor Bob really knows who is in the other side. In this example they just trust in each other. Authentication is very important but is not handled in this example.
• At every transference a different padlocks (or a combination of padlocks) was used.

## A tiny bit of math

Let’s (very) informally define computationally efficient as a computation that someone is willing to wait and pay.

The abstraction here is that a chest with padlock is easy to lock/unlock when you have the correct key but hard to be unlocked otherwise. To use this technique with data, we need a mathematical function f that is:

• Easy to lock: it is computationally efficient to apply f(m,k) over a message m and a key k
• Easy to unlock: there is a computationally efficient inverse function f’ such that m = f'(f(m,k),k)
• Hard to break: it is not computationally efficient to find m or k knowing only f and f(m,k)

If you want to know more about these functions, take a look in the original article “New directions in cryptography” by Diffie, W. and Hellman, M. in 1976.

Gpg is the OpenPGP part of the GNU Privacy Guard (GnuPG). It is a tool to provide digital encryption and signing servicesÂ  usingÂ  theÂ  OpenPGPÂ  standard.

To easily encrypt a file called mydocs use:

gpg -c mydocs

You’ll be propted twice for a password, after that a encrypted file called mydocs.gpg is created. You can send this file to your it’s destine and send the password using some secure way. In the other side to decrypt the file:

gpg mydocs.gpg

That’s a very simple use of this tool, you can do much more.