15,664,506 members
Articles / Programming Languages / C#
Article
Posted 27 Sep 2008

101K views
30 bookmarked

# Vernam encryption/decryption of files

Rate me:
Class for encrypting/decrypting files using a Vernam chipher.

## Introduction

In this article, I'll show how to do a simple but robust encryption/decryption, with the algorithm of Gilbert Sandford, Vernam. This kind of encryption is truly unbreakable as long the key is maintained a secret.

## Background

Vernam cipher is a stream cipher where the original or plain data is XORed with a random (actually pseudorandom) stream of data of the same length to generate the encrypted data. When the stream of data used as key is truly random and used only once, it is called a one-time pad. A widely used implementation of the Vernam cipher is RC4.

The Vernam cipher with one-time pads is the only known encryption procedure where, in theory, information is secure and can't be deciphered, if the key is randomly and only once used for encryption . For decrypting, only the secret key and the encrypted data is used.

Other encryption methods (such as AES) achieve their security with the immense burden of calculating theoretically conceivable decoding, which is practically not feasible. In other words, a potential attacker lacks the necessary resources (computing capacity or time) to perform his attack successfully. The security of one-time pad, on the other hand, is based on the unique use of the key and sufficient randomness of the used key. Even with increasing computing power, it can't be broken.

Due to the fact that encryption is done by XOR, the algorithm is pretty fast. For decrypting data, the same algorithm can be used - it's symmetric.

The Vernam cipher requires a key with the same length as the original data. For example, the encryption of a hard disk requires a second hard disk (with at lest the same size) to store the key.

Another disadvantage of one-time pads is that the data of the key has to be, ideally, completely randomly chosen. Most computers are not able to generate really random keys.

## How the algorithm works

First, the bytes of the input file are read:

C#
```byte[] originalBytes;
using (FileStream fs = new FileStream(originalFile, FileMode.Open))
{
originalBytes = new byte[fs.Length];
}```

Then, the one-time pad - the key - is created. This is done by generating random bytes that are of the same length as the original (plain) bytes. The key bytes get written to the specified file.

C#
```byte[] keyBytes = new byte[originalBytes.Length];
Random random = new Random();
random.NextBytes(keyBytes);

// Write the key to the file:
using (FileStream fs = new FileStream(keyFile, FileMode.Create))
{
fs.Write(keyBytes, 0, keyBytes.Length);
}```

The encryption - for decryption the same algorithm is used - is straightforward, by using XOR.

C#
```private void DoVernam(byte[] inBytes, byte[] keyBytes, ref byte[] outBytes)
{
// Check arguments:
if ((inBytes.Length != keyBytes.Length) ||
(keyBytes.Length != outBytes.Length))
throw new ArgumentException("Byte-array are not of same length");

// Encrypt/decrypt by XOR:
for (int i = 0; i < inBytes.Length; i++)
outBytes[i] = (byte)(inBytes[i] ^ keyBytes[i]);
}```

## Using the code

To encrypt/decrypt data, the class provided is quite simple. See the example below.

C#
```using gfoidl.Security;

// Create an instance of the class:
Vernam vernam = new Vernam();

// Test with an image:
vernam.EncryptFile("Image.gif", "Image_encrypted.gif", "Key01.dat");
vernam.DecryptFile("Image_encrypted.gif", "Key01.dat",
"Image_decrypted.gif");

// Test with text file:
vernam.EncryptFile("Text.txt", "Text_encrypted.txt", "Key02.dat");
vernam.DecryptFile("Text_encrypted.txt", "Key02.dat",
"Text_decrypted.txt");

// Test with pdf file:
vernam.EncryptFile("Text.pdf", "Text_encrypted.pdf", "Key03.dat");
vernam.DecryptFile("Text_encrypted.pdf", "Key03.dat",
"Text_decrypted.pdf");```

The key is produced by the class and has the same length as the original data. Randomly generated bytes are used as keys.

For decryption the same key has to be used as for encrypting the file.

Written By
Software Developer (Senior) Foidl Günther
Austria
Engineer in combustion engine development.
Programming languages: C#, FORTRAN 95, Matlab

FIS-overall worldcup winner in Speedski (Downhill) 2008/09 and 2009/10.

 First Prev Next
 +1 Member 1287087426-Nov-16 11:19 Member 12870874 26-Nov-16 11:19
 Personal Input From TextBox. Justin Weldon2-Apr-15 2:36 Justin Weldon 2-Apr-15 2:36
 My vote of 5 John Underhill12-Sep-13 5:42 John Underhill 12-Sep-13 5:42
 MFC equivalent DPLNeural1-Jul-13 21:41 DPLNeural 1-Jul-13 21:41
 My vote of 5 Manoj Kumar Choubey29-Mar-12 20:12 Manoj Kumar Choubey 29-Mar-12 20:12
 My vote of 5 Manoj Kumar Choubey26-Feb-12 21:33 Manoj Kumar Choubey 26-Feb-12 21:33
 Question kma6911-Feb-09 7:14 kma69 11-Feb-09 7:14
 Re: Question kma6911-Feb-09 7:21 kma69 11-Feb-09 7:21
 "Cracking" a Random Number Generator jcdege30-Sep-08 2:23 jcdege 30-Sep-08 2:23
 Re: "Cracking" a Random Number Generator Günther M. FOIDL30-Sep-08 3:02 Günther M. FOIDL 30-Sep-08 3:02
 Use of Random class Aelthegrin29-Sep-08 8:08 Aelthegrin 29-Sep-08 8:08
 Re: Use of Random class Günther M. FOIDL29-Sep-08 10:03 Günther M. FOIDL 29-Sep-08 10:03
 Hi, I know that the random-generator I've implemented isn't really random - it is based on Donald E. Knuth's subtractive random number generator algorithm. More than implementing a real random generator I wanted to show how simple encryption/decryption can be. It's up to you to implement better random generators. As you mentioned the Windows crypto generators aren't really secure too. For real security the key has to be produced by other methods. Let's quote John von Neumann: "Anyone who uses arithmetic methods to produce random numbers is in a state of sin." Thanks for your post and your thoughts about pseudo random numbers. regards Gü
 Interesting article rht34128-Sep-08 4:12 rht341 28-Sep-08 4:12
 Re: Interesting article Günther M. FOIDL22-Oct-09 10:57 Günther M. FOIDL 22-Oct-09 10:57
 Last Visit: 31-Dec-99 18:00     Last Update: 30-May-23 18:05 Refresh 1