Originally appears on American Partisan and authored by my friend "Guerrilla Logistician". Get your OTP Generator here. -NCS
The many facets of encryption can be daunting at best. There are many ways to deal with encryption that can be expedient while losing some of your security. If you go to one of the NCScout classes, he will go in much more detail and honestly, he teaches it far better than I can. Suffice it to say that encryption, especially digital versions, has been extremely important to everyday life for ages. From Caesar Ciphers during the roman empire all the way to the present people have tried to hide plain text messages. During the revolutionary war invisible ink was a common item along with Mask Letters. It has become even more important with technology from the use of passwords, securing financial transactions to how both parties organize protests using encryption apps. If you’ve been a long-time listener of scouts podcast you will also know many of the failures in security that were considered impossible to read. Not only have civilian organizations, law enforcement but even our government accessed private information. Sometimes they stopped terrorists form acting other times they arrested people over politics, but regardless of your beliefs one thing is clear. Encryption is a very complicated environment to understand for those we’re not actively learning about it.
With all that said let’s discuss what scout teaches and now currently sells on his website. The one-time pad or OTP for short is an encryption technique the theoretically cannot be broken if done properly. Without the encryption pad any open transmission of the message can reasonably be read as any message you could imagine within the length of characters. In as plainly as I can say this the OTP you create for encryption can be any number length you wish. In theory you could encrypt a whole novel, but as scout points out in his courses the longer you are on air the easier you are to track down. Scout uses a combination of trigram and OTP for clandestine encryption. It not only shortens the message it shortens the time you are on air. Some of you will know what a number station is and although they are dying out due to the ability to use the Internet in the same fashion they still exist.
Rules for OTP
- Keep your message as short as possible.
- Each group you talk to should have their own set of OTP pads and shouldn’t be operating off a community book of pads. This will prevent the loss of an OTP from compromising everyone.
- Make sure any OTP pads Are distributed by hand and not over the Internet. Distributing OTP pads in a compromised manner means anyone could be reading your messages.
- Never reuse an OTP pad.
OTP pads
First this isn’t an article on how to use OTP pads. I am sure not only does the brushbeater website have that information, but so does The Guerrillas Guide to the Baofeng Radio.
An OTP pad for the most part is a string of five numbers that are randomly generated over and over again to get the necessary characters for a message. The reason we don’t just write down random numbers is because humans aren’t as random as chance. Back during the Cold War Russians and most likely many Americans spent hours rolling 10-sided dice. This is a small and a simple way to create an OTP, and you know for sure That these numbers can’t be reproduce. Why don’t we just write down random numbers instead of wasting the time with dice?
35684 23876 31355 25673 Human
71110 77586 00302 55636 Dice
20715 61729 79112 62131 OTP GEN
As you can see above, they look equally random but there are no 1s 0s or 9s from the human. Also, it is rare that we string the same number next to each other. We sadly tend to follow patterns and we also neglect things. As you can see versus the dice and OTP generator briefly everything looks random, but to a good crypto analyst they will figure out patterns in the human touch out quickly. Unfortunately dice takes a long time although they are very easy to pack. So instead of employing several people in rolling dice and writing down OTP pads we can rely on the power of chips to do our work. You can go online and pull a random OTP generating app for many locations. You then could transfer onto a computer that has no access to the Internet and possibly create some very random pads. Provided the author of the app isn’t setting you up with software to fool you with. Luckily for us a bunch of hackers and nerds have done a lot of the footwork for us. Partisan labs produce an all-in-one OTP generator that will not only print out your OTP it will also print instructions on how to use the OTP properly. This generator is open source, readable hackable or modifiable by you or others. The hacking community has gone over this generator several times and found no faults in the coding. They are a known entity and lean in on the patriotic side of things. For those who know who AmRRON they are closely tied to those guys.
Several other places have sold similar devices as partisan labs, but don’t tend to stick around. With that said if you go to brushbeater store you will find he sells the exact same generator. Partisan labs aren’t the only people who make these devices Although they tend to be the ones that have stayed in business full time. I have owned one of these for a while now and while very simple they come with a small learning curve and some points you will need to remember.
If you have any issues with your OTP generator partisan labs will help you. Mine was purchased from ready made resources. I had an issue with a faulty printer after some heavy use, and they fixed my unit no issue.
ADL-1
https://brushbeater.store/products/adl-1-one-time-pad-printer
Not every person who preps or the potential partisan needs one of these. This device is a time saver and a force multiplier for groups. If you must deal with people across a region this device is for you, or if you happen to be the commo specialist you will want this. Realistically all this can be done with dice and time, but with this device you can securely make an OTP pad make an exact copy without the use of a copy machine. There are some drawbacks to this machine which should be noted so you don’t put yourself or people into a bind.
This device works on an entropy-based randomization system which you don’t need to know or care about. It then connects to a simple push button system that will print out your OTP pad onto receipt paper. This is phenomenal for in field use and generating small pads four teams going on patrol. The downside with the printer and its lack of ink is over time the paper will fade. So, you won’t need to store ink cartridges, but the OTP pad has a shelf life due to heat. This means if you are going to be handing out OTP pads for long duration storage you will need some copier that is not connected to the Internet or to hand write what was generated. If anyone paid attention back in the day many printers stored copies of what was printed, so be very careful with your home copier, much less a work one. Use common sense when copying your OTP pads.
Powering the ADL-1
One nuance of the ADL’s is their lack of ability to charge your batteries when they are plugged in to land power. Without good batteries or power this device can really struggle to print out very clear pads. Luckily two special batteries come along with the device. Also, if connected to a power supply that has less amps then required you will get a blank page printed out. So, if you invest in this device you will want to get the specific battery charger for 18605 batteries, and probably a power supply. 18650 batteries are included so you are ready to print when it arrives. Most sites that sell the ADL-1 also sell the power supply for 30 dollars, but brushbeater doesn’t. You will have to decide what you want to get on your own, but you can buy both a charger and block for the same price. They don’t ship with a power supply mostly because people have gotten creative with this device or have ample power supplies handy. Below are links to what I have but shop around, buy one or the other depending on your needs.
battery charger
https://www.amazon.com/dp/B09QL23FX8?psc=1&ref=ppx_yo2ov_dt_b_product_details
Power supply 12 – 13.8 vdc. 2.1 mm center positive, 2 amps
https://www.amazon.com/dp/B00Q2E5IXW?psc=1&ref=ppx_yo2ov_dt_b_product_details
Paper
Specifications
2.25 x 1.5 inches (40mm) external diameter.
No more than 2.5 mil (0.06 – 0.07mm) thick. About 40 ft with core, 70 ft coreless
Obviously, the dimensions of the roles are important as well, you can’t have a huge role or one that doesn’t fit in the printer. Lastly make sure the roll is placed in the machine properly. The paper should be feeding from the base of the roll towards the front of the machine, not over top of the roll. If you mess this up it won’t print anything out and the device will print a blank sheet as if it doesn’t have enough power.
Storing OTP pads
A neat trick I developed for storing OTP pads and making them readily available or just easily copyable uses baseball card binder sheets. You can place the OTP pad in one of the slots front and back and have a binder to flip through and organize. Add to that the sleeves make copying on a machine way easier. Any good nerd store that has 10-sided dice will have these sheets fairly cheaply. That said if you print out large pads, or ones with other information you may have to fold the slip. 250-character pads fit perfectly though, and 500 characters might work as well with some of the extra paper trimmed off. You can also make them weather resistant with a bit of tape to seal the OTP pads in.
Conclusion
If you are going to be printing out OTP pads consistently or doing large batches this device is probably one of the most secure formats available. You can always do it the old school way and save the cash of this device but in the end, you will want this in your supplies if things go bad long term. I would get on the ball and buy one of these as they are not something that Amazon carries, and many stores also tend not to keep these in stock. If you are going to be running a TOC, then this device is absolutely for you. If you are a radio guy this will protect your communications and is a must as well. Regardless, if you buy this device over say a DMR radio, you will most likely want OTP pads ready to go. Either bite the financial bullet or start rolling dice get cracking.