15th
Sending Small Secrets with Perl
Suppose you’d like to send a short message, like an account number, to a friend, but have no secure way to transfer it and can’t hand the number off in person.
If there’s something that only you and your friend know, and this something in text is at least as long as the secret you’d like to send, you’re in luck.
Using your shared secret, Perl, Base64, and the XOR cipher, you can communicate small secrets securely.
An Example
Alice needs to send a 7 digit account number, like 9876543, to her friend Bob over e-mail. Alice knows that Bob’s first phone number was 555-4241 . To encode the account number using this shared secret, she can Base64 encode the result of XORing “5554241” and “9876543”.
On her computer, she runs this small Perl script:
perl -MMIME::Base64 -e 'print encode_base64("5554241"^"9876543")'
which returns the string “DA0CAgcAAg==”
Next, she composes an e-mail to Bob:
Hey Bob, here is that account number. Run the following command, substituting the asterisks for your first phone number, no area code, and without the dash: perl -MMIME::Base64 -e ‘print “*******”^decode_base64(“DA0CAgcAAg==”)’
When Bob gets the message, he runs the command on his machine:
perl -MMIME::Base64 -e 'print "5554241"^decode_base64("DA0CAgcAAg==")'
which prints 9876543.
