persik is a portmanteau of the Norwegian phrase 'perfekt sikkerhet', meaning 'perfect security'.

persik is a one-time pad generator/encrypter/decrypter implemented in perl around Base64. You can encrypt a text file against a previously generated one-time pad, email it to another party, and they can decrypt it using the same pad back to plain text.

Internally, persik will read through the input file, convert it to Base64, then encrypt it against the one-time pad. Encrypted files are output with 76 characters to a line; whitespace is ignored while decrypting. Additionally, as of 1.1, whitespace in pads is ignored as well. While decrypting, the file is decrypted against the one-time pad, then decoded from Base64 back to the original text.

As of 1.1, persik will refuse to encrypt the message if the message is larger than the pad unless --force is passed to it.

Pads are generated in-program using Crypt::Random, which in turn uses a unix-like system's /dev/random. This should be changed for systems with a dedicated Random Number Generator; see the Crypt::Random documentation for more details.



See persik --help for more information.

To generate a one-time (well, you can re-use it, but it'd be pointless to) pad, run persik --generate:

persik --generate my.pad 1000

This will put 1000 * 76 characters worth of random data (encoded in Base64), or 1000 'lines', into my.pad.

To encrypt your message against the pad, run persik --encrypt:

persik --encrypt message.txt my.pad > message.enc

Now send message.enc to your operative in the Soviet Union (either as an attachment or as the body of email, since lines are formatted to be 76-columns long, or really anyway you want, perhaps over pigeon carriers, and have them run persik --decrypt:

persik --decrypt message.enc my.pad > message.txt

And now they should have an exact copy of message.txt!

If you want to encrypt part of a message that is too long for the padyou are using, you can run persik --force:

persik --encrypt --force long-message.txt small.pad > part-of-long-message.enc

Be warned, though, you'll truncate your message to the length of the pad.

The tricky part is getting the pad to them; it's probably best to generate pads beforehand and exchange them in person, optimally on encrypted media.


persik is released under the MIT/X Consortium License. A copy of the license can be found in the release tarballs.