Re: New 2 Cryptography
From: Dale Benjamin (daleb@k-online.com)
Date: 02/07/03
- Next message: Dale Benjamin: "Re: cipher program"
- Previous message: Paul Crowley: "Re: New 2 Cryptography"
- In reply to: Palimpsest: "New 2 Cryptography"
- Next in thread: Dale Benjamin: "Re: New 2 Cryptography"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Dale Benjamin" <daleb@k-online.com> Date: Thu, 6 Feb 2003 15:22:05 -0800
----- Original Message -----
From: "Palimpsest" <beefdiaper@hotmail.com>
Newsgroups: sci.crypt
Sent: Thursday, February 06, 2003 11:02 AM
Subject: New 2 Cryptography
> Hello. I've recently developed an interest in the science of
> cryptography and I thought I'd post here to ask a few questions. Where
> is a good place to start if I'm interested in encrypting my personal
> data, i.e. emails, personal info, and typed letters? I'm aware of PGP
> (although I've never used it, and it's probably kid-stuff to most of
> you) and I learned a little about basic cryto theory from Neal
> Stephenson's Cryptonomicon. For the novice, what are some simple
> encryption systems to use that are relatively secure? I do exchange a
> lot of "snail mail" letters with friends and we'd like to get some
> experience with a basic system. Any ideas or suggestion would be
> helpful. Please point me in the right direction.
I tried PGP a few times and while it seems like an excellent program there
are a few gotchas. It's free for personal use, not for business, so that
limits it. Also there is a question of licensing one or more algorithms,
that may get costly if someone found much use for it.
GPG, or the Gnu Privacy Gaurd is unqualifiedly free. Alas, it's a command
line interpreter Operating System, native to Linux although a MSDOS version
is available. It's not too bad really, and claims to use a bunch of
algorithms that seem to be of interest still. There IS a windows front end
available, but only one, available very widely and I imagine I see the fine
hand of the NSA in that. But if you can get by on MSDOS or the BASH shell,
that would be the way to go. Unfortunately I don't expect many people will
care to try it on a casual basis.
Algorithims are something other than the programs which implement them, and
from what I've seen you got to be an accomplished hard core c programmer to
get anywhere with the leading edge stuff. I play around in visual basic a
little, and have used the Xor, or Exclusive Or function to some avail. The
letters in a file are represented in ASCII by numbers from 0-255, pretty
simple to develop. Xoring them with another number results in all bits that
are the same in both bytes are zeros in the result. Where the bits are
dissimilar, the resultant bits are 1. Xor the result byte with the same
byte as you used with the original, and you get the original byte in the
secont result. Of course you don't have to use the same operator byte for
everything in the message.
Transposition is interesting, maybe change all lower case a characters to
Zs, using the computer makes very complex changes feasible. Multiple rounds
of transposition, and Xoring might increase security somewhat. The
newsgroup faq is pretty interesting, but gets a little mathy.
With careful planning, many arithmetic operations with bytes, integers, and
longs can be reversed. Do a round of Xoring & transposition in between
rounds of arithmetic operations, and you wind up with something that would
take a few seconds to decode on a K-Mart computer once the cracker gets
around to trying the right stuff, no telling how long that will take. And
if you have to ask how much it will cost, just don't.
This is of course symmetric ciphering, you and your correspondent have
identical keyphrases. "Snake Oil' the heavies call it, and of course it
doesn't compare with what someone can do with modern algorithms after
spending many years of a limited life studying both the algorithms and the
fine art of computer programming. Such people tend to gravitate towards
upper echelons of society and are kind of busy, which puts their services
out of reach for many people.
What I've outlined above then will not prevent major world governments from
reading your ciphered messages, but will provide a limited amount of
security. I doubt many people working at ISPs will have the abilities,
time, and resources to compromise even a moderately complex Xor scheme, keys
and magic numbers are readily changed. A reasonably complex system with a
Windows interface may readily be developed with Visual Basic Learning
Edition, available for a hundred bucks a couple years ago.
- Next message: Dale Benjamin: "Re: cipher program"
- Previous message: Paul Crowley: "Re: New 2 Cryptography"
- In reply to: Palimpsest: "New 2 Cryptography"
- Next in thread: Dale Benjamin: "Re: New 2 Cryptography"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
