I know theres AES and PGP, but all electronics stuff still has backdoors. You can’t backdoor a piece of paper and a writing utensil.
Is it possible to design a (pen and paper) cipher that is secure against government cryptanalysis for at least 10 years?
Submitted 7 hours ago by IDKWhatUsernametoPutHereLolol@lemmy.dbzer0.com to [deleted]
Comments
user224@lemmy.sdf.org 7 hours ago
heavydust@sh.itjust.works 7 hours ago
It’s a good algorithm but if you need to decode any message, you must get drunk and listen to creepy radio stations at 1AM in the forest or something.
IDKWhatUsernametoPutHereLolol@lemmy.dbzer0.com 7 hours ago
Hmm yea cool, problem is, its not reusable. You have to generate new keys every time. Kinda not easy to constantly exchange new keys if you are… say a group of revolutionaries hiding from the government. 👀
yoevli@lemmy.world 6 hours ago
This is how all modern cryptography works. A deterministic cipher is functionally no different from pig Latin when it comes to actual security. A modern solution like public key cryptography is infinitely more secure. If you’re especially paranoid you can generate the cryptotext locally and send it by email; that would be infinitely more secure than anything you could achieve by hand.
Nemo@slrpnk.net 6 hours ago
That’s why you make a stack of them. Generate hundreds up-front and you don’t need to generate new every time.
m0darn@lemmy.ca 6 hours ago
I’m certainly not an expert.
But could you generate pads from mutually accessible data sources?
Like use hit_me_baby_one_more_time_not_a_virus.mp3 appended with a password, as a seed in a pseudo random number generating algorithm, then do the same thing with another data source, repeat however many times, then XOR the generated numbers together, and use the result as a pad?
Inucune@lemmy.world 4 hours ago
Book cypher. 2 copies of the exact same book. The cypher is an agreed upon system of indicating letters or words.
cogman@lemmy.world 6 hours ago
No, not possible.
The closet we’ve seen are the zodiac killer’s scribbles and they lasted as long as they did because he made a mistake (and frankly because no security researcher was really trying).
Modern cryptography works because it shuffles data around so much that it appears random. There’s simply no way to do those sorts of operations with just pen and paper.
Squorlple@lemmy.world 6 hours ago
ricecake@sh.itjust.works 5 hours ago
You need a way to generate a psuedo random sequence that’s synchronized. You can then use that random stream as something that works like a stream cipher.
Getting synchronized sources of random numbers like that isn’t trivial, but it can be done.
To spitball a notion: get something like a small microcontroller that can drive a small screen, no wireless capabilities needed. Putting an implementation of something like the hotp algorithm on it will let you get some random data with each button press. That data can basically be used like a one time pad where you press a button each time you need more data. People decrypting the data just need to start at the same point in the sequence.
There are so many issues with this that I haven’t thought of, but it’s the most reasonable approximation of a pen and paper algorithm that has modern security levels and can be done in a reasonable amount of time.
Basically, you’re going to want to look into stream ciphers. Since those can be done without feeding the data into them, it’s possible to have a more disconnected system.
It’s worth noting that against a governmental adversary, you’re far more likely to be revealed via poor application of a custom crypto system than by a targeted bypass of a commonplace one.
If you’re under suspicion, a cop can grab the piece of paper you did your work on out of the trash if you forgot to burn it and no decryption is required. Being physically readable, the key material can be seized and it’s lost. If they have a warrant they can put a camera in your house and just record your paper.
With a cellphone, the lowest level of scrutiny that can use a backdoor that we know of would be a sealed fisa court order. Anything less official would require more scrutiny, since the NSA isn’t going to send a targeted payload to the phone of a generic malcontent/domestic subversive.Widely used crypto systems address an extremely wide array of possible attacks, most of which aren’t related to the cipher but instead to issues of key management and rotation. This can give you guarantees about message confidentiality being preserved backwards in time if the key is stolen,cand only new messages being readable, as an example. (Perfect forward secrecy)
What you’re looking for can be made, but you need to strongly consider if it actually makes you more secure, or less. Probably less.
gedaliyah@lemmy.world 5 hours ago
Maybe something akin to a book code, although machine learning may be able to crack those by that time.
I am not a cryptographer so I have no idea really.
DragonsInARoom@lemmy.world 6 hours ago
Make your own language
gedaliyah@lemmy.world 5 hours ago
The Navajo did pretty well in WWII
IDKWhatUsernametoPutHereLolol@lemmy.dbzer0.com 6 hours ago
Time to put my Chinese language skills to work?
English + Mandarin (Pinyin) + Cantonese (Jyutping) = ???
Canto-Mandar-lish? 🤔
Actually it might work. You’d need to understand 3 languages to decipher it.
Does the NSA/FSB/CCP have tri-lingual speakers? 🤔
Maybe I should learn some Navajo to add more fun to the mix? 😁
WoodScientist@sh.itjust.works 3 hours ago
Learn Navajo and ancient Babylonian. Write everything in a custom pidgin of Mandarin, Navajo, and ancient Babylonian.
gedaliyah@lemmy.world 5 hours ago
Also maybe microdots would be more effective. Not exactly pen and paper, but still analog. Hard to crack a code you can’t find.
Treczoks@lemmy.world 58 minutes ago
Have a list of pregenerated numbers that each participant has, and do a ciphering system based on those. Like a book cipher, but smaller, more portable, and faster to eat in case of emergency.