Kuro5hin.org: technology and culture, from the trenches
create account | help/FAQ | contact | links | search | IRC | site news
[ Everything | Diaries | Technology | Science | Culture | Politics | Media | News | Internet | Op-Ed | Fiction | Meta | MLP ]
We need your support: buy an ad | premium membership

Plain language cryptography

By cdegroot in News
Thu Apr 27, 2000 at 09:46:11 PM EST
Tags: Freedom (all tags)

People who loathe crypto regulation must love CipherSaber, which proposes a crypto scheme so easy that you can pass the algorithm in plain language to any other programmer. In fact, there's no code on the site, you need to build your own.

A logical idea is to start collecting implementations in various computer languages, but an even more interesting and useful idea is to collect descriptions in various human languages - especially when it's about tricky algorithms, people tend to cope better with their own language. The CipherSaberList does both, I hope that especially the natural language list will boom and help the spread of strong crypto especially to places where English isn't as common as elsewhere.

So dust off that APL compiler or Sanskrit vocabulary and let's see which list grows fastest :-).


Voxel dot net
o Managed Hosting
o VoxCAST Content Delivery
o Raw Infrastructure


Related Links
o CipherSabe r
o CipherSabe rList
o Also by cdegroot

Display: Sort:
Plain language cryptography | 13 comments (13 topical, editorial, 0 hidden)
For those who want the algorithm he... (4.00 / 1) (#4)
by henrik on Thu Apr 27, 2000 at 05:35:57 PM EST

henrik voted 1 on this story.

For those who want the algorithm here (written down from memory, verify this somewhere else before you implemt it)

To generate one byte of keystream:
i = i+1
j = j+S[i]

tmp = S[i]
S[i] =S[j]

t = S[i] + S[j]


C = P xor S[t]

CipherSaber (acctually, it's RC4, but don't tell RSA Labs) uses 256 S-boxes.
Generating them is also trivial.

1) fill all the S boxes linearly (0,1,2,3... 255)
2) generate another 256 entry array and fill it with your key (we'll call it K).
Repeat key if shorter than 256.
for i [0,255]
j=j+S[i] + K[i]
tmp = S[i]
S[i] =S[j]

BTW, why is there no perview button at the voting area?


Akademiska Intresseklubben antecknar!

Ok, kind of cool, but on the other ... (4.00 / 1) (#1)
by rusty on Thu Apr 27, 2000 at 05:41:32 PM EST

rusty voted 1 on this story.

Ok, kind of cool, but on the other hand, it is *hard* not to screw up an implementation of a crypto algorithm. Just knowing the algorithm is not nearly enough. The majority of mistakes are in small details like noise-generating and whatnot. Go ahead and make your own, but don't then claim that it's secure, or trust it to be :-)

Not the real rusty

They should write a compiler for a ... (none / 0) (#2)
by Nyarlathotep on Thu Apr 27, 2000 at 05:42:18 PM EST

Nyarlathotep voted 1 on this story.

They should write a compiler for a limited subset of the human langauge, write the program, and distribute it. A human enough langauge might pass as free speach.
Campus Crusade for Cthulhu -- it found me!

The idea is cool-sounding: programm... (none / 0) (#5)
by End on Thu Apr 27, 2000 at 05:45:32 PM EST

End voted 0 on this story.

The idea is cool-sounding: programmers fulfill certain requirements and become on of a cryptographic elite. But what's the point? There's no practical value to using their algorithms unless it be as a learning excercise. Also, cdegroot didn't make his ideas very clear...


Re: The idea is cool-sounding: programm... (none / 0) (#11)
by cdegroot on Fri Apr 28, 2000 at 03:53:04 AM EST

I'm more than happy to make myself clear :-).

First, you don't become member of a cryptographic "elite" when you implement CipherSaber. The beauty of RC4 is that it is so easy to implement that you don't have to be a member of any elite to create such an implementation.

Therefore, CipherSaber helps to show how ridicously easy strong crypto is (yes, the warnings given in an earlier reply apply, but in CipherSaber about the only mistake you can make is that you use a very broken PRNG for the IV, and I guess that even the standard Visual Basic RNG - which is very broken - generates more entropy than whatever the user cares to enter as a password). If cryptography is indeed easy enough to be passed by informal speech (for another interesting example, check Bruce Schneier's Solitaire algorithm), it can't be regulated. We know that, this just helps in spreading the word to those who don't.

Furthermore, while the algorithm description of CipherSaber is so concise, it is easy to translate in other languages and thereby spread actual cryptography knowledge (even though it is on a purely mechanical level). It's maybe hard to understand for a native English speaker with not a lot of exposure to foreign languages, but it really helps a lot to have an algorithm described in your own language. My English is probably as good as someone not speaking it daily is going to get, and I really need to concentrate in order not to make mistakes when translating this foreign language algorithm description. That's why I setup this CipherSaberList of natural language descriptions of the algorithm, so that people may pass on the description in their own language.

Last but not least, I think it's fun :-)

[ Parent ]

Sounds interesting enough.... (none / 0) (#3)
by mr. creep on Thu Apr 27, 2000 at 06:07:23 PM EST

mr. creep voted 1 on this story.

Sounds interesting enough.
brian - geeknik.net

Heh. Cool site. Sounds like fun.... (none / 0) (#7)
by jetpack on Thu Apr 27, 2000 at 06:11:01 PM EST

jetpack voted 1 on this story.

Heh. Cool site. Sounds like fun.
/* The beatings will continue until morale improves */

Cool technology! Encryption for t... (none / 0) (#6)
by meckardt on Thu Apr 27, 2000 at 09:28:58 PM EST

meckardt voted 1 on this story.

Cool technology! Encryption for the masses, and a whole lot easier to understand than RSA.

Re: Cool technology! Encryption for t... (none / 0) (#8)
by fluffy grue on Thu Apr 27, 2000 at 11:29:44 PM EST

Did you read the article? It *is* an RSA algorithm, namely rc4 (as opposed to the public-key and export-controlled rc5).
"Is not a quine" is not a quine.
I have a master's degree in science!

[ Hug Your Trikuare ]
[ Parent ]

Re: Plain language cryptography (3.50 / 2) (#9)
by Anonymous Hero on Fri Apr 28, 2000 at 12:04:35 AM EST

If any of you are interested, I pulled out Applied Crypto and looked up the section on RC4. Schneier had a note in there about it being able to move to 16-bit (the common version is 8-bit), which would make the process faster and able to use keys larger than 256 bytes. At the URL below is a PERL version of RC4 16-bit, implemented as closely to the Applied Crypto version as I could. Give it a try and tell me what you think. (Encryption and decryption are the reverse of each other, so the program doesn't care which is cyphertext and which is plaintext). http://www.penguinhosting.net/~ian/rc4-16 posted by ian

Re: Plain language cryptography (none / 0) (#12)
by cdegroot on Fri Apr 28, 2000 at 04:03:16 AM EST

You miss one important thing, which is to provide for an initialization vector (and this will make encryption and decryption asymmetric). Check Applied Cryptography, I'm sure it is mentioned somewhere, but basically the problem is that when you have a cipher that uses Msg^Key to en/decrypt things, you can do (MsgA^Key)^(MsgB^Key) as an attacker and get (MsgA^MsgB) as a result, which is then relatively easy to crack. So you never want to reuse the same key, which is why you want to attach a random IV to the user-supplied key.

Oh, and while you're at it, if you would be so kind and rework it into a faithful Perl CipherSaber implementation for my list... ;-)

[ Parent ]

You know, this actually is simple (none / 0) (#10)
by Decklin Foster on Fri Apr 28, 2000 at 12:42:53 AM EST

I'm pleasantly surprised. This algorithm was so clear that I was able to code
it up in C and get it to compile and encrypt/decrypt a file correctly on the
first try.

Seriously, I'm usually a worse coder than that... ;-) Maybe I'll try some more
"interesting" languages later.

Irrelevant (none / 0) (#13)
by megacz on Sat Apr 29, 2000 at 02:08:23 PM EST

It's irrelevant. The export regulation doesn't say "you can export human-language crypto" -- it says "you can't export computer-readable crypto". If you've found a way to let computers read human-language descriptions, all you've done is make those descriptions illegal.

Search pricewatch, streetprices, and others all at once with lowerbound.org (now with discussions!)
Plain language cryptography | 13 comments (13 topical, 0 editorial, 0 hidden)
Display: Sort:


All trademarks and copyrights on this page are owned by their respective companies. The Rest 2000 - Present Kuro5hin.org Inc.
See our legalese page for copyright policies. Please also read our Privacy Policy.
Kuro5hin.org is powered by Free Software, including Apache, Perl, and Linux, The Scoop Engine that runs this site is freely available, under the terms of the GPL.
Need some help? Email help@kuro5hin.org.
My heart's the long stairs.

Powered by Scoop create account | help/FAQ | mission | links | search | IRC | YOU choose the stories!