create account | help/FAQ | contact | links | search | IRC | site news
 Everything Diaries Technology Science Culture Politics Media News Internet Op-Ed Fiction Meta MLP

 Plain language cryptography By cdegroot in NewsThu Apr 27, 2000 at 09:46:11 PM EST Tags: Freedom (all tags) People who loathe crypto regulation must love CipherSaber, which proposes a crypto scheme so easy that you can pass the algorithm in plain language to any other programmer. In fact, there's no code on the site, you need to build your own.

A logical idea is to start collecting implementations in various computer languages, but an even more interesting and useful idea is to collect descriptions in various human languages - especially when it's about tricky algorithms, people tend to cope better with their own language. The CipherSaberList does both, I hope that especially the natural language list will boom and help the spread of strong crypto especially to places where English isn't as common as elsewhere.

So dust off that APL compiler or Sanskrit vocabulary and let's see which list grows fastest :-).

 Display: Threaded Minimal Nested Flat Flat Unthreaded Sort: Unrated, then Highest Highest Rated First Lowest Rated First Ignore Ratings Newest First Oldest First
 Plain language cryptography | 13 comments (13 topical, editorial, 0 hidden)
 For those who want the algorithm he... (4.00 / 1) (#4) by henrik on Thu Apr 27, 2000 at 05:35:57 PM EST

 henrik voted 1 on this story.For those who want the algorithm here (written down from memory, verify this somewhere else before you implemt it) To generate one byte of keystream: i = i+1 j = j+S[i] tmp = S[i] S[i] =S[j] S[j]=tmp t = S[i] + S[j] Encrypt: C = P xor S[t] CipherSaber (acctually, it's RC4, but don't tell RSA Labs) uses 256 S-boxes. Generating them is also trivial. 1) fill all the S boxes linearly (0,1,2,3... 255) 2) generate another 256 entry array and fill it with your key (we'll call it K). Repeat key if shorter than 256. 3) for i [0,255] j=j+S[i] + K[i] tmp = S[i] S[i] =S[j] S[j]=tmp BTW, why is there no perview button at the voting area? -henrik Akademiska Intresseklubben antecknar!
 Ok, kind of cool, but on the other ... (4.00 / 1) (#1) by rusty on Thu Apr 27, 2000 at 05:41:32 PM EST

 rusty voted 1 on this story.Ok, kind of cool, but on the other hand, it is *hard* not to screw up an implementation of a crypto algorithm. Just knowing the algorithm is not nearly enough. The majority of mistakes are in small details like noise-generating and whatnot. Go ahead and make your own, but don't then claim that it's secure, or trust it to be :-) ____Not the real rusty
 They should write a compiler for a ... (none / 0) (#2) by Nyarlathotep on Thu Apr 27, 2000 at 05:42:18 PM EST

 Nyarlathotep voted 1 on this story.They should write a compiler for a limited subset of the human langauge, write the program, and distribute it. A human enough langauge might pass as free speach. Campus Crusade for Cthulhu -- it found me!
 The idea is cool-sounding: programm... (none / 0) (#5) by End on Thu Apr 27, 2000 at 05:45:32 PM EST

 End voted 0 on this story.The idea is cool-sounding: programmers fulfill certain requirements and become on of a cryptographic elite. But what's the point? There's no practical value to using their algorithms unless it be as a learning excercise. Also, cdegroot didn't make his ideas very clear... -JD
 Re: The idea is cool-sounding: programm... (none / 0) (#11) by cdegroot on Fri Apr 28, 2000 at 03:53:04 AM EST

 I'm more than happy to make myself clear :-). First, you don't become member of a cryptographic "elite" when you implement CipherSaber. The beauty of RC4 is that it is so easy to implement that you don't have to be a member of any elite to create such an implementation. Therefore, CipherSaber helps to show how ridicously easy strong crypto is (yes, the warnings given in an earlier reply apply, but in CipherSaber about the only mistake you can make is that you use a very broken PRNG for the IV, and I guess that even the standard Visual Basic RNG - which is very broken - generates more entropy than whatever the user cares to enter as a password). If cryptography is indeed easy enough to be passed by informal speech (for another interesting example, check Bruce Schneier's Solitaire algorithm), it can't be regulated. We know that, this just helps in spreading the word to those who don't. Furthermore, while the algorithm description of CipherSaber is so concise, it is easy to translate in other languages and thereby spread actual cryptography knowledge (even though it is on a purely mechanical level). It's maybe hard to understand for a native English speaker with not a lot of exposure to foreign languages, but it really helps a lot to have an algorithm described in your own language. My English is probably as good as someone not speaking it daily is going to get, and I really need to concentrate in order not to make mistakes when translating this foreign language algorithm description. That's why I setup this CipherSaberList of natural language descriptions of the algorithm, so that people may pass on the description in their own language. Last but not least, I think it's fun :-) [ Parent ]
 Sounds interesting enough.... (none / 0) (#3) by mr. creep on Thu Apr 27, 2000 at 06:07:23 PM EST

 mr. creep voted 1 on this story.Sounds interesting enough. -- brian - geeknik.net
 Heh. Cool site. Sounds like fun.... (none / 0) (#7) by jetpack on Thu Apr 27, 2000 at 06:11:01 PM EST

 jetpack voted 1 on this story.Heh. Cool site. Sounds like fun. -- /* The beatings will continue until morale improves */
 Cool technology! Encryption for t... (none / 0) (#6) by meckardt on Thu Apr 27, 2000 at 09:28:58 PM EST

 meckardt voted 1 on this story.Cool technology! Encryption for the masses, and a whole lot easier to understand than RSA.
 Re: Cool technology! Encryption for t... (none / 0) (#8) by fluffy grue on Thu Apr 27, 2000 at 11:29:44 PM EST

 Did you read the article? It *is* an RSA algorithm, namely rc4 (as opposed to the public-key and export-controlled rc5). --"Is not a quine" is not a quine.I have a master's degree in science![ Hug Your Trikuare ] [ Parent ]
 Re: Plain language cryptography (3.50 / 2) (#9) by Anonymous Hero on Fri Apr 28, 2000 at 12:04:35 AM EST

 If any of you are interested, I pulled out Applied Crypto and looked up the section on RC4. Schneier had a note in there about it being able to move to 16-bit (the common version is 8-bit), which would make the process faster and able to use keys larger than 256 bytes. At the URL below is a PERL version of RC4 16-bit, implemented as closely to the Applied Crypto version as I could. Give it a try and tell me what you think. (Encryption and decryption are the reverse of each other, so the program doesn't care which is cyphertext and which is plaintext). http://www.penguinhosting.net/~ian/rc4-16 posted by ian
 Re: Plain language cryptography (none / 0) (#12) by cdegroot on Fri Apr 28, 2000 at 04:03:16 AM EST

 You miss one important thing, which is to provide for an initialization vector (and this will make encryption and decryption asymmetric). Check Applied Cryptography, I'm sure it is mentioned somewhere, but basically the problem is that when you have a cipher that uses Msg^Key to en/decrypt things, you can do (MsgA^Key)^(MsgB^Key) as an attacker and get (MsgA^MsgB) as a result, which is then relatively easy to crack. So you never want to reuse the same key, which is why you want to attach a random IV to the user-supplied key. Oh, and while you're at it, if you would be so kind and rework it into a faithful Perl CipherSaber implementation for my list... ;-) [ Parent ]
 You know, this actually is simple (none / 0) (#10) by Decklin Foster on Fri Apr 28, 2000 at 12:42:53 AM EST

 ```I'm pleasantly surprised. This algorithm was so clear that I was able to code it up in C and get it to compile and encrypt/decrypt a file correctly on the first try. Seriously, I'm usually a worse coder than that... ;-) Maybe I'll try some more "interesting" languages later. ```
 Irrelevant (none / 0) (#13) by megacz on Sat Apr 29, 2000 at 02:08:23 PM EST

 It's irrelevant. The export regulation doesn't say "you can export human-language crypto" -- it says "you can't export computer-readable crypto". If you've found a way to let computers read human-language descriptions, all you've done is make those descriptions illegal. Search pricewatch, streetprices, and others all at once with lowerbound.org (now with discussions!)
 Plain language cryptography | 13 comments (13 topical, 0 editorial, 0 hidden)
 Display: Threaded Minimal Nested Flat Flat Unthreaded Sort: Unrated, then Highest Highest Rated First Lowest Rated First Ignore Ratings Newest First Oldest First