Cryptography - Tumblr Posts
Psychedelic Cryptography
California-based nonprofit group called Qualia Research Institute has awarded cash prizes to artists who made videos encoded with hidden messages that can be most easily deciphered by a person who is tripping on psychedelic substances, such as LSD, ayahuasca, or psilocybin mushrooms.
man, sometimes i get so bored i write in morse code just to have something to do
sometimes i get so bored, instead of using dots and dashes, i just use binary.
1010000010111010001000101110001011101010001011101010001110101110111000001110100010001000111010100000101010001110111011100011101110001000111000101010100010100011101000111011101000001110001110111011100000111010100011101110111
••//•-•/•/•-/•-••/•-••/-•--//-•/•/•/-••//•••/---/--/•/-/••••/••/-•/--•//-/---//-••/---
(Let / be letter separator, // be word separator)
maybe i should morse the morse. instead of doing "•-" for "A", what if I did "-••/---/-//-••/•-/•••/••••" for "dot dash", which is "A"?
meta morse?
can i go further?
Years and years ago, I read a book on cryptography that I picked up because it looked interesting--and it was!
But there was a side anecdote in there that stayed with me for more general purposes.
The author was describing a cryptography class that they had taken back in college where the professor was demonstrating the process of "reversibility", which is a principle that most codes depend on. Specifically, it should be easy to encode, and very hard to decode without the key--it is hard to reverse the process.
So he had an example code that he used for his class to demonstrate this, a variation on the Book Code, where the encoded text would be a series of phone numbers.
The key to the code was that phone books are sorted alphabetically, so you could encode the text easily--picking phone numbers from the appropriate alphabetical sections to use ahead of time would be easy. But since phone books were sorted alphabetically, not numerically, it would be nearly impossible to reverse the code without exhaustively searching the phone book for each string of numbers and seeing what name it was tied to.
Nowadays, defeating this would be child's play, given computerized databases, but back in the 80s and 90s, this would have been a good code... at least, until one of the students raised their hand and asked, "Why not just call the phone numbers and ask who lives there?"
The professor apparently was dumbfounded.
He had never considered that question. As a result, his cipher, which seemed to be nearly unbreakable to him, had such an obvious flaw, because he was the sort of person who could never coldcall someone to ask that sort of thing!
In the crypto book, the author went on to use this story as an example of why security systems should not be tested by the designer (because of course the security system is ready for everything they thought of, by definition), but for me, as a writer, it stuck with me for a different reason.
It's worth talking out your story plot with other people just to see if there's a "Why not just call the phone numbers?" obvious plot hole that you've missed, because of your singular perspective as a person. Especially if you're writing the sort of plot where you have people trying to outsmart each other.
can I get the short version of the more credible theories of the Voynich Manuscript?
The most likely explanation, to me and quite a few others who know far more about it than I, is that it’s in a language that died out. Imagine the guy who made the Cherokee syllabary, and then a few books were written in it, and then… a war happened, or a famine. The Cherokee had to flee somewhere and died out, or inter-married into another group and lost their individual cultural identity. Then someone finds one of those books. Some think it’s a cipher, but cryptanalysis will always fail to find the answer. Some think it’s in a language like Spanish, or English, they will always fail too. Eventually someone may try some Native American language that has commonalities with Cherokee and they may get somewhere.
So, the most likely scenario is that someone created a writing system for a European language, in the 16th century, for a small ethnic group that became the victims of war, plague, famine, or had to flee and become refugees or simply died out. Perhaps that language remains somewhere, and no one has tried to apply it to the Voynich yet. Perhaps it’s died out completely, or changed so much and we don’t know what the Old version of that language was like 500 years ago, but if it was, say a Germanic language, or related in some way to a surviving language, we may figure out some of the manuscript due to similarities.
I’ll just give you the short version of why Bax and Rugg are very likely wrong in their theories. Bax believes he knows what the name of some of the plants in the herbal section are, and so he says, ‘If you assign these letters or syllables to these symbols, it spells out the name of these plants in,“ and I forget what language he thinks it’s in. But anyway, the problem is that when he applies those values to those same symbols elsewhere, he gets no new information. If it were just a simple substitution, or a plain language, then applying values to a dozen or more symbols, as he has, in a book so large, should surely result in at least one readable word somewhere else. The only way it couldn’t is if it’s in a cipher that is more advanced than simple substitution, in which case, why are the names in the herbal section not also in that cipher?
Rugg proposes a theory to explain how the Voynich is a fake, a generated text meant to create a book to scam Rudolph II out of 600 ducats. It was meant to look impressive, but the person obviously just wants the money so they don’t want to write a real book. They’re thieves, they don’t want to work for a living, they want something cooked up quick to get some money, then disappear with it. The problem is that the Voynich is not a randomly generated text. We have tests for that. There are language like relationships in how the words fit together. Some letters are very likely to be used at the start of words, and rarer in the middle or end. Some letters, like our Q and U, appear together often. There are some problems, like a shortage of repitition in phrases, but it’s clearly not someone just sitting and picking letters at random.
So, Rugg has to come up with a way that it could be faked, but still generate all of these relationships. And he does that, if you take a grill with squares cut out, and from a table of possible letters or short combos, you roll some dice and look them up on the table, then write that combo in the book, you’ll get a randomly generated text, that has some relationships, especially if there are several tables so you get those first and last letter frequencies that are above the mean average.
The problem though, is why would the lazy thieves come up with this troublesome and complicated system, to thwart a cryptanalytical technique that wasn’t discovered until 200 years after they would have died? It’s like if I made a claim about a cipher today, and hundreds of years from now some cryptographer living on Venus, with her personal quantum computer, found statistical evidence that the cipher was what I said it was. And a future Rugg came along and proposed some elaborate scheme by which I would have spent months rolling dice and looking at charts, to craft a fake PGP email, in order to pass an analytical test that I couldn’t possibly have predicted would exist someday.
I mean, Rugg proposes that it took four months to make the Voynich with his system, but I’m sure it probably would have taken that long if it was just copied straight from another book, little less having to roll dice and look up the results on a chart upward of…. I can’t find how many characters there are, but there were 272 pages in the book, and some of the pages without illustrations are quite packed with characters. So at a guess we’d be talking about 10′s of thousands of dice rolls. Seriously, the repetitive stress injuries alone would probably preclude it from consideration by any thieves attempting it. Especially since they could just scribble any old thing they wanted and pass it off to Rudolph II, because like I said, at that time no one could analyze a text to determine if the frequencies indicated it was just random. So long as they kept to a limited amount of characters and repeated them fairly often, no one at the time could have possible detected it was a fake.
The Witches’ Alphabet, also known as the Theban Alphabet, has long been used by practitioners of sorcery to encode their writings. The oldest surviving book containing the Theban Alphabet is Johannes Trithemius’ Polygraphia, c.1518. This exerpt explains how Trithemius learned of the alphabet from a pre-existing book on magick, now lost to time, which he attributes to Peter d'Abano:
“Sequitur aliud alphabetum Honorii cognomento Thebani, cuius ministerio suas in magicis fatuitates abscondit, sicut Petrus de Apono testatur in suo maiore libro quarto.“
Here follows another alphabet of Honorius surnamed the Theban, and the use thereof is for hiding the foolishness of his magic, as Petrus de Abano testifies in his greater fourth book.
I MAY HAVE BEEN A LIL TOO HORNY OVER BILL PULLMAN'S CHARACTER ON INDEPENDENCE DAY (1996)...
I may have done something just to fulfill my fantasy (and hopefully yours too!), and I'm sorry in advance! 😭
Ever wanted to save the world while juggling the affections of a trio of powerful figures? Welcome to The Ultimate Conspiracy! 🎉
Step into the shoes of a cryptography whiz who’s just been thrust into a high-stakes game of political intrigue. You'll need to crack unbreakable codes, stop a catastrophic conspiracy, and navigate the complicated affections of the President, the Vice President, and the Director of the CIA.
It’s a rollercoaster of decisions where every choice could be the difference between national disaster and a steamy romance. Because who says saving the world can’t come with a side of drama and heart-throbbing tension?
Dive in and let’s unravel this mess together!
Please tell me your thoughts on this because I’ve already written the prologue and set the tone for the story. This will be my first time writing for an audience, so please know that I am OPEN to every single comment, criticism, and suggestion. I’m eager to hear what you think and how I can improve. Thanks a ton for taking the time to read and provide feedback!
Here's the link for the AO3: https://archiveofourown.org/works/58525693/chapters/149098852
ALSO, by the time you see this, there might be some updates already, but please feel free to comment or do whatever you want <3
EDIT: CHAPTER 2 OUT NOW!!
HEY LOVES I JUST RELEASED CHAPTER 5 GO GO READ IT NOW OMGGG
I MAY HAVE BEEN A LIL TOO HORNY OVER BILL PULLMAN'S CHARACTER ON INDEPENDENCE DAY (1996)...
I may have done something just to fulfill my fantasy (and hopefully yours too!), and I'm sorry in advance! 😭
Ever wanted to save the world while juggling the affections of a trio of powerful figures? Welcome to The Ultimate Conspiracy! 🎉
Step into the shoes of a cryptography whiz who’s just been thrust into a high-stakes game of political intrigue. You'll need to crack unbreakable codes, stop a catastrophic conspiracy, and navigate the complicated affections of the President, the Vice President, and the Director of the CIA.
It’s a rollercoaster of decisions where every choice could be the difference between national disaster and a steamy romance. Because who says saving the world can’t come with a side of drama and heart-throbbing tension?
Dive in and let’s unravel this mess together!
Please tell me your thoughts on this because I’ve already written the prologue and set the tone for the story. This will be my first time writing for an audience, so please know that I am OPEN to every single comment, criticism, and suggestion. I’m eager to hear what you think and how I can improve. Thanks a ton for taking the time to read and provide feedback!
Here's the link for the AO3: https://archiveofourown.org/works/58525693/chapters/149098852
ALSO, by the time you see this, there might be some updates already, but please feel free to comment or do whatever you want <3
EDIT: CHAPTER 2 OUT NOW!!
YALL JUST RELEASED CHAPTER 6!!! I CANT WAIT FOR YOU TO READ IT AAAAAA!!
I MAY HAVE BEEN A LIL TOO HORNY OVER BILL PULLMAN'S CHARACTER ON INDEPENDENCE DAY (1996)...
I may have done something just to fulfill my fantasy (and hopefully yours too!), and I'm sorry in advance! 😭
Ever wanted to save the world while juggling the affections of a trio of powerful figures? Welcome to The Ultimate Conspiracy! 🎉
Step into the shoes of a cryptography whiz who’s just been thrust into a high-stakes game of political intrigue. You'll need to crack unbreakable codes, stop a catastrophic conspiracy, and navigate the complicated affections of the President, the Vice President, and the Director of the CIA.
It’s a rollercoaster of decisions where every choice could be the difference between national disaster and a steamy romance. Because who says saving the world can’t come with a side of drama and heart-throbbing tension?
Dive in and let’s unravel this mess together!
Please tell me your thoughts on this because I’ve already written the prologue and set the tone for the story. This will be my first time writing for an audience, so please know that I am OPEN to every single comment, criticism, and suggestion. I’m eager to hear what you think and how I can improve. Thanks a ton for taking the time to read and provide feedback!
Here's the link for the AO3: https://archiveofourown.org/works/58525693/chapters/149098852
ALSO, by the time you see this, there might be some updates already, but please feel free to comment or do whatever you want <3
EDIT: CHAPTER 2 OUT NOW!!
CHAPTER 7 IS OUT NOWWWW!!! MEETING THE VP ALREADY AHHHHHH AND SOMEONE GETTING A BIT JEALOUS MWAHAHAH
I MAY HAVE BEEN A LIL TOO HORNY OVER BILL PULLMAN'S CHARACTER ON INDEPENDENCE DAY (1996)...
I may have done something just to fulfill my fantasy (and hopefully yours too!), and I'm sorry in advance! 😭
Ever wanted to save the world while juggling the affections of a trio of powerful figures? Welcome to The Ultimate Conspiracy! 🎉
Step into the shoes of a cryptography whiz who’s just been thrust into a high-stakes game of political intrigue. You'll need to crack unbreakable codes, stop a catastrophic conspiracy, and navigate the complicated affections of the President, the Vice President, and the Director of the CIA.
It’s a rollercoaster of decisions where every choice could be the difference between national disaster and a steamy romance. Because who says saving the world can’t come with a side of drama and heart-throbbing tension?
Dive in and let’s unravel this mess together!
Please tell me your thoughts on this because I’ve already written the prologue and set the tone for the story. This will be my first time writing for an audience, so please know that I am OPEN to every single comment, criticism, and suggestion. I’m eager to hear what you think and how I can improve. Thanks a ton for taking the time to read and provide feedback!
Here's the link for the AO3: https://archiveofourown.org/works/58525693/chapters/149098852
ALSO, by the time you see this, there might be some updates already, but please feel free to comment or do whatever you want <3
EDIT: CHAPTER 2 OUT NOW!!
Honestly I have nothing to add. This is just 100% correct and well explained.
Why Not Write Cryptography
I learned Python in high school in 2003. This was unusual at the time. We were part of a pilot project, testing new teaching materials. The official syllabus still expected us to use PASCAL. In order to satisfy the requirements, we had to learn PASCAL too, after Python. I don't know if PASCAL is still standard.
Some of the early Python programming lessons focused on cryptography. We didn't really learn anything about cryptography itself then, it was all just toy problems to demonstrate basic programming concepts like loops and recursion. Beginners can easily implement some old, outdated ciphers like Caesar, Vigenère, arbitrary 26-letter substitutions, transpositions, and so on.
The Vigenère cipher will be important. It goes like this: First, in order to work with letters, we assign numbers from 0 to 25 to the 26 letters of the alphabet, so A is 0, B is 1, C is 2 and so on. In the programs we wrote, we had to strip out all punctuation and spaces, write everything in uppercase and use the standard transliteration rules for Ä, Ö, Ü, and ß. That's just the encoding part. Now comes the encryption part. For every letter in the plain text, we add the next letter from the key, modulo 26, round robin style. The key is repeated after we get tot he end. Encrypting "HELLOWORLD" with the key "ABC" yields ["H"+"A", "E"+"B", "L"+"C", "L"+"A", "O"+"B", "W"+"C", "O"+"A", "R"+"B", "L"+"C", "D"+"A"], or "HFNLPYOLND". If this short example didn't click for you, you can look it up on Wikipedia and blame me for explaining it badly.
Then our teacher left in the middle of the school year, and a different one took over. He was unfamiliar with encryption algorithms. He took us through some of the exercises about breaking the Caesar cipher with statistics. Then he proclaimed, based on some back-of-the-envelope calculations, that a Vigenère cipher with a long enough key, with the length unknown to the attacker, is "basically uncrackable". You can't brute-force a 20-letter key, and there are no significant statistical patterns.
I told him this wasn't true. If you re-use a Vigenère key, it's like re-using a one time pad key. At the time I just had read the first chapters of Bruce Schneier's "Applied Cryptography", and some pop history books about cold war spy stuff. I knew about the problem with re-using a one-time pad. A one time pad is the same as if your Vigenère key is as long as the message, so there is no way to make any inferences from one letter of the encrypted message to another letter of the plain text. This is mathematically proven to be completely uncrackable, as long as you use the key only one time, hence the name. Re-use of one-time pads actually happened during the cold war. Spy agencies communicated through number stations and one-time pads, but at some point, the Soviets either killed some of their cryptographers in a purge, or they messed up their book-keeping, and they re-used some of their keys. The Americans could decrypt the messages.
Here is how: If you have message $A$ and message $B$, and you re-use the key $K$, then an attacker can take the encrypted messages $A+K$ and $B+K$, and subtract them. That creates $(A+K) - (B+K) = A - B + K - K = A - B$. If you re-use a one-time pad, the attacker can just filter the key out and calculate the difference between two plaintexts.
My teacher didn't know that. He had done a quick back-of-the-envelope calculation about the time it would take to brute-force a 20 letter key, and the likelihood of accidentally arriving at something that would resemble the distribution of letters in the German language. In his mind, a 20 letter key or longer was impossible to crack. At the time, I wouldn't have known how to calculate that probability.
When I challenged his assertion that it would be "uncrackable", he created two messages that were written in German, and pasted them into the program we had been using in class, with a randomly generated key of undisclosed length. He gave me the encrypted output.
Instead of brute-forcing keys, I decided to apply what I knew about re-using one time pads. I wrote a program that takes some of the most common German words, and added them to sections of $(A-B)$. If a word was equal to a section of $B$, then this would generate a section of $A$. Then I used a large spellchecking dictionary to see if the section of $A$ generated by guessing a section of $B$ contained any valid German words. If yes, it would print the guessed word in $B$, the section of $A$, and the corresponding section of the key. There was only a little bit of key material that was common to multiple results, but that was enough to establish how long they key was. From there, I modified my program so that I could interactively try to guess words and it would decrypt the rest of the text based on my guess. The messages were two articles from the local newspaper.
When I showed the decrypted messages to my teacher the next week, got annoyed, and accused me of cheating. Had I installed a keylogger on his machine? Had I rigged his encryption program to leak key material? Had I exploited the old Python random number generator that isn't really random enough for cryptography (but good enough for games and simulations)?
Then I explained my approach. My teacher insisted that this solution didn't count, because it relied on guessing words. It would never have worked on random numeric data. I was just lucky that the messages were written in a language I speak. I could have cheated by using a search engine to find the newspaper articles on the web.
Now the lesson you should take away from this is not that I am smart and teachers are sore losers.
Lesson one: Everybody can build an encryption scheme or security system that he himself can't defeat. That doesn't mean others can't defeat it. You can also create an secret alphabet to protect your teenage diary from your kid sister. It's not practical to use that as an encryption scheme for banking. Something that works for your diary will in all likelihood be inappropriate for online banking, never mind state secrets. You never know if a teenage diary won't be stolen by a determined thief who thinks it holds the secret to a Bitcoin wallet passphrase, or if someone is re-using his banking password in your online game.
Lesson two: When you build a security system, you often accidentally design around an "intended attack". If you build a lock to be especially pick-proof, a burglar can still kick in the door, or break a window. Or maybe a new variation of the old "slide a piece of paper under the door and push the key through" trick works. Non-security experts are especially susceptible to this. Experts in one domain are often blind to attacks/exploits that make use of a different domain. It's like the physicist who saw a magic show and thought it must be powerful magnets at work, when it was actually invisible ropes.
Lesson three: Sometimes a real world problem is a great toy problem, but the easy and didactic toy solution is a really bad real world solution. Encryption was a fun way to teach programming, not a good way to teach encryption. There are many problems like that, like 3D rendering, Chess AI, and neural networks, where the real-world solution is not just more sophisticated than the toy solution, but a completely different architecture with completely different data structures. My own interactive codebreaking program did not work like modern approaches works either.
Lesson four: Don't roll your own cryptography. Don't even implement a known encryption algorithm. Use a cryptography library. Chances are you are not Bruce Schneier or Dan J Bernstein. It's harder than you thought. Unless you are doing a toy programming project to teach programming, it's not a good idea. If you don't take this advice to heart, a teenager with something to prove, somebody much less knowledgeable but with more time on his hands, might cause you trouble.
40 Cryptograms (2006) - Mark Applebaum