Anybody else on L19 into cryptography?

[Linokai]

I've been obsessed with crypto ever since I was a kid, maybe 8 or 9. (Well, at least the pen-and-paper kind. I've never been a fan of programmed ciphers like AES, RC4, etc, because I can't actually see them working, and I'm not good enough with math to really figure out how they work.) Anyway, recently I was tinkering around with some ideas and came up with a scheme that I think would be really difficult to crack. If any of y'all are into this kinda thing, maybe you'll find it interesting. (*Disclaimer: I didn't come up with the idea from scratch. I just took existing schemes and combined/added to them.)

Gridlock Cipher (2 Versions):

I. Terms:
(In case anyone doesn't already know these terms...)
PLAINTEXT - Initial un-encrypted message
CIPHERTEXT - Encrypted message
KEYSTREAM - A psuedo-random string of characters that is used to encrypt the plaintext

II. Setup:
There are 2 sets of characters used: One set arranged in a grid,
and the other set in a stack of cards.
The cards can be made out of blank playing cards or construction paper, etc.
The grid pieces can be made out of slips of paper, wooden tiles, poker chips, etc.
Each grid piece has a single character on it.
Each card has a character and a number value on it. (see section IV)

III. Character Lists:
Version 1:
8x5 Grid, 40 Cards
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
0 1 2 3 4 5 6 7 8 9
. ? # *

Version 2:
8x8 Grid, 64 Cards
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
0 1 2 3 4 5 6 7 8 9
. ! ? , ' " : ; + - = _ ( ) [ ] < > / \ ^ & % $ @ ~ # *

(In the plaintext, # is used to indicate spaces.)

IV. Number Values:
Version 1:
A=1 B=2 C=3 D=4 E=5 F=6 G=7 H=8 I=9 J=10
K=11 L=12 M=13 N=14 O=15 P=16 Q=17 R=18 S=19 T=20
U=1 V=2 W=3 X=4 Y=5 Z=6 0=7 1=8 2=9 3=10
4=11 5=12 6=13 7=14 8=15 9=16 .=17 ?=18 #=19 *=20

Version 2:
A=1 B=2 C=3 D=4 E=5 F=6 G=7 H=8 I=9 J=10
K=11 L=12 M=13 N=14 O=15 P=16 Q=17 R=18 S=19 T=20
U=21 V=22 W=23 X=24 Y=25 Z=26 0=27 1=28 2=29 3=30
4=31 5=32 6=1 7=2 8=3 9=4 .=5 !=6 ?=7 ,=8 '=9 "=10
:=11 ;=12 +=13 -=14 ==15 _=16 (=17 )=18 [=19 ]=20
<=21 >=22 /=23 \=24 ^=25 &=26 %=27 $=28 @=29 ~=30
#=31 *=32

V. Encryption Process:
1) In the stack of cards, move the top card to the bottom of the stack.

2) Whatever the number value of the next card is,
take that many cards off the top, reverse their order,
and move them to the bottom.
The card that is now the top card is the Keystream character for that round.*

3) Find the Keystream character and the Asterisk (*) in the grid.
Take note of how many spaces in the grid it takes
to move from the asterisk to the Keystream character.
(ie., 3 spaces left & 1 space up, etc.)**

4) Find the Plaintext character in the grid and move the same amount of spaces
indicated in step 3, starting on the Plaintext character.
The character you stop at is the Ciphertext character.**

----Writes down Ciphertext character----

5) The Plaintext character and the Ciphertext character swap places in the grid.***

6) The Keystream character and the asterisk swap places in the grid.***

* If the Keystream character is an asterisk,
then the Plaintext character equals itself in the Ciphertext,
and no swaps are made on the grid.

** The edges of the grid loop around.
(ie., If you're on the bottom row and move 1 space down, you loop around to the top, etc.)

*** If the ciphertext character is an asterisk, it gets moved twice.
If the Plaintext character and the Keystream character are the same character,
it gets moved twice.
Because of this, it is important that the 2 swaps are done in the correct order.
That's why I put them in two different steps...

To decrypt the Ciphertext, follow the exact same steps, but in step 3,
instead of moving from the asterisk to the Keystream character,
move from the Keystream character to the asterisk (same moves in the opposite direction), then apply that to the Ciphertext character in step 4 to get the Plaintext character.

Obviously, for security's sake, you want to start with the grid and the card order scrambled. There are many ways this can be done via a passphrase....

Questions? Comments? Insults?

[Ellyster]

I'm into crypto too. I will take a look if I get some free time (recently I'm too busy with my PhD).

What I can do right now, is recommend you this two free courses from Stanford:
https://www.coursera.org/course/crypto
https://www.coursera.org/course/crypto2

It requires some basic math, and some programming (optional). After that class you will have strong tools to prove if your crypto system is secure, and under what asumptions.

And even post your protocol for feedback in the forums where there are lot of profesionals and enthusiasts.

[Mike Novack]

What to look up.

This is equivalent to other methods of encryption using a pseudo-random sequence so you will want to look at how those are cracked.

[DrStraw]

I don't know anything about cryptography, but there is a professor in our department who teaches it and has written books on it. If I remember, and get the chance, I'll ask his opinion.

[SmoothOper]

I am kind of into cryptography. My understanding is that any system of cryptography is maximally as good as your keystream. IE how many bits does it take to encode the seed to your pseudo random number generator, since publicly available permutation algorithms can be reverse engineered, though I have often thought that if you had a hidden or obscure algorithm, that would be more difficult to break, though the number of bits necessary to encode the algorithm itself might not be that large.

[RBerenguel]

The description reminded me vaguely of the DES (the old "data encryption standard", supperceded in the last years by AES, which is similar) method of "moving around stuff and doing lots of things to it".

I'm not specially into cryptography, but being a mathematician you get exposed to some. I took an undergrad course where we learnt about most "mathey" cyphers (so DES wasn't included.) I used the programming assignment to code a FFT and use it to do convolutions of integers in large bases, so I could multiply incredibly big numbers. Maths are fun.

[Mike Novack]

Depends on how you look at it, though.

In one sense (the one you were probably thinking) DES isn't "mathy". But in another way, it is just a function.

Cryptextblock = F(plaintextblock,key) where the F is the function defined by the behavior of DES.

One of the books I lost in the fire was Shamir's "Differential Cryptanalysis" where he demonstrates this technique to attack DES.

I also have toyed with crypto ides. Mainly with "private key" systems that allowed violation of the rule of thumb "quick to set up" (but were quick to encode once set up) along the lines of Lucfier-DES (S boxes and scatter bits between those rounds) except ones in which every bit of the key would be used to define every S box (think of one defining function unique to that S box). Yes the S boxes are still "known" in one sense, but what is happening here is the key being used as a selector function to select the S-box from a very large set (as opposed to Lucifer, one bit of the key from 2 possible S boxes, easily cracked, or DES, several bits of the key but still a small set of possible S boxes).

[RBerenguel]

Depends on how you look at it, though.

In one sense (the one you were probably thinking) DES isn't "mathy". But in another way, it is just a function.

Cryptextblock = F(plaintextblock,key) where the F is the function defined by the behavior of DES.

One of the books I lost in the fire was Shamir's "Differential Cryptanalysis" where he demonstrates this technique to attack DES.

I also have toyed with crypto ides. Mainly with "private key" systems that allowed violation of the rule of thumb "quick to set up" (but were quick to encode once set up) along the lines of Lucfier-DES (S boxes and scatter bits between those rounds) except ones in which every bit of the key would be used to define every S box (think of one defining function unique to that S box). Yes the S boxes are still "known" in one sense, but what is happening here is the key being used as a selector function to select the S-box from a very large set (as opposed to Lucifer, one bit of the key from 2 possible S boxes, easily cracked, or DES, several bits of the key but still a small set of possible S boxes).

Of course, DES is just a function. The "mathyness" is because the course focused on group theory, factorisation and other stuff somewhat closer to RSA, for instance. But creating private key systems seems tough, as the DES shows. Finding a backdoor is like... "how!?"

[mbv]

I'm into crypto too. I will take a look if I get some free time (recently I'm too busy with my PhD).

What I can do right now, is recommend you this two free courses from Stanford:
https://www.coursera.org/course/crypto
https://www.coursera.org/course/crypto2

It requires some basic math, and some programming (optional). After that class you will have strong tools to prove if your crypto system is secure, and under what asumptions.

And even post your protocol for feedback in the forums where there are lot of profesionals and enthusiasts.

Hey, thanks for posting those links. Cryptography interests me and I may take that first course. I keep meaning to try one of these online courses and I think I'll start with this:
https://www.coursera.org/course/otherearths