[Cryptography] Feedback welcome on an idea
iang at iang.org
Thu Sep 3 14:25:14 EDT 2015
On 3/09/2015 04:10 am, Grant Schultz wrote:
> I have written up an idea (abstract below) for a high-security
> symmetric-key cipher allowing for manual decryption, i.e., without
> requiring a computer. What distinguishes it is the ability to encrypt
> multiple messages in the same ciphertext. If caught, one can reveal a
> decoy message instead of the real one. Encryption does require a
> computer however, which limits its applicability to a very few situations.
> Having said that, it was an enjoyable exercise. If any are curious and
> would like to see the full PDF and comment on it, just let me know a
> good place to send/post it.
> Thanks in advance.
> G. Schultz
> Abstract: With key logging trojans and other malware in the wild, and
> operating systems being too complex to protect against government
> surveillance, it is necessary to have high-security ciphers which can be
> used without the aid of a computer. Some proposals in this area include
> Solitaire  and Handycipher . The cipher described here further
> explores this space by introducing deniability.
There are two problems with deniability that I'm aware of:
One is the OTR ("off-the-record" a protocol for Jabber) trap in which
there is some conceptual claim that because a message can be changed,
you can claim it is therefore "not yours". This actually makes your
position worse if ever you needed to deny something, so don't do that.
The second is K6, or the need to be able to operate the thing under
stress. Kerckhoffs was writing about soldiers using pen & paper ciphers
so he was trying to make the process easy. If it wasn't easy, they
would just write the messages in the clear, which is what you do when
someone is shooting at you or even when the officer is shouting at you.
In the narrower context of deniability, it doesn't work if the method,
or initiation of it, won't work under stress. If you have to remember
to do it, you're in trouble - humans don't remember well under stress.
The general principle here is that a good security mechanism is like a
seatbelt - it's there if used continuously, it's useless if you have to
remember to put it on as you see the accident coming.
More information about the cryptography