Perfect Encryption - Old Style!
We can all fire up a copy of TrueCrypt to keep our files safe, and we think nothing of using SSL to protect a data exchange with a web server, but that all needs computers to be useful.
If you need to securely send information to a friend without the help of computers, you can get all old-school. Modern computers were invented to break codes, but you can send 100 percent uncrackable messages relatively quickly and easily by hand - and it is so satisfying to your geeky side, too.
"But why would we bother? Isn't this all just history now?" The exact scheme I present is still believed to be very much in use by spies the world over, via "number stations" (search YouTube for some great, spooky examples) which at fixed times of the day will read a list of digits in disembodied voices over the airwaves to whomever is listening. And somewhere, somebody is listening, copying them down, and decoding these messages by hand. Emails leave trails, and indeed we know Gmail "reads" every word of your emails, but even though the world can hear the secure conversation, without knowing the encoding system, it is meaningless.
So, to encrypt and decrypt a message securely, we need to share a secret method with whomever we are messaging.
First, we convert our alphanumeric message into numbers, then we use a separate list of numbers known only to whoever is sending and receiving the message to encode and decode it. To be mathematically unbreakable, each number list must only be used once. We call it a "one-time pad," literally a pad of digits in random order with only two identical copies, used one time only - burn after use!
Turning letters into numbers is the first stage.
Of course, you can use A = 01, B = 02, Z = 26, etc., but it is not optimal. There is a clever system known as the "straddling checkerboard" which can be much more efficient by using the single digits for the most common eight letters of a language (and, of course, each language is different!).
In English, the common letters "AEINORST" are assigned to single digits, but "AEINORST" is not very memorable... "ESTONIA-R" or my preferred "AT ONE SIR" are much more memorable.
I will use "AT ONE SIR" below, and you will see how economical the "straddling checkerboard" can be!
0 1 2 3 4 5 6 7 8 9 A T - O N E - S I R 2 B C D F G H J K L M 6 P Q U V W X Y Z . #
As you can see, "AT ONE SIR" makes up the top line, but we use the spaces (for 2 and 6) as shift characters for the less common letters (we then just fill in the leftovers alphabetically).
The word hacker becomes: 25 0 21 27 5 9
The word computer becomes: 21 3 29 60 62 1 5 9
You don't need the spaces except for readability, of course, so computer hacker encodes to 21329 60621 59250 21275 9.
This isn't secure yet, but is already probably enough to get you past the casual observer. It is a fancy cipher, but a straight substitution cipher nonetheless. To decrypt it, you just make a checkerboard using AT ONE SIR as the top line (so nice and easy to remember and recreate wherever you are) and wherever you see a 2 or 6, you know to shift the next digit to the appropriate line to decipher.
There is a "." character (68) which you can use as a general purpose essential punctuation character, or use as a further shift character to a line of punctuation if you so desire. Frankly, if you're doing this by hand on security grounds, you are not going to care about punctuation too much - the message is what is important!
There is also a "#" escape character for numbers. To make sure they are unambiguous, numeric digits are repeated three times over, so 2600 enciphers as 69222 66600 00006 9.
As mentioned before, this is a cipher, not encrypted yet - that's the bit where it gets uncrackable!
Now you need a one time pad to encrypt with (make sure your friend has the same pad!).
All this is is a key - a list of random digits (for convenience usually grouped into five at a time). Do not trust your computer to give you truly random digits; computers use pseudo-random lists (which are entirely predictable if you know the "seed"). If you want random, get a set of five 10-sided dice from a games shop in different colors, throw them, and always write them down in the same color order to prevent human bias!
It will look something like:
51187 69890 33159 87236 25955 46669 93434 84219 41645 05561 76643 90072 56544 74326 49439 58703
...and be very boring to make!
Make lots of these sheets into a pad with removable/disposable sheets so you never use the same one twice. This is important, as reuse dramatically reduces the security of the message - using a new sheet each time is mathematically 100 percent secure and unbreakable. You need a copy to encrypt with and one to decrypt with, so only give copies of your pad to those who need it.
Now for the encryption stage - and we use (nice and simple) arithmetic to encrypt one digit at a time from our message.
But it is important to know that we do not "carry," so 7 + 7 becomes 4 (i.e., 7 + 7 = 14 - we just want the "4"), and 2 - 8 becomes 4 (as you can't subtract 8 from 2, we use "12" instead, so 12 - 8 = 4).
Practice this bit - it is important to get right!
Let's encode computer hacker using the key 51187 69890 33159 87236 25955 (first page of the pad above).
From above, computer hacker is 21329 60621 59250 21275 90000 (padded with zeroes), so we encrypt:
Plain Text: 21329 60621 59250 21275 90000 Key: 51187 69890 33159 87236 25955 - (minus) ----------------------------- Encrypted: 70242 01831 26101 44049 75155
So this is the (encrypted) message we send to our friend.
We can send it any which way: email, telephone, pigeon, or very publicly as with the number stations.
Your friend then adds the correct key back to the encrypted text, the exact opposite procedure:
Encrypted: 70242 01831 26101 44049 75155 Key: 51187 69890 33159 87236 25955 + (plus) ----------------------------- Plain Text: 21329 60621 59250 21275 90000
And using AT ONE SIR:
21/3/29/60/62/1/5/9/25/0/21/27/5/9 C /O/M /P /U /T/E/R/H /A/C /K /E/R
The encrypted text can be shouted from the treetops (or played on shortwave radio all around the world, of course!).
Without the right key, it is not just meaningless, but instead contains every message. If an interceptor thinks the key is 90715 81423 97109 85037 30025, for instance:
Encrypted: 70242 01831 26101 44049 75155 Key: 90715 81423 97109 85037 30025 + (plus) ----------------------------- Plain Text: 60957 82254 13200 29076 05170
And using AT ONE SIR:
60/9/5/7/8/22/5/4/1/3/20/0/29/0/7/60/5/1/7 P /R/E/S/I/D /E/N/T/O/B /A/M /A/S/P /E/T/S
Without a copy of your one-time pad, it is absolutely unbreakable.
Not just "difficult to break" but actually unbreakable. Of course, for ad-hoc secure communication you have to share the initial keys, and this is what SSL/HTTPS does: uses asymmetric encryption (difficult to break) to swap a one-time key.
This is why SSL is not actually secure, just very hard to break, and so, as computers get more powerful, it becomes less secure. For absolute security, create and distribute pads manually and securely. This is exactly how messages are securely sent to field operatives the world over!
Just for completeness, a number station will also read out the ID of the target operative so they will know to get ready to copy down a message meant for them, and may also read the first five digits of the page in the code pad to be used.
So, in the above, they would start the message as 51187, then use 69890 onwards to encrypt the message.
If you're using this system a lot, you may choose to do likewise. Number stations will read out each group of five digits twice as shortwave radio drops out a lot - try searching YouTube for JK7e02o7xy4 and you will hear an example where midstream someone tries to jam the signal. Or ymhqL1MQwfE is a Chinese number station (again with allied jamming to try to spoil the message!). This may be "old school," but it is still very much alive and relevant to our world today!
If you can't be bothered to get the dice and hand-make a pair of pads, www.fourmilab.ch/onetime/otpjs.html can make them for you - not as secure as making your own, but waaaaaaaaay better than reusing a key twice, and about as good as a computer can make it!
So imagine I had gotten this below key to you securely somehow...
47830 09292 31816 12605 45535 13930 73567 64251 62139 98344 10752 47795 56600 63437 94255 32654
Here's a chance to try your brand new old-school decryption skills:
23455 08372 67345 24327 81135 97170 96728 57346 08995 60992 53970 41580 76525 24673