ฝัง
- เผยแพร่เมื่อ 14 มิ.ย. 2024
- Why there is always a safe place for PEOPLE to communicate.
P.S. (please read before commenting)...
1. Yes, this is just a "one time pad", and using each key only once is crucial.
2. Yes, this is uncrackable. Without the key you cannot get the message. Brute force does not work as it gives all possible messages and does not say which is the one being sent.
3. Yes, random numbers do exist, but for this a pair of dice is more than adequate.
The ever-present problem of key exchange. Apart from that, and it complexity, this is a pretty sound cipher. Thank you for posting.
One of the best explanations on youtube! (GOV take notice!)
the way the gov does it is much more secure
Interesting video. I recall being taught 'pen and paper' encryption methods back when I was in the cub scouts in the late 1990s.
this is the best otp demonstration ive seen.
You are inadvertently advising THEM to ban paper, pens or pencils, and dice ;( ! THEY would love to do that!
Addressing your "P.S. 3. Yes, random numbers do exist, but for this a pair of dice is more than adequate." A single die would be more than adequate and less prone to confusion with your method of key generation. If they didn't listen close they might miss the point of rolling one die at a time and just roll a pair and pick their own combo. I like the idea of using a black and a white die so you can roll both, pick say black first every time for the row and white for the column and maintain randomness. Credit © Dirk Rijmenants page.
Nice video. I actually came up with a very similar system that omitted the 0 and stuck with 1-9. Another trick to make things much easier: you don't actually need that giant addition table. Just leave your key as numbers instead of converting to characters (this saves effort), and make a 6x6 addition table of just numbers (you can do this in 1 minute by hand). Then to encrypt, convert your plaintext letter to 2 digits (using your 6x6 alphabet table), and encrypt each digit individually using the next two digits from the key. Then after encryption you can use your 6x6 alphabet table to convert to characters if you like.
This saves a lot of effort, and also means you can easily generate your tables by hand. All you need is pen, paper, dice, and a couple of minutes to sketch out two 6x6 tables. Cheers!
Covfefe :)
LOL, what were the chances of landing up with COVFEFE
@@gorebrush - It was intentional.
It's a Vigenère cipher with an OTP. One of my favorite ways to use the OTP.
Wonderfully clear, though I'm sure our politicians will still find some way to obfuscate these simple truths.
A great video mate, very informative 🕵🏻
Great video, thank you!
For fun, try encrypting your otp with your otp using your otp as the message. Do you see what you get? I've wrote a program that does this, quite interesting. I can send multiple pads using steganography, but I need to send a secure password to open the steg pic. Without using DHKE or RSA. The character set is also a random character set :-) Capture random mouse moves for your random set.
Awesome video.
Thanks for explaining it so clearly. Is there a way to hide the * in the extra bit of the message (the unused key), as this is a giveaway that it isn't part of the encoded message (since * and anything is anything)?
It is not a give away, sorry. It is not different to any other part of the message as the key is random. Indeed, if you make a special case, such as "no character can encode as itself" (a mistake in the Enigma machine, I believe) you actually make it easier to crack.
Well explained (although a rule might be useful with the table :) ) Alas, the govt will probably attempt to band 50% of the alphabet to stop those pesky cyphers from working, as just like the magic money tree, there is no magical clue tree either ;)
It's a nice system. I would suggest to buy two set of colored dice. For example, the red would be for the horizontal row and the green for the vertical. That way, you could avoid the human bias of starting with your favorite number.
I would also suggest to buy a set of dice of each color because you can draw randomly your green dice and your red dice from opaque bag. It would randomize the dice production defect that can create a bias.
7:20 Covfefe?!?!
Wow, subliminal messages!!! Trump is behind this madness!
Weird, someone commented, I have the email, but don't see the comment. Great comment, but my only comment is that AFAIK computers *are* actually up to making proper random numbers now. They are not simply pseudo random generators but many processors are built with TRNG hardware. So using a computer is less of an issue in terms of randomness, but still an issue in terms of security of the key itself.
Could you post the worksheets you use please?
Wonderful little video, this deserves so many more views! Unbelievable that ordinary people like us understand these simple things, yet actual members of government who are expected to be wise do not! Literally a random person off the street or TH-cam might be more intelligent and educated, than an actual lawmaker who is deciding the fate of an entire nation. It's simply unreal.
I think you are overlooking something. The government only needs to make encryption inconvenient enough that most people don't bother. If few people are using encryption, the ones who are tend to stand out a bit. That gives the government special targets for their surveillance. All the while, officials play dumb so that interested people think they can't understand.
Remember, if it is significantly more difficult than turning a key in a lock, most people aren't going to do it. And this method is definitely more difficult than turning a key in a lock.
2020 America hey how are you gorg
Now can you change it so you can use a public and private key just like regular encryption? That would be cool to see done with pen & paper as well. So you just need to know the peer's public key and never share the private key,
Yes
I've encrypted a message for Google/TH-cam, and, hidden it inside an impenetrable jumble of text GGGGGGGetBentWankersGGGGGGG!
It’s taken me 3 months to crack your encrypted message is it :
🖕
He should probably not even be using a computer and printer if anything it should all be written by hand or done with a typewriter.
Suggestion for generating code word, use an online password generator and post the result to notepad. Then make one or two random alterations of your own
I agree
*C O V F E F E*
Is a dice random enough? Couldn't a dice have biases that make the code crackable?
As long as it's a mathematically fair die, weighted equally, etc., it would. We can't get perfect randomness because the conditions of physics like how much force we put into throwing the die, the material it's landing on, how fast it's spinning, etc. is deterministic. The probabilistic part of it is that the person's hands can't be predicted.
Can this be cracked of someone gets ahold of half of the key?
Maybe, if they have some idea what the message says.
Intuitive guesses are known as "cribs" in code-breaking parlance!
Is this not just a one time pad? Good method non the less.
Yes, it is a one time pad.
You intentionally used “Covfefe?”
Really, wow, I didn't notice :-)
@@TheRealRevK that was good. Thanks so much for sharing this.
One Time Pad made easy. ENCRYPT: ((messagecharactervalue + otpcharactervalue) - 1 ) mod charactersetlength DECRYPT: ((encryptcharactervalue - onetimepadcharactervalue) -+1 ) mod charactersetlength
how to generate the calculator sheet please?
Write your alphabet, then on the next row right it one shifted over, then the next line two shifted over, and so on.
@@TheRealRevK Many thanks, will give it a go, best to be prepared
I just posted my ideas on this comment thread about using a Polybius Square cipher with a seven by seven grid, that incorporates randomness with thirteen nulls, and using six dice marked with twenty-six letters & ten numerals. It is in response to the response to my first comment here.
God I hate making sloppy run on sentences :-Z
I don't see how that is in any way compatible with a one-time pad to be honest.
@@TheRealRevK Now that you mention it, it isn't :-(
@@TheRealRevK And not competitive either :-Z
So a 6/6-Time Pad
one-time pad
@@TheRealRevK 6/6 = 1 ;)
@@aethrya OK, yes, but I am just not sure how 6 is relevant to how many times the pad is used, that is all. If it is a joke, then sorry, it went over my head.
@@TheRealRevK haha I am just using a play on words while also referencing the dice idea. The 6/6 is for 6 x and 6 y notations in the square. It's just a silly joke because it is a one time pad (essentially) but "6/6-Time Pad" is the same as "1-Time Pad" :)
@@aethrya OK, the went right past me, sorry, LOL.
While I do enjoy these videos, I think there is some misconception here. The government does not actually want to ban the use of encryption. It wants to introduce enough effort into the process that most end users won't bother. If sending an end-to-end encrypted message is as easy as hitting "Send", everyone will do it. But then government won't know whom to target as a possible dissident.
Covfefe anyone?
this is a great method, but it could in fact be decoded by the NSA if they sicked a supercomputer on it for a minute or two
Sorry, but no it cannot. The whole point is that every possible string of characters is equally likely and possible depending on the key, and no way to tell you have the right key. Without the secret key the message cannot be decoded no matter how much computing power you throw at it. That’s the point.
So its basically a pybilius cypher nice and he talks about random numbers nothing in the universe is random we think there random example 938510fte7375497utd seems to be random but there not more random than 123 or ABC just to get that out of the way . All pencil and paper have some thing in common there can be broken white brude force method of the salmon algorithms ( jonze salmon polish mathematician 1911-1963)
In a nutshell: if you ad a un even to a other un even number or letter it always becomes even 3and 5 =8 (c and e) the same is true for adding two even numbers. Salmon pointed out to the polish army in 1938 that there simple cypher was flawed in that if you ad a un even number to a even number it always becomes un even dus a tool to decode a secret message example: a and b = c = uneven so atleast one of the letters must be uneven there are 13 even and 13 uneven letters in the western alphabet so there are only 26 possible ways to incode
ABBA PLAINTEXT KEYS = DEFAB CYPHER TEXT = EGHB E= UNEVEN SO THE KEY MOST BE EVEN SO
E MINUS Y( 25 ) DO THE LIST G IS UNEVEN SO THE PLAINTEXT LETTER MOST EVEN DO THE LIST NEXT WE GOT H IS EVEN SO CAN USE THE LIST HOWEVER WE KNOW THAT THERE ARE ONLY 26 WAYS TO MAKE THIS HAPPEN.
SO SALMON CAME UP WITH HIS OWN PENCIL AND PAPER CYPHER XPKVLO
EXAMPLE PLAINTEXT " GO TO SAFEHOUSE " HE SCRAMBLES A ALPHABET USING BOOK THIS IS NOT USED AS A KEY BUT AS A DECOY NEXT HE SCRAMBLED UP THE PLAINTEXT
USING XPKVLO NOW HE TAKES HALF OF THE BOOK TEXT AND INTEGRATES IT IN TO THE SCRAMBLED PLAINTEXT USING THE OTHER HALF TO ENCRYPT THE NEW " PLAINTEXT " USING MODULAR CALCULATIONS OF A PRIME NUMBER IN THIS CASE 17 BY DOING SO THE MOD 26 OR 36 NO LONGER IS A WEAKNESS AND THE ADDITIONAL LETTERS OFFER MORE SECURITY THIS WAS USED BY THE POLISH AUTHORITIES UNTIL LATE 1978 IT WAS ONLY BROKEN IN 2007 BY A SUPERCOMPUTER AFTER SIX WEEKS OF NO STOP CALCULATING. THE ORIGINAL TEXT WAS 189 CHARACTERS LONG AND REVEALED A 104 CHARACTER PLAINTEXT .......SICK STRONG CYPHER
There are, of course, many sources of true randomness such as radioactive decay and thermal noise, but a pair of dice is sufficiently unpredictable for a cypher. Your description looks like re-use of keys, which indeed you must not do. A one time pad cannot be cracked by brute force or any other method that does not involve getting the key that was used. Brute force with a one time pad simply provides all possible messages but does not say which is the one sent. This is uncrackable. Read up on one time pad perhaps.
Junk Junky still slightly missing the point. This is not about number of combinations. Imagine if only two letters, you can try all 1296 possible keys quickly and you get all 1296 possible messages and no way to know which of those is the actual message if you don’t have the key. It is therefore uncrackable.
This is a Vigenere Cipher - those were broken all the time during the last American Civil War
No, it is a one time pad, and cannot be cracked without the key. There is an equally possible key for every possible decoded message, with no way to know which key was actually used. That's the point. There is no way to crack this other than getting the actual key no matter how much computing power you have.
@@TheRealRevK I see --- and you create a truly random number with just a role of the dice?
Got a proposal for you- make a business of selling polybius square cipher sheets with a 7 × 7 grid resulting spaces(coordinates) for 26 letters 10 numerals and 13 nulls. The nulls are created by using two intersecting lines of 7 squares each. The nulls are chosen RANDOMLY for blank spaces. Use six dice marked with the 26 letters 10 numerals for a total of 36 character long keyword to create a RANDOM scramble pattern on the grid.
Finally, the sheets are to be made of water soluble paper.
Now hows that for hard encryption?
@@JohnSmith-eo5sp I do think I explain that dice are likely sufficiently random not to be an issue, but that a proper random source is better. Also the exact size of the alphabet used is not really important and you can quite happily make a bigger alphabet if you want. Even so, I am not sure what you are suggesting - sounds like one sheet for scrambling that applies the same to ever character in the message, or are you suggesting one sheet per letter in the message, which seems rather excessive. A single sheet to scramble all letters in one message is not a one time pad and falls foul of various techniques to decode the message. Maybe you can explain more what you are suggesting?
@@TheRealRevK I am suggesting is the equivalent to a soft encryption cipher that can be made harder using extra elements like shifting the coordinate set, etc. This is by no means as hard as your one time pad. More a meat and potatoes cipher. Easy to make by amateurs, or just a hobby
sorry - but your design is even more flawed than enigma: its just poly-alphabetical caeser cipher with one-time-pad-alike key (or better: your key in this example is just longer than the message) - and there're several algorithms out there to crack it
also: you still have the issue of securely exchange the key
and - most important: you rely on security by obscurity - bad idea
uncrackable? NOPE - easy to do and to parallelize - perfect for GPUs and ASICs
so - what made the enigma weak? yes, one point you said: enigma prevented a character to be encrypted into itself, but what was even worse: the short and give structure of the messages in the first place - your one-time pad only works when the message doesn't follow a known structure
sorry - but you failed at your homework as this is no way secure but only unreadable
also: you should had used plain 0 instead of any special character as this special character already gives itself away "hey, i have a special meaning"
I can only assume you did not watch the video properly as everything you have said, aside from the challenge of exchange keys in the first place, is wrong, sorry. I do explain that exchanging keys and keeping them secret is important.
It is a one-time-pad (not "one-time-pad-alike") and a one-time-pad cannot be decrypted without knowing the key as every possible plain text has an equally probably key. There are no algorithms to crack a one-time-pad, no matter how much computing power you have.
The key is a fixed length (I suggest 160 characters), longer than the message, to hide the message length, obviously.
And there is no "security by obscurity" whatsoever as the algorithm is published (look, a youtube video!).
@@TheRealRevK DERP - you obvious don't have enough knowledge of cryptography
the base flaw you don't understand is not you are using a one-time-pad approach (and in this scenario it can only be called as an one-time-pad-ALIKE-attempt) but using a simple poly-alphabetic caesar cipher - for wich there in fact are algorithms to break it (it's simply running a plain caesar cipher crack n-times where n is the number of alphabets - in your case 36 - no challenge for a modern GPU)
the possible useful meanings are based on context - wich was also one of the reasons enigma was cracked as it was taken advantage of fixed structure of daily weather reports - if you know about what the message is it's easy to sort out the messages not fitting in - and all the garbage is just taken care of by dictonary
accept it: it's flawed - you tried to roll your own crypto and failed pretty hard - end of story
@@TheRealRevK in addition you still rely on security by obscurity as you rely on noone knows that its a poly-alphabetical caesar with random key - wich is weak in itself
also: what's the usecase? everyone having access to a printer will have access to way more powerfull security - and those who don't have no usecase for it - imagine an inmate would use this - it would break security by obscurity as your "math sheet" no matter how scrambled when found would give away the algorithm - and if an inmate tried to communicate with outside world additional ways to encode/hide the encrypted message in some non suspicous code as one or two random strings would raise any alarm by those you check anything going out or come in
so - aside from crypto flawed theres no use case
i rather would rely one standard proven algorithms like a-symmetric key exchange and strong streamciphers - basically S/MIME
@@cryptearth It is a one time pad - the random key is used ONCE for ONE message and then destroyed.
It cannot be cracked as every plain text has an equally likely key. There is no oracle to tell you if you have found the key so even a brute force check of every possible key (36^160) does not crack the coding. There are 36^160 keys giving 36^160 equally likely plain texts. There is no algorithm to crack a one time pad like this.
Let's make it really simple, let's make it a single letter message and a single letter key.
Heres the encoded message: Q
How do you decode that without the key?
There are 36 different keys and they give 36 different answers - which is the right one?
All are equally probably.
If you think one letter somehow makes it harder, try 5: JOYERD
That could decode to HELLO with one key
It could decode to FUCK* with another key
It could decode to KHFQL with another key
All keys are equally likely and you don't know which was used (once).
If you think there is an algorithm to decode a one time pad, provide a reference!
@@cryptearth It is not security by obscurity as I have PUBLISHED the exact algorithm by way of this video!
It is a one time pad that cannot be cracked.
The use case, as made clear in the video, is to demonstrate to politicians that have no clue about cryptography (and others) that it is possible to send totally secret messages that cannot be cracked without the aid of a computer or software provider or service provider or messaging provider (all of which may be subject to some legislation) using maths that is no more complex that addition and subtraction. To demonstrate the total futility of trying to legislate against the use of encryption. In practice it is not something one would do unless you had no other option, and, of course, there are many good ways to do encryption with your own software and no service providers. This video takes that to the extreme to make a point.