Cory Doctorow asked Bruce Schneier to give him a hand designing wedding rings. Not an obvious combination until you realise these are crypto rings...
There are two great discussions going on over at both blogs. Cory has asked his crowd to help design a cipher for his crypto wedding rings. While Bruce simply said Contest: Cory Doctorow's Cipher Wheel Rings.
The discussion on both posts is worth reading. A mixture of things popping up about the similarity between the three rings and the Enigma machine as well as comments about Jefferson's Wheel Cipher.
Like most things Cory does (or says) there's an element of the slightly bizarre. The prize, a not to be sniffed-at signed copy of Little Brother.
The full set of photos are on Cory's Flickr account, tagged weddingring.
Comparisons with the Enigma machine, I suspect, are bogus. While there is a visual similarity with the Enigma's wheels the Enigma's cipher was implemented in the electronics within the machine. The letters on the rotors simply enabling the correct starting positions to be selected. The Enigma machines perform a substitution cipher, but with the additional complexity that the substitution pattern changes for each letter through the message. I don't see a way to do that with these rings. There may be rotor ciphers that could be implemented - I don't know.
Jefferson's cipher is a much closer match, a fully manual system consisting of 26 wheels with the alphabet scrambled differently on each one. Similar to the Enigma machine, sender and receiver had to have the order of the wheels synchronised and each letter would use a different substitution scheme, though Jefferson's not as thorough as the Enigma.
As the rings cannot be altered and the alphabet is in order on all three wheels, any attempt that results in one character of cipher text for each character of plain text will be a simple substitution cipher. While it may take several complex steps to arrive at the cipher character it will only take an attacker one step to go back.
So, if you're thinking about this problem seriously there are some things you have to decide on first...
- Is the ring considered secret or not?
This is isn't an unreasonable assumption (putting aside that the details have been published online). It's not that long ago that messages were transferred in plain text relying only on the emperor's seal - made in wax with a ring only he carried.
- Can you include another secret?
There are suggestions on the blogs of using most recent blog posts, first pages of known books and other items as keys to drive the cipher. This then involves taking the character from the key and the character from the plaintext and some form of mathematical computation (shifting rings up or down, finding the next dot above or below, that kind of thing) to arrive at the cipher text character.
- Is the algorithm secret?
Knowing Bruce's views on secrecy and security, even suggesting it is pure heresy. Considering the ring to be secret may be part of this, or may not. Some of the ideas I've had fall outside being encryption and really fall into the realm of a 'secret encoding'. But hey, something has to be secret and if it can't be the ring, or the key, the maybe it has to be the algorithm.
Then, of course, you have to decide what to do with the rings. Any Cryptographic algorithm fulfils one of four basic purposes:
- Symmetric Encryption
These algorithms use the same key to encrypt and decrypt the text. They may use a single algorithm, like ROT13, or they may use a matched pair of algorithms, like many other substitution ciphers.
- Asymmetric Encryption
These algorithms use one key to encrypt and another to decrypt. The keys in this case are paired and are usually termed public and private keys. Typically you would use the recipients public key to encrypt and they would use their own private key to decrypt.
- Non-Decryptable Hashes
Used mostly for storing passwords (I can't think of another use), these algorithms enable you to reliably convert plain text into a hash with little possibility of reversing the process. For passwords this means you store the hash of the password, then compare the hashed version of any sign-in attempt with the stored hash.
Signing means adding some kind of addendum to the message that confirms you wrote it. Again this is done using public/private key pairs. You use your private key to create a hashed version of the message which others can then verify using your public key.
As well as thinking about all of that good stuff it might be worth looking for clues in the design of the rings. Bruce must have had something in mind when designing the rings.
Here are the obvious things to notice:
- All three rings feature the alphabet _in order_.
- The dot patterns are not random.
- The dot pattern follow a 1, 2, 3 pattern.
- The dot pattern is not unique (it repeats) when looking across the three rings.
- The S across three rings, looking at the dots above, makes dot, dot, dot while the O across the dots on top is three blanks (dash, dash, dash?) this made me go look at Morse Code again.
Yep, that's all I spotted :-(
I'll be chatting with a coupe of colleagues to see if we can put our heads together and also watching to see what the winner comes up with.
Interesting ideas - I've been thinking about the use of the rings as a signing mechanism rather than encryption. Signing is a far more prevalent problem in communication than encryption - it gives you three things...
- confidence in the knowing the sender
- confidence the message hasn't been edited
- confidence the message was not sent under duress
I think this is really interesting - I've read several books on the topic of cryptography, and I think thinking about the rings as being public keys in a public/private key encryption might be one method - but I'm guessing that this might be a bit heavy for messages that otherwise would be left on the fridge! Another Idea might be to use a combination of a substition cipher and the spartan scytale (http://courses.gdeyoung.com/pages.php?cdx=168) using something like a pencil, biro, lipstick as the dowel.