For the past 5 months I have been playing around with pen and paper low tech, old style cryptography, encoding for a few scavenger hunts, treasure hunt and escape room type games in the real world. I also made a kids game using these and the kids where extremely enthousiast, unfortunately, they where not able to finish it due to time constraints (we began the game too late into the party). As well as for the alternate reality game I’m working on.
This led me to ask myself and experimented with ways to make these ciphers:
- Faster to encrypt characters
- Easier to use
- more secure than the mere existing classical cryptography
I know, this is what everyone wants. So I set out to *build my own low technology pen and paper cryptography cipher
In a variety of situations when using pen and paper when it’s best to avoid using technology. EIther for fun or for real communications.
I experimented with many of them.. liked the concept of LC4 as it’s pretty strong, but slow. For some time I settled to choosing a combination of Vigenere and Polybius (discussed in the article). However, as I tried different combinations I ended up o creating my own low technology pen and paper cipher .
LC4 - Elise Four experiments
There are a few recent algorithsms such as LC4 (elsieFour) which is a low tech authenticated encryption algorithm for human to human communication . The idea is extremely simple and you can do both encryption, decryption and authentication all via a 6x6 There are a few extensions to it as LC47 (7x7 grid).
The basic idea is that you take the numbers from 0 to 9, but use # for 0 and _ for 1. To avoid confusion between O and Zero and 1 and L or I. Then you can either use basic mathematics with modulo or division OR just print them out plastify the characters.
The key is actually the arrangement of the 6x6 grid which you can do randomly and in a variety of ways… And you do a few permutations and movements based on the numbers on the letters, which you can find out by just counting from 0 to 35 and arranging 0 to 9 A to Z and using modulo for the right hand number, and the divisor for the number on bottom.
This has a plethora of benefits as it becomes immune to monoalphabetic, polyalphabetic and a variety of cryptanalysis attacks based on letter frequency and many other cryptanalysis attacks on almost all the old pre world war 2 ciphers.
There are a few side effects and downsided so using LC4
- The full encryption/decryption phase with key setup will take anywhere from 30 seconds to 90 seconds per letter so it;s pretty slow.
- if you make any mistake during encryption/decryption you need to begin doing it again and the ciphertext/plaintext will be jibberish.
Point 2 in itself is also a strong point, meaning no one can change the text, because this is a stream cipher, meaning that the keyword/grid gets changed with the plaintext, any chnage to it will result in the rest of the text being gibberish, so this is both a good and a bad point as you can think of it as a built in protection.
This can be used when communication channels ARE broken, you don’t trust technology or the tecnology used has been compromised, and/or you are actually being surveilled. Even if someone where to look at what you are doing from a distance, they would have no idea what you are doing unless they’re actually watching you with a camera directly.
Using a nonce
Using a nonce of at least 6 characters is highly advised so that the ciphertext is further encrypted.
Authentication
Authentiction can be done as a 10 letter string you agree upon which you may add at the end. Due to the fact if anything changes
Vigenere + Polybius
A much more faster approach would be to instead use Vigenere with a strong long OTP (one time password) and a polybius square of 6x6 (36) or 7x7 (49) various characters including all letters and numbers + a few extra characters
Of course, transferring the OTP between parties is difficult so a way of choosing said password must be agreed upon and rotation based on day of week.
As for the vigenere alphabet, you can either use the 26 characters standard one, or extend it with extra characters and numbers making it longer. Ex 40 chars to include numbers, _ # ! and @ (or other chars)
The polybius square SHOULD also be scrambled and contain the keyword.
Encryption and Dectyption
Choosing your keys
Choose a very long OTP or keyword. You can rely on a book both you and the receiver have and can define an algorithm on when to rotate keys. A good idea would be to rotate them on a daily basis. Ex, say you both have the same book, if the book is longer than 365 pages , you can choose a page number and use the words from that page as your OTP. Transmitting the number prepended to the ciphertext.
Choose another keyword for your 6x6 square AND discuss with your counterpart. It’s best that each of you has his/her own square with unique key, this will thwart attacks even more. Using letters,numbers or combinations thereof. Make it easy to reconstruct the square by knowing that you can write the keyword in any combination, zig zag, left to right, top to bottom or as a spiral to any/from any direction. This gives you many more variations AND you can potentially rotate this one as well.
Discouraged, but can be used, encrypt the key again using a simple cipher and store it somewhere in case you forget.
Encryption
- Encrypt the plaintext with the vigenere square/OTP.
- encrypt the ciphertext with the polybious
- Transfer the ciphertext
Decryption
- Decrypt ciphertext with polybius
- Decrypt ciphertext with vigenere
This proves to be faster than other solutions.
Examples of square keys
You may choose a long passphrase/keyword which you then deduplicate the letters and input it in the square. You can also use a rectangle 6x7 9x5. You may also use the frequency of letters for your language and put them in the first 2 rows and give those rows multiple numbers,letters to make digraph/frequency cryptanalysis slower. However, if you use vigenere + polybious it’s going to become more diffused anyway.
Square 1: The ‘Alphabetical’ 6x6 Grid
Rows and columns are labeled with letters. The alphabet (A-Z) and numbers (0-9) are scrambled inside.
This will result in you using 2 letters instead of numbers for the ciphertext.
| G | H | I | J | K | L | |
|---|---|---|---|---|---|---|
| A | P | M | C | W | 7 | B |
| B | R | S | A | 1 | D | X |
| C | T | 0 | 4 | E | Z | F |
| D | 5 | K | N | 2 | Y | 9 |
| E | H | L | U | V | Q | 3 |
| F | 8 | I | 6 | O | J | G |
Square 2: Common Letters 6x6 Grid
Rows and columns are labeled with the most common letters, alphabetically sorted. The alphabet and numbers are scrambled inside.
This can be fun to throw anyone off guard by giving them.. well… the most used letters by frequency in your language.
| A | E | I | N | O | R | |
|---|---|---|---|---|---|---|
| S | Z | W | 8 | C | M | Y |
| T | G | J | 2 | F | V | 0 |
| U | P | B | 6 | 9 | H | 1 |
| A | K | X | Q | 3 | L | 7 |
| E | 4 | 5 | D | S | N | R |
| I | O | T | U | I | E | A |
Square 3: The ‘Numeric-Alpha’ 6x6 Grid
Rows and columns are labeled 1-6. The alphabet and numbers are scrambled inside.
| 1 | 2 | 3 | 4 | 5 | 6 | |
|---|---|---|---|---|---|---|
| 1 | Z | P | 8 | J | G | 1 |
| 2 | K | Y | Q | W | 9 | B |
| 3 | 2 | V | 5 | 0 | M | 3 |
| 4 | D | X | 6 | T | S | I |
| 5 | R | E | N | 4 | H | F |
| 6 | O | L | C | U | A | 7 |
My own Cipher
As stated, I began working on my own pen and paper low tech cipher which is described in it’s own article.
DISCLAIMER: If you require really good encryption use AES 256.