The solitaire encryption algorithm (1999)

kragen · on Dec 11, 2012

It's been 13 years. Has there been any cryptoanalysis? I can't tell if the problem Paul Crowley found in http://www.ciphergoth.org/crypto/solitaire/ is sufficient to sink it.

gchpaco · on Dec 11, 2012

A biased RNG for a stream cipher is very difficult to recover from.

kragen · on Dec 12, 2012

What's the effect in practice? I don't know shit about cryptanalysis.

gchpaco · on Dec 12, 2012

Unless the data is random (which is to say the additional layer of crypto is probably not buying you much) you can do e.g. frequency analysis on the output of the cipher. If you have a reasonable sized corpus (given how biased the PRNG is, probably a few thousand characters is overkill) you can probably break it effortlessly.

BMarkmann · on Dec 11, 2012

Cryptonomicon is a great book, btw. It was definitely the one that got me heavily into Neal Stephenson.

http://en.wikipedia.org/wiki/Cryptonomicon

crikli · on Dec 11, 2012

I hadn't known that Bruce Schneier created Pontifex for the book as I didn't know who he was back in the 90's. Kinda neat to circle back to an old favorite and learn that someone with whom you've become familiar since the last read contributed a key plot point.

B-Con · on Dec 11, 2012

I remember writing the bulk of the Wikipedia article[1] on this cipher back in my late teens when I was getting into crypto. Checking back, it's been heavily edited, but it retains the bulk of the original structure and all of the original example that I used. Kinda neat.

[1]: http://en.wikipedia.org/wiki/Solitaire_%28cipher%29

krakensden · on Dec 11, 2012

I remember reading Cryptonomicon in high school, and being fascinated and terrified by the Perl implementation of this in the book. It was a perfectly rectangular, quarter page quote, with no spaces and a terrifying proliferation of sigils.

sesqu · on Dec 11, 2012

  #!/usr/bin/perl -s
  $f=$d?-1:1;$D=pack('C*',33..86);$p=shift;
  $p=~y/a-z/A-Z/;$U='$D=~s/(.*)U$/U$1/;
  $D=~s/U(.)/$1U/;';($V=$U)=~s/U/V/g;
  $p=~s/[A-Z]/$k=ord($&)-64,&e/eg;$k=0;
  while(<>){y/a-z/A-Z/;y/A-Z//dc;$o.=$_}$o.='X'
  while length ($o)%5&&!$d;
  $o=~s/./chr(($f*&e+ord($&)-13)%26+65)/eg;
  $o=~s/X*$// if $d;$o=~s/.{5}/$& /g;
  print"$o\n";sub v{$v=ord(substr($D,$_[0]))-32;
  $v>53?53:$v}
  sub w{$D=~s/(.{$_[0]})(.*)(.)/$2$1$3/}
  sub e{eval"$U$V$V";$D=~s/(.*)([UV].*[UV])(.*)/$3$2$1/;
  &w(&v(53));$k?(&w($k)):($c=&v(&v(0)),$c>52?&e:$c)}

jsomers · on Dec 11, 2012

Here's a little Ruby implementation I wrote a while back: https://github.com/jsomers/solitaire. I hope it's correct...

michael_michael · on Dec 11, 2012

Neat. Creating a Ruby implementation of the solitaire cipher was also problem #1 in the Ruby Quiz: http://www.rubyquiz.com/quiz1.html

daniel-cussen · on Dec 12, 2012

I bought a set of Dungeons and Dragons dice (the set that has dice ranging from 4 to 20 faces) and coded up a Lisp program that turned a roll of 5 of these dice (approx. 16.4 bits of information) into 16 bits (sometimes you have to re-roll). With four rolls I have enough data to seed Lisp's 64-bit PRNG, which was my goal. After all, I use (random x) a whole lot.

http://dcussen.posterous.com/my-first-toy-in-lisp-was-random...

laumars · on Dec 11, 2012

This sounds a lot like OTP (One Time Pads) which is more than 100 years old and was even used, with great success, during WWII.

http://en.wikipedia.org/wiki/One-time_pad

opminion · on Dec 11, 2012

It's a Stream Cipher, which is an approximation [1] of a One Time Pad, which allows the key to be much shorter than the plaintext.

The hardest part is how to generate the pad from the key.

[1] http://en.wikipedia.org/wiki/Stream_cipher#Loose_inspiration...

dllthomas · on Dec 11, 2012

I'd love to see another pass at this. I've frequently got a deck of cards on me, and a 225 bit key isn't bad for a symmetric algorithm; the question is how to extract it smoothly and easily...

dav · on Dec 11, 2012

Manchurian Candidate!