Bruce Schneier, who wrote the Solitaire algorithm (called Pontifex in Cryptonomicon) has an excellent page describing how and why it works: http://www.counterpane.com/solitaire.html One of the cool things about it is that it's designed to use playing cards, so you can have students encrypt and decrypt messages with cards, getting a tactile feel for encryption, then implement the code. There's python code up on the site, too, though they make no claims about its reliability: http://www.counterpane.com/pysol.zip Anyway, it's much more realistic from an encryption point of view, without being much more complicated than a clubhouse algorithm. Win-win. --Dethe edu-sig-request@python.org wrote:
Send Edu-sig mailing list submissions to edu-sig@python.org
To subscribe or unsubscribe via the World Wide Web, visit http://www.python.org/mailman/listinfo/edu-sig or, via email, send a message with subject or body 'help' to edu-sig-request@python.org
You can reach the person managing the list at edu-sig-admin@python.org
When replying, please edit your Subject line so it is more specific than "Re: Contents of Edu-sig digest..."
Today's Topics:
1. Re: Cryptonomicon (Kirby Urner)
--__--__--
Message: 1 Date: Sat, 25 Nov 2000 10:09:40 -0800 To: edu-sig@python.org From: Kirby Urner <pdx4d@teleport.com> Subject: Re: [Edu-sig] Cryptonomicon
I've added some links to my Python-based http://www.inetarena.com/~pdx4d/ocn/clubhouse.html including to an URL where Windows users can download GUI simulators of Enigma machines.
The Sale essay on deciphering the Enigma mentions how "no letter my encipher to itself" was actually a weakness of the German system, along with its bidirectionality, i.e. if A enciphered to J, then J enciphered to A.
The difference between simple random substitution ala my clubhouse code algorithm (which allows self-substitution) and something like Enigma, is the latter changes the substitution key with each press of a letter (in the Enigma using a complicate system of rotors which, like a car odometer, knocked successive wheels one notch with each complete revolution of the one before).
Here's some example plaintext and corresponding ciphertext, from one of the Enigma simulators:
Input (note 5-letter chunking):
AQUIC KBROW NFOXJ UMPED OVERT HELAZ YDOGW WWWWW WWWWW WWWWW WWWWW WWWWW WWWWW WWWWW WW
Output (note how repeated Ws in the input nevertheless enciphers to different letters below):
UVWFP ALDFF FMNML SHZLI GTMXM CISQU EIYED FJORN OMNRA CZVXL MRBAO JRGRO ZKCAJ NMMLP AO
Also in the news: an Enigma machine stolen from the Bletchy Park museum was recently recovered, along with the internal rotors (found separately, according to newspaper accounts).
Another link shows contains some scans of Turing's original typed manuscript re the Enigma, plus there's a virtual tour of Bletchy Park -- all very reinforcing of the storyline developed by Neal Stephenson's 'Cryptonomicon', the novel which originally inspired me to launch this thread.
It's be high feasible to write an Enigma simulator in Python of course, including with a GUI front end. But in accordance with my "cave painting" analogy, I think what's important from a pedagogical point of view is, on first pass, to give just the flavor, the essential gist, and then move on to linked topics (e.g. digital circuit design and the evolution of computing hardware).
Kirby
--__--__--
_______________________________________________ Edu-sig mailing list Edu-sig@python.org http://www.python.org/mailman/listinfo/edu-sig
End of Edu-sig Digest
Anyway, it's much more realistic from an encryption point of view, without being much more complicated than a clubhouse algorithm. Win-win.
--Dethe
RE: SOLITAIRE I think it's quite a bit more complicated than the clubhouse algorithm, but highly relevant and useful in any case. I'll be adding a link specific to that Solitaire page from my http://www.inetarena.com/~pdx4d/ocn/clubhouse.html as it's so tied-in the the 'Cryptonomicon' thread. Thanks for pointing this out. It'd be a fun project for a student to verify the Python implementation of Solitaire against the test vectors provided (test vectors show, for example, what ciphertext you should get out, using what key and plaintext as inputs). As I recall from the novel, the Perl version makes heavy use of regular expressions. Probably the Python version is written the same way (I haven't looked at it yet). If the tests fail for any reason, then the verification job could turn into a debugging job. RE: BLOWFISH Speaking of complicated, state-of-the-art algorithms, I've just finished running the test vectors (successfully) for my pure Python implementation of the Blowfish encryption algorithm. I haven't written anything about it yet, but the code itself is at: http://www.inetarena.com/~pdx4d/ocn/python/blowfish.html http://www.inetarena.com/~pdx4d/ocn/python/blowfish.py (that's a color-coded .html version for readability, web-linking, plus a .py version for downloading to run, as per my usual practice). A.M. Kuchling has done the sophisticated implementation of Blowfish for Python, available via http://web.homeport.org/~adam/crypto/python.phtml -- plus he's sharing lots more algorithms besides Blowfish, and implementing them for speed, by extending Python's modules using C. What I'm doing is helping students learn the algorithm in a way that assumes familiarity with Python, but not necessarily with C -- i.e. my implementation is more for pedagogical purposes than for providing industrial-grade code for a production environment. It provides a good excuse to play around with bits and bytes, which in turn reinforces the groundwork for a lot of "math through programming" topics. Blowfish is one of this bit-flipper mix-masters which churns away at a huge haystack of array values, initialized by default to the hexadecimal digits of PI. Your pin (which can be from 32 to 448 bits, in 32-bit increments), gets churned into that haystack (by way of 521 encryption operations) and effectively lost (so don't forget it). This pin-initialized haystack then encyphers your plaintext in 64-bit blocks, losing it too -- and yet by simply reversing the 16+ pre-defined encyphering operations, the plaintext is faithfully recovered -- provided, of course, said haystack is first initialized using the same pin. Kirby
It'd be a fun project for a student to verify the Python implementation of Solitaire against the test vectors provided (test vectors show, for example, what ciphertext you should get out, using what key and plaintext as inputs).
Of course Mordy Ovits has provided his own test vectors and verification routines for his implementation of Solitaire, so this fun project has already been done -- I shoulda realized.
As I recall from the novel, the Perl version makes heavy use of regular expressions. Probably the Python version is written the same way (I haven't looked at it yet).
It's not -- no regular expressions at all. Solitaire in Python therefore seems far less cryptic to me than the Perl implementation -- but that's not surprising, as I'm no Perl guru.
From Solitaire.py:
# NOTE: the Solitaire encryption algorithm is strong cryptography. # That means the security it affords is based on the secrecy of the # key rather than secrecy of the algorithm itself. That also means # that this program and programs derived from it may be treated as # a munition for the purpose of export regulation in the United States # and other countries. You are encouraged to seek competent legal # counsel before distributing copies of this program. Fun fun! Kirby
participants (2)
-
Dethe Elza -
Kirby Urner