The Linearly Conjugated Double Random Matrix Bifid Disrupted Incomplete Columnar Transposition...

RAMBDICTFL

The Linearly Conjugated Double Random Matrix Bifid Disrupted Incomplete Columnar Transposition Cipher

With Frequency Leveling

As a tool for encrypting low security data for communication and archival purposes.

by Wolfgang Hammersmith

[email protected]

Copyright (c) 2013 by the author. 19 October 2013

Executive Summary The Linearly Conjugated Double Random Matrix Bifid Disrupted Incomplete Columnar Transposition Cipher with Frequency Leveling, or RAMBDICT, is a hand-operated cipher derived by compiling powerful, preexisting hand ciphers into connected sequential stages representing a substitution, a transposition, a null extension, and a final substitution to produce a four-stage cipher that resists substantive computer analysis. The random keys for this system can be produced by any of several means of creating cryptographically acceptable random vectors. While it is classed as breakable, RAMBDICT is designed to obviate standard analyses compelling a brute-force attack that yields a large number of near-equally probable intelligible messages, providing unsubstantial results. This cipher accepts nonlinguistic codes and is designed to encrypt non-critical, low-sensitivity data at rest or in motion using a limited plaintext character set. This description is complex, but the cipher is actually much easier to operate than reading descriptions of its process.

THE RAMBDICT CIPHER 2

Copyright (c) 2013 by Wolfgang Hammersmith, all rights reserved.

Abstract The One-Time Pad Cipher, in its pure form with modern implementation either as a program or hand-operated, stands as the primary tool for encrypting high-risk data that must be kept secure. However, there still remains a significant need for robust pencil-and-paper encryption processes.

The purpose of revisiting the well-known Conjugated Matrix Bifid Cipher is to strengthen this hand-operated cipher for encrypting lower-risk data by further disassociating, through sequential randomized stages of substitution, null injection, transposition, and a final substitution, the numeric characters of the intermediate ciphertext than is performed by the classic Bifid alone, thus bringing the final ciphertext nearer the goal of unsubstantial analysis by causing all possible intelligible plaintexts derived from analysis to have an approximately equal probability.

While the One-Time Pad Cipher uses a random key to produce ciphertext that exhibits a degree of entropy (randomness) equal to that present within its non-repeating, single-use key, RAMBDICT uses Key Isolation Methodology1 and Frequency Leveling2 with extreme intermediate ciphertext element disassociation provided by a Disrupted Incomplete Columnar Transposition to achieve a similar goal.

These sequential stages utilize a unique one-time random key set per message that disperses the individual numeric elements of the intermediate ciphertext in a way that cannot be attacked with reasonable expectation of success except by brute-force, where testing has shown that the yield is similar to the results of the analysis of a random vector, yielding quasi-equal representations of every possible plaintext for the ciphertext space.

In Summary: RAMBDICT is a strong, yet breakable cipher where breaking it serves no immediate practical purpose due to the high yield of random and near-equally probable intelligible results.

Introduction In usual ciphers of this type, some clues to the structure of the original plaintext are provided by relationships that exist between the individual characters of the intermediate ciphertext. Determining how these relationships migrate through the stages into the final ciphertext is the basis for several types of analyses relied heavily upon by cryptanalysts to attack this class of breakable ciphers.

When working with a large quantity of ciphertext samples consisting of numerous messages encrypted with the same key, relationships between messages can be detected and analyzed to identify common shared characteristics. Analytic attacks have a higher expectation of success when plaintext common to many messages is available. Models of assumed or obtained plaintext can provide further clues to shared commonalities that, in turn, support assumptive testing that can lead to cascading results, sometimes breaking the cipher for that key and message set.

However, when no probable or actual shared plaintext sample is available and only one short non-standardized3 message is encrypted per key set using Key Isolation Methodology4 with two random Bifid matrices, Frequency Leveling to equalize intermediate ciphertext numeric instances, and a random-key Disrupted Incomplete Columnar Transposition, the author postulates that the resultant short, unique key set, single-sample ciphertext is indecipherable to a specific plaintext by analytical means.

Even without consideration of multiple stage variables, a super-computer brute-force attack can quickly produce in the order of 1.20(𝑒100) messages from seventy characters of ciphertext, a number related more to cosmology than cryptanalysis, where a large subset of messages would be commonly intelligible. Therefore, while not offering a number of possibilities equal to the entropy of its key, such as the One-Time Pad Cipher creates, the number of probable intelligible plaintext yields from a brute-force attack is large enough to render specific plaintext identification impractical due to the sheer scope of the time-consuming, expensive intelligence filtering5 required.

1 Key Isolation Methodology, where only one unique key set is used to encrypt one plaintext message, removes Analysis In

Depth from the cryptanalyst's toolbox. 2 Frequency Leveling is an encryption technique developed by this author for the ADFGVXST cipher that evens the character

count of the intermediate ciphertext letters before the transposition stage, destroying letter frequency and pairing analysis of the final ciphertext.

3 A standardized message contains elements that are common in many messages, such as a header containing data in the same order for each message. A non-standardized message has no repeatable form common to other messages.

4 Key Isolation Methodology uses one random key set per message that is never reused for another message. 5 Intelligence filtering, also known by several other names, is the process whereby encrypted messages and derived meanings

are connected to suspected recipients and originators using data outside the ciphertext itself that can lead to various levels of plaintext definition.



When codes are embedded in the plaintext, any form of attack is ultimately meaningless.6

The RAMBDICT process especially ruins the effectiveness of one of the cryptanalyst's favorite and most effective tools, analysis in depth, leaving a non-productive brute-force attack or applied social engineering7 as the only avenues to plaintext recovery.

Finally, history is replete with examples of hand ciphers that remain unbroken in the face of intense computer analysis, many of which offer large ciphertext samples for analysis. The vast majority of these ciphers were created by nothing more than the human mind.

In Summary: While super-computers employing an advanced algorithm in a brute-force attack against this breakable cipher will produce a high yield of intelligible results, the author postulates that this cipher remains unbreakable in practice when employed as described. The hand-operated Linearly Conjugated Double Random Matrix Bifid Disrupted Incomplete Columnar Transposition Cipher, or RAMBDICT, is designed to encrypt non-critical plaintext. It achieves its design goals (i) by minimizing operator-induced errors through rules sets that enforce procedures that require reasonable operations time expenditure, (ii) by maintaining symmetrical encryption and decryption effort, (iii) by minimizing induced error effects, and (iv), by reducing error ripple effects while providing strength against analyses including brute-force attacks.

Design Considerations This cipher uses two stages of substitution flanking one stage of transposition, and in that way is unremarkable. An effective dissociation between each numeral of the intermediate ciphertext created by the Bifid first stage was an essential design criteria.

Optional Frequency Leveling, when performed upon the numerals produced by the Bifid prior to the transposition stage, evens the count of each member of the intermediate ciphertext set {1,2,3,… 6} by appending null numerals that provide a powerful tree-in-the-forest obfuscation of the actual quantity and position of each meaningful element of the Bifid product.

The central Disrupted Incomplete Columnar Transposition stage fragments associative migration, preventing coordinate pairs from passing intact into the final random substitution stage. This stage randomly mixes each numeral of the appended null vector into the general population prior to the final substitution, precluding effective yields from deducible or associative element paring, destroying probable diagram testing and analysis.

Since the intermediate ciphertext elements are entirely numeric, equally extant, and stripped of all pairing or sequential associations after the DICT, there are no probable logical or associative subset groupings from which to form implications or statistical modeling that could be used toward reassembling the DICT. For example, while some letters in the English language commonly follow others in a markedly non-random association, isolated numerals have no non-sequential statistical ordination except through numeric subset count pattern comparison. Increasing the isolation of the individual numerals from coordinate pairs while imposing equal representation of each numeral within the intermediate ciphertext population prior to transposition equalizes numeric subset instances rendering subset count patterning ineffective. This combination effectively leaves the cryptanalyst with a brute-force attack as the primary option.

The final random substitution stage removes the 2x expansion of the intermediate ciphertext and further blocks substantive analysis of the ciphertext through random coordinate assignment. This stage also disguises ciphertext characteristics by instantiating qualities similar to other related ciphers, increasing the task of cipher identification.

In terms of cross-sample analysis, while no relationship between ciphertext and plaintext can be deduced or derived by analysis from the characters of a single ciphertext sample, a large body of encrypted messages created with exactly the same key set compared to a probable plaintext sample can provide clues to the original plaintext created with that specific key set through direct cross-sample association. Therefore, encrypting more than one message per key set is never a recommended procedure and this is strongly emphasized in the following material.

The four stages of this cipher constitute a level of complexity for the operator that, in practice, is very close to the threshold of a logarithmic increase in error propagation as confirmed by human trials. The procedural design of RAMBDICT promotes a tendency toward non-error propagation, preserving understanding of the plaintext message even when several errors are scattered throughout the stages. 6 There are many sound reasons to imbed codes, which by themselves are unbreakable, in ciphers, explored later herein. 7 Or, in other words, “breaking heads instead of breaking encryption.”



For example, the most common operator error, numeric transposition, affects a single character of ciphertext, having a mirror effect in the decrypted plaintext. If the error falls conveniently upon an additive null numeral, there is no effect on the plaintext message.

As observed in the test program and in monitoring practical use of the cipher, numeric transposition errors impacted one numeral of intermediate ciphertext, appearing in a random distribution. Additive and subtractive errors, causing offsets in the DICT, are the most devastating type. These errors were not often seen in testing and are rare in practical use due to the design of the operation procedures for each stage. Errors of omission sometimes occurred when there was a serial duplication of numerals in the intermediate ciphertext. Inexperienced operators tended to skip either the second or third serial duplicate numeral an average of three instances in seventy-five occurrences.

Because individual errors did not induce error propagation this cipher is classified as highly-error resistant in practice, the criteria being that errors at 10 percent or less can occur without obfuscating the meaning of the plaintext in a majority of cases.

Human trials showed that an operator with minimal experience8 with this cipher under average conditions9 processed 2.5 to 3.5 characters per minute through encryption or decryption, resulting in the processing of about 100-150 ciphertext letters within 40 to 50 minutes with an average of 4 errors per 10 messages. Experienced operators were considerably faster and more accurate. Generally, a ciphertext message of 180 characters10 should be decrypted in 45 minutes or less using the provided form, where the main variant is operator skill.

Another design consideration was that the expenditure of effort to encrypt and decrypt should be approximately equal. Bidirectional symmetrical effort was achieved in this design.

With thoughts toward cipher identity obfuscation, many analysts interpret an even number of ciphertext characters as a possible indication of cipher identity, or type, indicating a cipher that operates with diagrams at some point in its process.11 As an option, the Rule of Duplicate Character Insertion provides a technique where a even-length ciphertext can be shifted into an odd-length form by inserting a single null character from the set, {𝐴,𝐵,𝐶, . . .𝑍, 0,1,2… 9} according to this rule: Look for the first duplicate letter pair in the normal ciphertext and if it exists, move backwards toward the beginning of the ciphertext, inserting a letter that creates a duplicate pair that now becomes the first duplicate pair in the ciphertext. The receiver removes the first duplicate letter, returning the ciphertext to its original length, and proceeds with normal decryption. When the Rule of Duplicate Character Insertion is applied, an even-length message becomes odd, and vice-versa.

Finally, the idea of creating a set of 36 hieroglyphic characters, such as assigning English character values to a subset of Sanskrit, Figure 1, that had no relation to the plaintext set, {𝐴,𝐵,𝐶… 𝑍, 0,1,2… 9} was tempting but logically insignificant for three main reasons; (i) deception, where leaving the set as is creates hope in the attacker that there is some degree of direct association between the familiar characters of the ciphertext and plaintext where, for example, an “A” might represent an “A” in the plaintext, and (ii) additional difficulty, where a hard-to-remember, difficult to draw, unfamiliar character set can increase process time and foster errors, and (iii) the most important fact that generally in cryptanalysis, attack profiles are identical no matter what character set is used in the ciphertext.

8 “minimal experience” in this experiment was defined as 50 messages encrypted and decrypted within two weeks. 9 Good lighting, comfortable temperature, uncluttered workspace, no external distractions. 10 Test message length came from research where the average vital encrypted message contained <200 characters. 11 Examples include the 5X5 matrix Playfair Cipher, or the Extended Playfair Cipher that uses a 6X6 matrix.



Figure 1. 36 random Sanskrit letters assigned English and numeric values {𝐴,𝐵,𝐶… 𝑍, 9,8,7… 0}.

In Summary: The use of alternating stages of substitution and transposition is a proven, effective method of strong, yet breakable, cipher design12. Key Isolation Methodology combines with Frequency Leveling within the substitution and transposition stages to destroy reasonable expectation of success in reliably interpolating the symbol placements within the first Bifid random matrix from analysis of the final ciphertext, moving decryption by the usual attacks out of the realm of practicality, thus compelling a brute-force attack that results in a uniform high-volume yield of questionable value. When Key Isolation Methodology is enforced for all messages, this cipher is practical for non-critical data13, even standing against hyper-fast brute-force analysis where the enormous yield of probable messages requires expensive, time-intensive intelligence filtering.

Message Preparation Brevity is the opposite of clarity. The plaintext message should be constructed to reduce errors in understanding, yet be as brief as possible. Care should be taken to design the plaintext to be short and simple, thus minimizing the workload of the receiving operator, reducing error propagation. The design decision should favor clarity in every case regardless of length.

Imbedding codes from a well-written codebook can reduce the volume of the work considerably while substantially increasing the degree of understanding. The design of a codebook is outside the scope of this paper, but myriad examples exist from published commercial codes to codebooks used in clandestine situations circa WWII, now available on the Internet. Older codebooks can be repurposed by changing the meanings assigned to the codes.

Codes are unbreakable14, and there are many applications where codes are preferred over ciphers. In fact, wherever practical, codes should be used before ciphers are employed. Linguistic codes, such as the brilliant Idiot's Code15, are in fact redundant when used within a cipher.

However, nonlinguistic codes, where meanings are assigned to a series of symbols, can be imbedded to reduce workload and increase accuracy.

Another benefit of imbedding a nonlinguistic code within a cipher is that it prevents the compromise of the code phrase through observed activity. For example, if a subject receives the numerals 335 sent in the clear on a routine basis, and s/he immediately goes to the Skinny Bridge in Amsterdam at 1000H local time, the meaning of the code phrase can be inferred through observation.

Imbedding a code within a cipher that uses Key Isolation Methodology, where the resulting ciphertext for the same code phrase will always be unique every time it is sent, helps prevent associations between the code phrase and the directed action, reducing observationally supported associations that can render code phrases ineffective over time.

In Summary: To re-emphasize, brevity is the opposite of clarity; the plaintext should be designed foremost to be clear but as short as possible. The primary advantages of imbedding code phrases within hand-operated ciphers are that the work to produce the ciphertext is shortened, clarity is improved, and the potential for operator-induced errors is reduced. The primary disadvantage is that codebooks must be kept as secure as key books.

When using Key Isolation Methodology with RAMBDICT, applicable cryptanalytic options are reduced to a brute-force attack with results that will require intelligence filtering, producing a high-volume indeterminate yield while significantly increasing the workload and financial outlay of the opposition. When uncompromised code phrases are imbedded, all efforts to break RAMBDICT become moot.

12 See AES and other, similar ciphers once thought to be impractical to break are now routinely broken in short periods of time

that are getting shorter with every advance in computer speed. 13 Non-Critical Data is information that, when compromised, will not endanger life or reveal data classified secret or higher. 14 Codes are unbreakable, just like the One-Time Pad Cipher, and while those facts fly in the face of those enamored with the

power of technology, it is verifiably accurate. 15 http://en.wikipedia.org/wiki/Idiot_code#Idiot_code



Key Group Development There are three random key elements, normally kept in a key book, and optionally a codebook that must be created in advance to operate this cipher. They are, in order of use,

1. An optional codebook, 2. a Bifid Matrix One random vector, 3. a Random numeric Disrupted Incomplete Columnar Transposition key, and 4. a Bifid Matrix Two random vector.

The key set and codes must obviously be kept in a secure location, and perhaps several to keep them separated.

Random key vectors16 are usually kept in a handwritten17 key book, identical copies of which are distributed to the members of the cipher group. The key book is never created on any electronic device because the privacy of any computer can be compromised, especially if the computer has ever been connected by any means, however briefly, to the Internet. When the cipher is being used to archive data in a common-access medium such as a cloud, only the archivist needs to keep a single copy of the key book (and codebook, if used).

Each random matrix vector and the linear random DICT key can be created in several ways ranging from the simple to the impractically complex. The best security is obtained using an adequately random mechanical process18 that is not computer or Net-related. While randomized keys increase the security of the cipher, they cannot be derived by processing an easy-to-remember keyword and therefore should be kept at hand on quickly destructible media.

The development of random vectors containing various character sets is a separate topic treated in the paper, “Developing Non-Computer-Based Random Hand Cipher Key Elements,” 2006, by this author. Related information is to be found in numerous publications over the last hundred years.

Worksheet Setup Laying out a worksheet speeds up processing, reduces error propagation, and helps track down errors and correct them as they are discovered.

Copy and use the sample worksheet (Appendix A) for several practice sessions and become familiar with it and the cipher's workflow before modifying it. It was developed through extensive testing to clearly represent each stage, be easy to remember and simple to create with nothing but pencil and paper, and it supports efficient workflow. It is easily modifiable as better ideas are developed.

The following instructions for cipher operations are complex and necessarily difficult to follow for any person not used to working ciphers by hand. There are what may seem to be irritating requests, such as, “Count the plaintext twice...” or similar procedural recommendations. These procedures are stipulated from long experience where they have proven to markedly reduce errors. As manifestly ridiculous and labor-intensive as some of these requests seem at first, it remains obvious that preventing or finding and correcting errors is much better than gaining speed but producing error-ridden ciphertext.

The form is designed for a maximum plaintext length of 100 characters, including null additions, on an 8.5 x 11, or A4 page, but more plaintext characters can be comfortably processed through encryption or decryption by using separate pages. Using ¼ inch or 6mm square grid paper is recommended and helps reduce errors, and is considered necessary. Plain paper has been used in testing but it is, of course, essential that rows and columns be kept absolutely aligned. Grid squares smaller than ¼ inch are especially hard to use in low light levels under poor conditions, especially when eyesight variation is considered.

In Summary: The time penalty to prepare a form, or worksheet, is negated by the increases in accuracy for each stage. The overall process is faster because tracking and correcting errors is much easier during the mandatory rechecking process. The more sensitive or critical the data, the more important it is to check the work, catching and correcting errors as early in the process as possible. The form also organizes workflow, keeping it consistent.

16 Any matrix of any dimensional depth may be expressed as a linear or collimated vector. For more information, see:

http://en.wikipedia.org/wiki/Vectorization_(mathematics) and other numerous references. 17 Specifically not created on a computer or electronic device, and not kept in any form electronically. 18 Pentagonal trapezohedron (10-sided dice) are remarkably effective but labor-intensive methodology for developing random

vectors when properly utilized. http://en.wikipedia.org/wiki/10-sided_dice



The RAMBDICT Cipher Process

Encryption After the plaintext message has been designed and translated into the limited character set {𝐴,𝐵,𝐶. . .𝑍, 0,1,2. . . 9} and Codebook codes have been inserted to advantage, write the resulting processed plaintext into the form at the top of the page without spaces as shown in Figure 2.

Note that there are two spaces in a column below each character for Bifid coordinates and one blank line between each group of 3 rows to preserve clarity. The plaintext entry section of the form is designed to accommodate appended null expansion when the option of Frequency Leveling19 is used. For our message example, we'll use Frequency Leveling with the plaintext,

99335 BRING EVIDENCE AND PHOTOS OF SUSPECTS

Figure 2. The plaintext copied into the coordinates section of the form.

The 99 at the beginning of the plaintext indicates that the following three numerals relate to a codebook entry. In this example, 335 has been assigned the meaning, “MEET ME AT THE SKINNY BRIDGE IN AMSTERDAM AT THE USUAL TIME.”

Embedding this code in the plaintext results in a 48-character reduction in both encryption and decryption workloads and decreases error propagation. In addition to reducing transmission and reception errors, embedded codes provide a false indicator of the actual message length. Since the RAMBDICT key set is never reused for any other messages, it is statistically insignificant that repetitive characters, such as the code indicator 99, that are identical in several messages will never be represented by the same ciphertext characters.

About Block Length: Vertical lines divide the plaintext and its coordinates into groups of 5, defining the block size for the Bifid stage. It is commonly recommended that only odd-length block sizes be used with the Bifid Cipher20. The form is set for block lengths of 5, but any block length could be used. Whatever block length is defined, make certain that all parties in the cipher group know and privately acknowledge the block length.

Message Design Note: The addition of a code divides the message into two sections, instructions (What to do), and location (Where to meet). This is excellent message design, allowing for the possibility that some form of compromise may occur.

i. If the opposition obtains the cipher keys, the Codebook is still required to know the location. ii. If the Codebook is compromised but the cipher keys remain secure, the encrypted imbedded code cannot be

determined from the Codebook. iii. If the decrypted plaintext is compromised but the Codebook remains secure, only the instructions have

been revealed.

19 Frequency Leveling doesn't have to be used in every instance even though it adds tremendously to the security of the cipher.

It is best applied to short messages because of the inherent expansion of the intermediate and final ciphertext. 20 I haven’t studied this in depth, but odd vs. even-length block sizes may be irrelevant compared to block length. Each block

represents a sequential segment of a vector the length of twice the plaintext before Frequency Leveling. Block length relates to the number of segments in a given vector, which is important, but whether the segments are odd or even seems irrelevant.



As an additional refinement, the phrase “...AT THE USUAL TIME” gives no indication as to what time the meeting is to occur. Each one of these design elements helps to increase the security of the information while forcing a higher workload (and a larger budget requirement) onto the opposition.

To Continue: To translate the plaintext into Bifid coordinates, we'll need one 6X6 matrix populated with a random vector from our key book. For this example, copy the following randomized matrix21 for stage one into the box on the upper left of the form without the row and column indicators. It was determined in several studies that including the row and column numbers actually slowed down the operator. The row and column numbers are shown on the right of Figure 3 for reference only:

Figure 3. The first Bifid Matrix, shown on the form and with coordinates.

Create the initial intermediate ciphertext by finding each plaintext letter in the first Bifid matrix and writing its coordinates, row above column, in the spaces below the plaintext letter.

In our example, 9 is the first plaintext character, so 5,2 (Row 5, Column 2) becomes our first coordinate pair. The sixth plaintext character is B, with row, column coordinates 2,3.

When the plaintext coordinates have been filled in, the first part of the form will look like this:

Figure 4. The completed plaintext coordinates entries.

21 Quite obviously, never use the keys in this example for anything other than practice. While it may seem unnecessary to

include this warning, there have been people who overlook this obvious pitfall.



Figure 5. The first stage of Frequency Leveling; count the instances of coordinate numerals.

The optional Frequency Leveling Stage is now applied. Throughout the Frequency Leveling description, refer to Figures 5, 6, and 7. After the coordinates are filled in beneath each plaintext character, make a tic mark in the Frequency Leveling form section for each numeral used. Add the tic marks in each column above its number and write the totals down above each number in the spaces provided. See Figure 5. After this is completed, we're now ready to calculate the required nulls that will be appended to the intermediate plaintext.

First, shade in the column below numeral 2 as shown in Figure 6 because it has the highest instance and won't be used. Then subtract each total from the largest count, in our example, numeral 2 with 18 instances, and write the result below it's numeral in the space provided. For example, there are 18 numeral [2s] in the group, so under numeral 1, 18 – 11 yields 7. We'll add 7 [1s] to compensate. There are 16 numeral 3s in the group, and 18 – 16 = 2, so we'll add 2 [3s] to equal 18 [2s]. Skipping to the instances of 5s, we see that there are 9 [5s] in the group, so 18 – 9 = 9, indicating we'll add 9 [5s] to compensate. The results are shown in Figure 6.

Figure 6. Each column now shows the total number of each of the null numerals to be added.

When this is done, add up the nulls to be appended. In our example, we'll be appending 28 null numerals. Divide 28 by 2, indicating that we'll be using 14 pairs after the intermediate ciphertext. Count 14 columns after the existing intermediate ciphertext and make a mark that can't be confused with an element of the ciphertext character set.



Append the indicated nulls to the end of the intermediate ciphertext, marking them off by placing tic marks in their columns as they are appended. Try to spread the null numbers around so that they are distributed as evenly as possible within the 14 pairs.

When all the numerals are tallied, the nulls calculated and appended, the Frequency Leveling section of the form will look like Figure 7 with the totals above, deficits below, and the nulls that have been appended to the intermediate ciphertext represented by tic marks below each deficit.

Figure 7. The completed Frequency Leveling columnated section.

Figure 8 shows the nulls appended to the intermediate ciphertext. Double-check the results, insuring that the totals of hash marks in every column in the Frequency Leveling section match the number of nulls appended so that the total count of each numeral in the intermediate ciphertext is equal.

Figure 8. The null numerals appended to the intermediate ciphertext in a scattered distribution.



With the nulls appended, the entire group together is considered the final intermediate ciphertext. In our example, the last group of 5 characters happens to be incomplete. There is no need to add nulls to make it complete; it won't affect the cipher's strength in any way.

Examine each 5-character group carefully before moving to the next stage. There have been errors where of groups of five actually contain four or six characters. This error is more common when grid paper wasn't used, but it has also occurred when the operator is rushed or feels impatient.

Next, count the intermediate ciphertext characters, including the empty spaces above the null coordinates, and write the total down in a margin. Perform this count at least two times, backwards and forwards, using the 5-character divisions to aid in the process and then multiply the result by 2.

54 𝑝𝑎𝑖𝑟𝑠 𝑥 2 = 108 𝑠𝑖𝑛𝑔𝑙𝑒 𝑖𝑛𝑡𝑒𝑟𝑚𝑒𝑑𝑖𝑎𝑡𝑒 𝑐𝑖𝑝ℎ𝑒𝑟𝑡𝑒𝑥𝑡 𝑛𝑢𝑚𝑒𝑟𝑎𝑙𝑠 𝑖𝑛 𝑡ℎ𝑒 𝐷𝐼𝐶𝑇 𝑚𝑎𝑡𝑟𝑖𝑥.

Write the total of individual intermediate ciphertext numerals, 108, in a margin. This determines the size and shape of the matrix for the Disrupted Incomplete Columnar Transposition (DICT)22.

At this point, we have all the information we need to prepare the DICT matrix shape. In our example we will deploy a random 9-numeral key:

9 4 7 2 8 3 1 6 5 Note that in crypto literature there are several methods for extracting numerals from English or other language-based keywords23, but even the most clever or complex variations do nothing to add to the security of the cipher that is more substantial than a truly random key provides.

Creating the DICT Matrix: Divide the intermediate ciphertext coordinate count by the length of the DICT random numeric keyword. The result is the number of rows in the DICT matrix, usually with a remainder.24 Using our 9-numeral random keyword, we perform,

108 / 9 = 12,𝑤𝑖𝑡ℎ 𝑛𝑜 𝑟𝑒𝑚𝑎𝑖𝑛𝑑𝑒𝑟!

Since this stage requires an Incomplete Columnar Transposition, we'll add one null numeric pair to the end of the intermediate ciphertext to cause our DICT matrix to have an incomplete final row as the name of the stage suggests is necessary25. Figure 9 shows the addition of a randomly selected letter “Q” and its coordinates to the intermediate ciphertext.

Alternatively, and perhaps a better solution when it can be implemented, is to select a DICT key that has a length that forces an incomplete set of columns in the DICT form. When this is done, there is no need to append additional null coordinates that will throw off the equalization created by the Frequency Leveling operation. This alternative is only viable if (i) there is a selection of different length DICT keys available that are also in possession of the intended recipient, and (ii) there is no tactical or procedural reason to use a specific DICT key.

For example, selecting a random 10-digit DICT key will yield an incomplete columnar transposition in this case.

22 The first random substitution stage produces pairs of coordinates from the plaintext. The second random transposition stage

utilizes individual numerals, breaking apart those coordinates. The final random substitution stage works with new coordinates made up of the displaced numerals.

23 These methods are generally from a time when people were uncomfortable dealing with long numerals. Credit cards and phone numbers were major influences in changing that comfort level.

24 The remainder is important as an Incomplete Columnar Transposition is much more difficult to attack than a Complete Columnar Transposition, and a Disrupted Incomplete Columnar Transposition is extraordinarily difficult especially when letter frequencies and pair analysis are not available as guides. If there is no remainder, as in our example, null coordinates should always be appended to the intermediate ciphertext to insure an incomplete columnar transposition. The number of incomplete spaces in the final row doesn't matter; it just needs to be incomplete.

25 In this example, it is interesting, but unimportant that the additional null pair happens to form an even Bifid block in the intermediate ciphertext. The entire set of Bifid blocks is turned into a vector, so the length of the last block doesn't effect the strength of the cipher.



For this example, however, we'll continue using the null-addition method of creating an incomplete DICT matrix.

Figure 9. A single null letter, with coordinates, is added to the intermediate ciphertext to force an incomplete row.

As simple as it is, double-check the math! If there is an error it will destroy the DICT matrix, thereby inducing maximum eraser usage and associated irritation.

𝑊𝑒 𝑛𝑜𝑤 ℎ𝑎𝑣𝑒 55 𝑥 2 = 110 𝑖𝑛𝑡𝑒𝑟𝑚𝑒𝑑𝑖𝑎𝑡𝑒 𝑛𝑢𝑚𝑒𝑟𝑎𝑙𝑠, 𝑎𝑠 𝑠ℎ𝑜𝑤𝑛 𝑖𝑛 𝐹𝑖𝑔𝑢𝑟𝑒 9.

𝐴𝑛𝑑 110 / 9 = 12 𝑤𝑖𝑡ℎ 𝑎 𝑟𝑒𝑚𝑎𝑖𝑛𝑑𝑒𝑟 𝑜𝑓 2 𝑖𝑠 𝑠𝑢𝑓𝑓𝑖𝑐𝑖𝑒𝑛𝑡 𝑡𝑜 𝑐𝑟𝑒𝑎𝑡𝑒 𝑎𝑛 𝑖𝑛𝑐𝑜𝑚𝑝𝑙𝑒𝑡𝑒 𝐷𝐼𝐶𝑇 𝑚𝑎𝑡𝑟𝑖𝑥.

The DICT area has space for a key length of 11, but our key is 9 numerals long, so the two remaining spaces can optionally be shaded in as the right-most border is drawn. This example is shown both ways below, with and without shading, as some operators found the shading distracting.

There are now 12 complete rows, with an incomplete 13th row having two spaces at the bottom right of the matrix, as shown in Figure 10.

Figure 10. The outline of the DICT matrix for a key length of 9 and an intermediate ciphertext length of 110 numerals. The

boundary is emphasized in orange, which is not a usual practice.



Write the DICT key across the top of the matrix, one number per column. To mark off the disrupted areas of the DICT, begin at the top row with the column numbered 1, and draw a stepped area across the matrix to the right border.

Then skip a complete row, find column number 2, and draw the same type of stepped area across to the right border, and continue in the same way with the third column until there is no additional space available.

The completed disrupted zones are shown, emphasized by outline, in Figure 11.

Figure 11. The DICT matrix with the disrupted areas outlined.

With the coordinates completed from the first stage and the final Bifid matrix disrupted areas outlined, we are now ready to copy the intermediate ciphertext blocks into a vector that fills the DICT matrix, disrupted areas last, and then we'll perform the remaining stages of the cipher.

The DICT Matrix After much research, the Disrupted Incomplete Columnar Transposition (DICT) was selected as the method of transposition for two reasons: It's easier to set up and implement than its closest rival, the Linear Skipping Transposition as used in ADFGVXst and it's much more difficult to attack than it's classical origins, the standard Columnar Transposition and its derivative, the Incomplete Columnar Transposition.

The DICT process is easy once understood, but this was voted by students as the most difficult stage of the cipher to understand initially and it's where most operator-induced errors occur. Like the Frequency Leveling section, the description is more complex to read than the work is to perform, so take time to study the Figures along with the descriptive text and practice until there are no more questions before attempting to do actual cipher work.

The task can be described simply as copy work where accuracy is vital: Fill in the numerals from the first stage substitution into the DICT matrix by working across each row within each block of five characters by taking the first row of five numerals in the block into the DICT matrix, and then the second row, before moving to the next block. Each block contributes 10 numerals to the vector being fed into the DICT.

While filling in the DICT matrix, avoid the marked off disrupted zones until the clear area of the DICT matrix is completely full, and only then begin filling in the disrupted zones sequentially, top to bottom, left-to-right, to obtain the results shown in the Figures below.

It is helpful to make three small dots vertically at the end of each block's vector contribution as it is copied into the DICT matrix to create a handy reference point that helps when correcting errors discovered in the proofing process. Also, mark off each Bifid block as it is copied with a small “x” below the center of the block as a place holder to protect against being interrupted.



The orange highlight in Figure 12 shows where the Bifid block numerals connect to form a vector.

Figure 12. Take the top row and then the bottom row in sequence, copying the vector into the DICT matrix.

This point was initially difficult to grasp for most students, so it's emphasized here: Each Bifid block can be seen as a segment of a vector. The first Bifid block coordinates, with its two rows of 5 numerals, translates into a 10-numeral vector that is copied into the DICT matrix. Each Bifid block vector is copied into the DICT matrix in sequence, top row first, forming one vector that is disrupted, or segmented, by the shape of the disrupted areas within the DICT matrix.

In Figure 12, the 2 marked in orange follows the 4, producing the vector segment 5555422446. The next Bifid block produces the vector, 2644632214. After two Bifid blocks are copied into the DICT matrix, the vector in the DICT becomes, 55554224462644632214... and this process continues to the end of the intermediate ciphertext, one Bifid block at a time, filling up the DICT matrix completely.

If there is a partial Bifid block at the end of the intermediate ciphertext, its numerals are copied into the DICT matrix top row first, just like the other Bifid blocks. Figure 13 shows the clear area of the DICT completely filled in. Begin filling Bifid block vector segments into the disrupted zones next, working from top to bottom, left to right.

Figure 13. The clear zone of the DICT is filled in. Next, begin filling in the disrupted zones.

Use extreme caution when copying sequences of duplicate numerals in the Stage One Bifid matrix.26

Continue copying blocks until the DICT matrix is completely filled in. If the DICT layout calculations were correct, all of the numerals from the First Stage Substitution will fit perfectly into the DICT matrix space. If there are too many or too few numerals to fill the DICT matrix completely, send out a standby alert for your eraser and recheck the calculations for the size of the DICT matrix. Figure 14 shows the completed DICT matrix.

26 This cipher is a sterling example of an instance where something utterly simple can be highly difficult. In testing, the most

common layout error was inaccurately calculating and then drawing the borders of the DICT matrix. This error is devastating to the DICT, forcing a time-consuming reshaping and repopulation of the matrix.



Figure 14. The completed DICT matrix showing single indicator dots for each vertical pair.

The Final Substitution The Final Substitution Matrix The vector for the final Bifid substitution matrix consists of a different 6x6 random matrix than was used in the first stage, and parsing the intermediate ciphertext through it removes the expansion effect of the coordinate pairs of the first stage matrix. It is reemphasized here that a random Bifid matrix completely different from the first stage is used for the final stage. Never reuse the same matrix for both substitution stages. In our example, we'll use this 6x6 random vector matrix for the final stage:

Figure 15. The final Bifid substitution matrix, shown with coordinates.

Extracting numeric pairs from the DICT matrix and processing them through the final Bifid random substitution matrix is straightforward copy work, but accuracy is paramount.

Most of the errors in this process come from skipping from one column to another, or by including a key numeral at the head of a column as part of a coordinate pair. Using a highlighter to color the key numeral row can be helpful to isolate the key row from the coordinates.

Start with column 1, and work down to the end, translating coordinate pairs from the top of the column to the bottom, ignoring disrupted areas. For example, the first coordinate pair, 2,4 in column 1, crosses a disrupted zone border. Only the columns matter when translating coordinates into final ciphertext. Look up the ciphertext character indicated by the coordinates in the second random Bifid matrix and copy that character to the final ciphertext area on the form.



Place a dot (or other singular mark that can't be confused with a numeral) after the pair being processed as a index in case of interruption. In our example in Figure 14, column 1, there is a dot after the 4, and after each pair thereafter. The two recommended types of indexing dots can be seen; a single dot for column pairs and three dots after each completed Bifid vector block segment.

Let's step through a few examples. The first pair in column 1 is 2,4. At row 2, column 4 of our second Bifid matrix find the ciphertext character, Z. The second pair in column 1 is 4,2 indicating the ciphertext character 4 which is entered into the final ciphertext form, giving Z4 as the first two characters of ciphertext.

Occasionally, a pair will be split between the bottom of one column and the top of the next. For example, at the bottom of column 4, a pair is split between column 4 and the start of column 5. The coordinates 6,4 are taken into the second Bifid matrix indicating the ninth ciphertext character, F. This process continues until the ciphertext is complete as shown in Figure 16.

Figure 16. The completed ciphertext.

Note that, because of the appended nulls, the number of ciphertext characters will not equal the plaintext character count. When Frequency Leveling is not used, the count of the ciphertext characters will equal the number of plaintext characters. Review the completed worksheet for our example in the Appendix.



Closing Remarks With the exception of the elegantly simple and unbreakable One-Time Pad Cipher, hand-operated ciphers that are error-resistant and robust must necessarily be complex to operate. RAMBDICT as it is today fulfilled it's design goals by being strong, yet fairly easy to operate. However, it is much more difficult to learn that it is to perform.

In fact, most of the comments from students were strongly-worded variations of, “It's hard to learn but easy to use,” and continued feedback shows that the cipher becomes much easier to use with practice. In fact, some students claim they process single words through the cipher as a mental exercise without pencil and paper, but this is understandably rare.

Ultimately, there is no escaping the difficulties of becoming familiar with this cipher, but it offers stronger-than-average protection against attack when used as directed and, controversially, is most probably stronger in practical use than AES now that routine methods of attack against AES are known to produce message-specific results instead of numerous probable results such as the breakable RAMBDICT, ADFGVXst, and the unbreakable OTP Cipher provide.

The terms “breakable” and “unbreakable” need some clarification and have been addressed as side issues in this paper. Because a cipher is breakable, it may still be very strong, and in fact, stronger than computer-based encryption where, when broken, one correct result is revealed. When some types of breakable ciphers are broken, millions of probable results are revealed that take significantly more resources to interpret than a single positive from computer-based analysis.

For years, the Powers That Be have recommended the use of computer-based ciphers they could freely break to trusting citizens in the United States and numerous foreign countries, and this fact is now becoming worldwide knowledge through the revelations of the last few months. If one looks closely enough, it's easy to see that this practice has been going on with high intensity since WWII.

When the international contest for a powerful cipher that could be released for general use resulted in the adoption of the AES (see http://en.wikipedia.org/wiki/Advanced_Encryption_Standard ), it was 18 months before an agency of the US Government approved its use. The delay was to insure it could be broken before being released to an unsuspecting public. And of course the sad effect of this ruse was that millions of people, including some working under secret clearances who should have known better, used AES to encrypt highly-sensitive and critical data, a great deal of which was collected by the opposition during transmission. That data is now at open risk.27

Several strong ciphers, including but not limited to ADFGVX and the redoubtable One-Time Pad, were maligned in carefully-worded press releases, papers, in college courses, and by some notable crypto gurus as completely useless when, in reality, these ciphers and especially the One-Time Pad were so strong as to cause problems for those driven to read everything everywhere by everyone.

It is clear that ciphers that were pushed into disuse by these powerful interests are worth studying with fresh vision to see what true value they offer today, especially in the face of computer algorithmic assaults that are now available to everyone instead of just an elite few.

In a notable turn of events, finally, in 2013, over one hundred and fifty years from it's discovery, the invincible One-Time Pad Cipher is rising above false innuendo, indifference, and disuse to become the only and premier cipher of the next age, protecting the right to privacy on one hand while shielding criminal and terrorist activities from discovery on the other; truly a Yin/Yang, but equaling force in the world.

Freedom cannot exist without privacy but the burning, torturous question is, what are we, as people of the world, willing to sacrifice to enjoy and maintain that freedom? Perhaps the new attitude can be summed up by an extension of the quote from Thomas Jefferson, “The tree of liberty must be refreshed, from time to time, with the blood of patriots...”28 but apparently not if we have free hand-outs from our government in exchange for the sacrifice of freedom and the responsibilities it bears.

27 Data miners record all encrypted traffic on the net and from broadcasts to be decrypted using advanced computers and

algorithms in the future. With AES, that future is now, but people still trust this long dead and broken cipher today as a viable alternative is not yet available. But soon this will change.

28 See Wikiquote, http://wiki.monticello.org/mediawiki/index.php/The_tree_of_liberty...(Quotation)



At this moment, people all around this tiny, endangered world are beginning to support free will, open commerce, and freedom over tyranny's horror and suppression but since there's an unlimited supply of bad guys, the good guys won't win unless they're very, very careful.

Perhaps the right to privacy and freedom will survive, but the future is changing all the time and true freedom and its essential rights and responsibilities, as important as they are for humanity, may not prevail in the face of two types of evil.

The first type of evil is obvious, coming from people who would suppress the beliefs of others, denying them freedom and taking life at will, but the other type of evil is more difficult to recognize, that of lethargic indifference. And indifference is the primary cause of the death of freedom.

How is all of this relevant in a technical paper about a hand cipher? The free use of ciphers is a small but important indicator of the degree of freedom within a country. If the right to privacy exists, freedom exists in some degree along with it. There are many nations in which using or even possessing a cipher is an immediate death sentence, and this fact brings two questions into focus:

1. Can you freely use ciphers to maintain private communications where you live?

2. If the answer is yes, then for how much longer?

Kerckhoff's Laws Applied In 1883 Auguste Kerckhoffs wrote two journal articles in La Cryptographie Militaire in which he stated six design principles for military ciphers. These principles were used in the design of RAMBDICT.

i. The system must be practically, if not mathematically, indecipherable;

ii. It must not be required to be secret, and it must be able to fall into the hands of the enemy without inconvenience;

iii. Its key must be communicable and retainable without the help of written notes, and changeable or modifiable at the will of the correspondents;

iv. It must be applicable to telegraphic correspondence;

v. It must be portable, and its usage and function must not require the concourse of several people;

vi. Finally, it is necessary, given the circumstances that command its application, that the system be easy to use, requiring neither mental strain nor the knowledge of a long series of rules to observe.

Comments

i. The RAMBDICT meets this law, as it is, in a practical sense indecipherable.

ii. This law also applies, as the opposition can know the cipher process and as long as the random keys remain secure, all messages created by the system are secure.

iii. There is an issue here, in that long random sequences are not easily memorized. While there are people who have this remarkable capability (photographic memory, trained or natural), they are rare. Usually, new areas of memory must be tied into previous mental reference points and a random vector offers no such reference points, especially when the sample sized is immense. The RAMBDICT does not meet part one of this law. However, it does stand under part two. The selected keys are changeable as long as the cipher group communicates clearly, either through the message header or through coded communications, about which keys are in use for any single message.

iv. The final ciphertext character set can be transmitted by any electronic means.

v. As a paper-and-pencil cryptographic system with a key book, codebook and optional conversion table, its components are lightweight and can be compact, making it portable by one person.

vi. Once familiar, RAMBDICT has been shown to be easy to use relative to other manual cipher systems. The most powerful cipher ever created, the One-Time Pad Cipher, is actually easier to use having fewer steps.



Summary of Steps This section summarizes the steps for encryption and decryption. Since this is a symmetrical effort cipher, decryption is the exact reverse of encryption. The time to encrypt is approximately equal to the time to decrypt for any message.

The steps below are described using the provided form.

Encryption 1. Design the plaintext, imbedding codes where practical to reduce the work effort. Designate a key set to be

used for the message.

2. Populate the first Bifid matrix in the upper left of the worksheet with the key vector.

3. Complete the intermediate ciphertext by applying Frequency Leveling, if used.

4. Use the length of the DICT key DKL divided into twice the length of the intermediate ciphertext ICL, to lay out the DICT matrix boundary in the space provided.

(2 𝑥 𝐼𝐶𝐿) / 𝐷𝐾𝐿 + 𝑅𝑒𝑚𝑎𝑖𝑛𝑑𝑒𝑟 = 𝐷𝐼𝐶𝑇 𝑚𝑎𝑡𝑟𝑖𝑥 𝑟𝑜𝑤𝑠 𝑢𝑛𝑑𝑒𝑟 𝑡ℎ𝑒 𝑘𝑒𝑦.

If the remainder is zero, append one pair of null coordinates to the IC or select a different-length DICT key to force an Incomplete Columnar Transposition.

5. Write the numeric DICT key across the columns at the top as shown in the example.

6. Define the disrupted zones within the DICT matrix according to sequential key order. Remember to skip one row between the end and start of the next disrupted area.

7. Populate the second Bifid matrix to the right of the DICT matrix with the random vector indicated by the key set, insuring that it's different from the first random Bifid matrix.

8. Perform the encryption process.

i. Take coordinates from the first Bifid matrix, row first, then column, and write them below each plaintext character, working this process through to the end of the plaintext.

ii. If the estimated expansion of the intermediate ciphertext is not too long for the form space allocated, use the Frequency Leveling part of the form to tally the numerals in the intermediate ciphertext and append null numerals to even the count of each of the numerals in the character set, {1,2,3,4,5,6}.

iii. Take vectors from one Bifid block at a time, top-to-bottom, left to right, and write them sequentially into the DICT matrix filling the open space first from left to right. When the open space is filled, continue to write Bifid block vectors into the disrupted zones sequentially from left to right, top to bottom. The intermediate ciphertext will fit perfect if the length calculation and layout of the DICT boundaries are correct.

iv. Take pairs from the DICT matrix as coordinates, moving down columns in key order, working top to bottom, ignoring disrupted zones into the second Bifid matrix, and write down the ciphertext characters into the ciphertext area on the worksheet. Continue this, column by column in key order, until the end of the DICT matrix.

v. If the Rule of Duplicate Character Insertion is active, add a single null to form the first duplicate in the ciphertext creating an odd length ciphertext.



Decryption Using the provided worksheet:

1. If the Rule of Duplicate Character Insertion has been employed, extract one null from the first duplicate pair as the ciphertext is being written into the ciphertext area at the lower right of the page. The ciphertext will now be equal in length to the future plaintext result including nulls, if Frequency Leveling has been implemented.

2. Look up the Key Set Codes in the crypt that identify the two Bifid keys and the DICT key used to encrypt the message. Find the vectors in the key book.

3. Populate the second Bifid matrix space to the left of the ciphertext area with its key vector.

4. Outline the DICT matrix boundary by dividing the length of the DICT numeric key DKL into twice the length of the ciphertext CL, and outline the DICT matrix boundary in the space provided. There will be one incomplete row (the Remainder) at the bottom of the matrix.

(2 𝑥 𝐶𝐿) / 𝐷𝐾𝐿 + 𝑅𝑒𝑚𝑎𝑖𝑛𝑑𝑒𝑟 = 𝐷𝐼𝐶𝑇 𝑚𝑎𝑡𝑟𝑖𝑥 𝑟𝑜𝑤𝑠 𝑢𝑛𝑑𝑒𝑟 𝑡ℎ𝑒 𝑘𝑒𝑦.

5. Define the disrupted zones within the DICT matrix according to sequential key order. Remember to skip one row between the end and start of the next disrupted area.

6. Populate the first Bifid matrix space in the upper left of the worksheet with its random vector, different from the vector used in the second Bifid matrix.

7. Begin working the cipher process in reverse. Use the Figures and process description in the text with this outline to track through the decryption process.

i. Copy the coordinate pairs indicated by the ciphertext characters and the second Bifid matrix into the columns of the DICT, starting with column 1, working top-to-bottom down each column, ignoring the disrupted zones. There will be a few pairs split between the end of one column and the start of another.

ii. Assuming a Bifid block size of 5: Take a 10-numeral vector from the DICT matrix working across rows, top to bottom, non-disrupted zone first, into the first Bifid block in the plaintext matrix, filling in each row of the Bifid block with five numerals in left-to-right, top-to-bottom, sequence. Then move to the next Bifid block and populate it with the next 10-numeral vector in the same way. When the vectors in the non-disrupted zone have been copied, begin the same process with the top-most disrupted zone and work left-to right downward through each remaining disrupted zone. A vector may be split between the non-disrupted zone and the first disrupted zone. Consider it one vector.

iii. The number of vertical pairs in the Bifid blocks should now equal the number of ciphertext characters. Take the numerical pairs vertically from each Bifid block, top numeral as a row indicator, bottom numeral as a column indicator, into the first Bifid matrix and write the plaintext character so indicated in the space above that coordinate pair. At completion, the length of the plaintext, including null characters if Frequency Leveling was used, will be identical to the length of the ciphertext.

iv. Finally, look up indicated code values, if present in the plaintext, and write them into the plaintext (usually on another sheet) to complete the message. If nulls have been added using Frequency Leveling, they will appear at the end of the plaintext and can be ignored.



General Principles of Cipher Operation 1. Always double-check your counting and calculations, no matter how simple they may appear.

2. Make certain everyone in the cipher group is using the same set of rules, such as identical codebooks, key books, and is in agreement about activating the Rule of Duplicate Character Insertion, or not.

3. Spot check your work throughout the encryption process and at least once again after it's completed. When time is a factor, spot checking selected areas for accuracy is also useful.

4. Periodically, review transmission and reception protocols with the cipher group to assure clear transfer of the ciphertext to each recipient.

5. If communications are open, the ciphertext can be sent without modification or obfuscation via email or any other means.

6. If communications are covert29, make certain the pickup procedures and warn-offs are agreed upon and clearly understood.

7. If communications are clandestine, be certain that the send and receive points are secure and unobserved. Never assume that if you don't see anybody watching, nobody is watching. Look up. Ground-based computer-enhanced hi-res telephoto lens video, microsatellite surveillance, and long-distance drone surveillance are common today. There is no privacy if you can see the open sky.

8. If the ciphertext is to be archived, any online (even public) virtual drive or paper-based storage system can be utilized.

9. Never use a computer or other electronic device, with the exception of the HP49 or HP50 Graphing Calculators (no net connection, low radiation signature), to encrypt anything. If electronic encryption must be used, employ a computer that has had its net-access antenna removed and is operated in a shielded environment such as a grounded Faraday cage, or a Tempest Computer30. For data transport, deploy a USB device with secure operating system Stealth technology where the device is not registered by the host computer.

29 Covert communication means that the ciphertext can be set as-is, without the ciphertext being disguised.

Clandestine communications means that the ciphertext cannot be revealed and must be sent hidden in something else, sich as a picture or design.

30 http://www.webopedia.com/TERM/T/Tempest.html or http://www.apitech.com/product-classes/sst-emcon-tempest-computers



Appendix

The Linearly Conjugated Double Random Matrix Bifid Disrupted Incomplete Columnar Transposition Cipher

(RAMBDICT)

• Blank Worksheet

• Completed Example Worksheet



References Hand-Operated Ciphers, http://www.cryptomuseum.com/crypto/manual.htm Military Cryptanalysis, Parts 1 through 4, by William F. Friedman (NSA Documents and Research, circa 1950) The Codebreakers, by David Kahn (Scribner, 1996) Psychology of Intelligence Analysis, by Richards J. Heuer, Jr. (Center for the Study of Intelligence, CIA, 1999.) Cryptanalysis, A Study of Ciphers and their Solution, by Helen Fouche Gaines. (Dover Publications, 1959) Applied Cryptography, Second Edition, by Bruce Schneier (John Wiley & Sons, 1996) IBN 0-471-11709-9 Hand-Operated Ciphers and Their Weaknesses and Strengths, by John Campbell Stewart, (Center for the Study of Intelligence, CIA, 1998) Developing Non-Computer-Based Random Hand Cipher Key Elements, by Wolfgang Hammersmith, White Paper, 2011, (Limited distribution, 10 May 2013). The Solitaire Encryption Algorithm, v. 1.2, 26 May 1999, by Bruce Schneier, White Paper. The Simon and Speck Families of Lightweight Block Ciphers, by Ray Beaulieu, Douglas Shors, Jason Smith, Stefan Treatman-Clark, Bryan Weeks, Louis Wingers (National Security Agency, 19 June 2013, required notice: This paper is a product of the NSA Research Directorate.) The Disrupted Incomplete Columnar Transposition, by Carl Maverisi, John Cassavertes, et al, 11 June 2012, White Paper. The ADFGVX Cipher and Its Analysis, by Helen Fouche Gaines, 1953, (From unpublished hand-written notes.) Bifid Cipher, http://en.wikipedia.org/wiki/Bifid_cipher, 2013. The Bifid Cipher, http://practicalcryptography.com/cryptanalysis/stochastic-searching/cryptanalysis-bifid-cipher/, 2013

End of Document V3.00.01, 24NOV13 2136Z

The Linearly Conjugated Double Random Matrix Bifid Disrupted Incomplete Columnar Transposition...

Documents

Transcript of The Linearly Conjugated Double Random Matrix Bifid Disrupted Incomplete Columnar Transposition...