>Solitaire (...) was featured in Neal Stephenson’s book Cryptonomicon under the name “Pontifex”.<p>It was introduced under the name "Solitaire", "Pontifex" was used initially as a temporary code-word when characters couldn't speak freely.<p>I've always wondered if just using plain RC4 (adapted to a card deck) would be simpler (and probably more secure). Adding two-digit (0..52) numbers by hand is easy for almost everyone, and RC4's swap step is no more involved than the `cut` operation of Solitaire. The only downside is that it requires user to keep track of `i` and `j` - two additional two-digit numbers (in memory, because writing anything down is against the threat model of characters in the story). I agree it's error-prone. But, assuming temporarily writing things down with pen and paper is OK according to my threat model, I think RC4 would work nicely.<p>Of course Bruce is the world-class expert in cryptography and I'm not, so you should probably ignore my grumbling here :).
This article notes that the algorithm "leaks information at a rate of 0.0005 bits per character" and as such it's fine for encrypting a tweet but not a novel. Can someone with a better understanding of cryptography put 0.0005 bits per character in context? Maybe suggest a practical upper limit to its usefulness that's more specific? More than 140 characters but less than a whole book leaves a lot of wiggle room.<p>edit: To be clear I mean someone with a better understanding of cryptography than me. I don't doubt the author's expertise.
One of the interesting parts of this is the key exchange. Handing off a deck of cards works - but that's not always practical.<p>Fortunately, many major newspapers distribute keys each day.<p><a href="https://www.mercurynews.com/2023/09/24/bridge-sept-24-2023/" rel="nofollow noreferrer">https://www.mercurynews.com/2023/09/24/bridge-sept-24-2023/</a><p><pre><code> NORTH
S A 6 3
H Q 2
D Q 10 8 7 4 2
C K 5
WEST EAST
S 7 S J 10 9 2
H J 10 9 8 5 H K 7 6 4 3
D A J 6 3 D K 9
C J 10 8 C A 9
SOUTH
S K Q 8 5 4
H A
D 5
C Q 7 6 4 3 2
</code></pre>
And there are so many to chose from <a href="https://vineyardgazette.com/news/2021/09/20/bridge-column-sept-24" rel="nofollow noreferrer">https://vineyardgazette.com/news/2021/09/20/bridge-column-se...</a>
My favorite low-tech cipher(e.g. if I ever have to encrypt something by hand) is Quagmire III[0], notably used to encrypt sections K1 and K2 of Kryptos[1].<p>[0]: <a href="https://www.cryptogram.org/downloads/aca.info/ciphers/QuagmireIII.pdf" rel="nofollow noreferrer">https://www.cryptogram.org/downloads/aca.info/ciphers/Quagmi...</a>
[1]: <a href="https://en.wikipedia.org/wiki/Kryptos" rel="nofollow noreferrer">https://en.wikipedia.org/wiki/Kryptos</a>
In the age of mobile devices littered with sensors, randomness is far more achievable.<p>I made a random number generator in Automate that takes takes the end digits that are really just noise and put that into a random seed.