Low Tech Crypto: Solitaire (2020)

&gt;Solitaire (...) was featured in Neal Stephenson’s book Cryptonomicon under the name “Pontifex”.<p>It was introduced under the name &quot;Solitaire&quot;, &quot;Pontifex&quot; was used initially as a temporary code-word when characters couldn&#x27;t speak freely.<p>I&#x27;ve always wondered if just using plain RC4 (adapted to a card deck) would be simpler (and probably more secure). Adding two-digit (0..52) numbers by hand is easy for almost everyone, and RC4&#x27;s swap step is no more involved than the `cut` operation of Solitaire. The only downside is that it requires user to keep track of `i` and `j` - two additional two-digit numbers (in memory, because writing anything down is against the threat model of characters in the story). I agree it&#x27;s error-prone. But, assuming temporarily writing things down with pen and paper is OK according to my threat model, I think RC4 would work nicely.<p>Of course Bruce is the world-class expert in cryptography and I&#x27;m not, so you should probably ignore my grumbling here :).

This article notes that the algorithm &quot;leaks information at a rate of 0.0005 bits per character&quot; and as such it&#x27;s fine for encrypting a tweet but not a novel. Can someone with a better understanding of cryptography put 0.0005 bits per character in context? Maybe suggest a practical upper limit to its usefulness that&#x27;s more specific? More than 140 characters but less than a whole book leaves a lot of wiggle room.<p>edit: To be clear I mean someone with a better understanding of cryptography than me. I don&#x27;t doubt the author&#x27;s expertise.

One of the interesting parts of this is the key exchange. Handing off a deck of cards works - but that&#x27;s not always practical.<p>Fortunately, many major newspapers distribute keys each day.<p><a href="https:&#x2F;&#x2F;www.mercurynews.com&#x2F;2023&#x2F;09&#x2F;24&#x2F;bridge-sept-24-2023&#x2F;" rel="nofollow noreferrer">https:&#x2F;&#x2F;www.mercurynews.com&#x2F;2023&#x2F;09&#x2F;24&#x2F;bridge-sept-24-2023&#x2F;</a><p><pre><code> NORTH S A 6 3 H Q 2 D Q 10 8 7 4 2 C K 5 WEST EAST S 7 S J 10 9 2 H J 10 9 8 5 H K 7 6 4 3 D A J 6 3 D K 9 C J 10 8 C A 9 SOUTH S K Q 8 5 4 H A D 5 C Q 7 6 4 3 2 </code></pre> And there are so many to chose from <a href="https:&#x2F;&#x2F;vineyardgazette.com&#x2F;news&#x2F;2021&#x2F;09&#x2F;20&#x2F;bridge-column-sept-24" rel="nofollow noreferrer">https:&#x2F;&#x2F;vineyardgazette.com&#x2F;news&#x2F;2021&#x2F;09&#x2F;20&#x2F;bridge-column-se...</a>

My favorite low-tech cipher(e.g. if I ever have to encrypt something by hand) is Quagmire III[0], notably used to encrypt sections K1 and K2 of Kryptos[1].<p>[0]: <a href="https:&#x2F;&#x2F;www.cryptogram.org&#x2F;downloads&#x2F;aca.info&#x2F;ciphers&#x2F;QuagmireIII.pdf" rel="nofollow noreferrer">https:&#x2F;&#x2F;www.cryptogram.org&#x2F;downloads&#x2F;aca.info&#x2F;ciphers&#x2F;Quagmi...</a> [1]: <a href="https:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;Kryptos" rel="nofollow noreferrer">https:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;Kryptos</a>

Weakness discussed here <a href="https:&#x2F;&#x2F;arxiv.org&#x2F;abs&#x2F;1909.06300" rel="nofollow noreferrer">https:&#x2F;&#x2F;arxiv.org&#x2F;abs&#x2F;1909.06300</a>

In the age of mobile devices littered with sensors, randomness is far more achievable.<p>I made a random number generator in Automate that takes takes the end digits that are really just noise and put that into a random seed.