Welcome Guest [Log In] [Register]
Welcome to Crypto. We hope you enjoy your visit.


You're currently viewing our forum as a guest. This means you are limited to certain areas of the board and there are some features you can't use. If you join our community, you'll be able to access member-only sections, and use many member-only features such as customizing your profile, sending personal messages, and voting in polls. Registration is simple, fast, and completely free.


Join our community!


If you're already a member please log in to your account to access all of our features:

Username:   Password:
Add Reply
A Practical Use for Playfair; Here's a crypto application to use every day!
Topic Started: Apr 19 2014, 06:51 AM (309 Views)
fiziwig
Elite member
[ *  *  *  *  * ]
The whole Heartbleed affair has left me wondering about using stronger passwords. Of course I could use a password manager, but what happens if my hard drive crashes? I still need to be able to get to my important accounts, either borrowing a friend's computer, or after I replace the broken computer or hard drive. And if all my passwords are stored in the password manager, how do I rescue them?

How about using an 8 x 8 matrix to do a Playfair encryption of a simple phrase for each password. For example, using the characters {a-z A-Z Ø-9 ? !} you can build a random grid something like this:

Code:
 
P[space]m[space]N[space]s[space]c[space]9[space]8[space]E
j[space]K[space]v[space]b[space]p[space]V[space]k[space]Y
y[space]1[space]2[space]H[space]u[space]![space]B[space]Q
a[space]C[space]O[space]i[space]l[space]w[space]d[space]6
3[space]J[space]r[space]G[space]e[space]?[space]x[space]T
L[space]h[space]7[space]A[space]4[space]S[space]n[space]X
Ø[space]M[space]q[space]f[space]F[space]R[space]j[space]U
W[space]t[space]g[space]5[space]D[space]o[space]Z[space]I

Then print out the grid and keep it hidden away, but handy. Then you can use easy-to-remember phrases for each account, like these:

Code:
 
My[space]Bank[space]Accounts
My[space]Ba[space]nk[space]Ac[space]co[space]un[space]ts
Ø1[space]yd[space]jB[space]4s[space]9D[space]B4[space]5m

Netflix[space]Pass[space]Key
Ne[space]tf[space]li[space]xP[space]as[space]sK[space]ey
cr[space]5M[space]eG[space]38[space]iP[space]mb[space]3u

eMail[space]Magic[space]Word
eM[space]ai[space]lM[space]ag[space]ic[space]Wo[space]rd
JF[space]Cl[space]CF[space]OW[space]ls[space]tZ[space]xO


The Playfair ciphered version is the password you use.

Even if somebody found your matrix, most people wouldn't have any idea what to do with it. And they wouldn't know your easy phrases, which you wouldn't have to write down.

And when the time comes to change your passwords, all you need to do is generate a new Payfair matrix and use the same plaintext key phrases.

All it would take would be a Javascript to fill an array with those 64 characters and then shuffle the array and display it as an 8 x 8 matrix, and then you could print out the new matrix and change all your passwords at the same time.

ON EDIT: It occurred to me that a Jefferson Wheel Cipher would be even easier to use, and you could change all your passwords by shuffling the wheels into a different order, assuming each wheel had a different arrangement on it. You would need 12 to 16 wheels with the whole set {a-z A-Z 0-9} on the wheels. Or it might be better to leave out zero and one so they won't be confused with uppercase 'O' and lowercase 'l'. That would be 60 characters on each wheel. Or you could buy one of those wooden Jefferson Wheels available on Amazon and eBay and mark some of the disks to represent lowercase letters so your passwords would use both upper and lower case. If you had a fancy wooden Jefferson wheel you could leave it in plane sight on your desk as a decorative piece and nobody would ever guess that it is also your password manager.
Edited by fiziwig, Apr 19 2014, 07:22 AM.
Offline Profile Quote Post Goto Top
 
novice
Super member
[ *  *  *  * ]
Hi Fiziwig,

Your schemes are, as usual, ingenious and eminently practical.

In my own case I depend on a password manager called 1Password. I backup regularly (using Time Machine) to an external hard drive and I have a stand-by computer (a Mac Mini) which I keep offline for emergencies.

The system was put to the test a few months ago and came through with flying colours. My main computer gave up the Ghost and there was nothing I could do to get a flicker of life from it. I was back in business in a few minutes.

I have just counted the number of passwords held in my manager -- there are 56 of them :) In addition it locks up personal documents, whatever the format. I would be lost without it.
Offline Profile Quote Post Goto Top
 
mok-kong shen
NSA worthy
[ *  *  *  *  *  * ]
Using 8*8 Playfair or Jefferson's cylinder for password generation are apparently nice ideas. I haven't seen a real Jefferson's cylinder. What's the sizes of those available for sale today? (I wished earlier that modern techniques could render ones that are convenient to carry and with plently of exchangeable disks be available for general use.)

BTW on Playfair I saw a cite http://www.quinapalus.com/playfair.html. Since you have apparently good knowledge in Playfair, could you find some time to examine it and kindly tell us of your evaluation of it?
Offline Profile Quote Post Goto Top
 
fiziwig
Elite member
[ *  *  *  *  * ]
mok-kong shen
Apr 19 2014, 08:32 AM
Using 8*8 Playfair or Jefferson's cylinder for password generation are apparently nice ideas. I haven't seen a real Jefferson's cylinder. What's the sizes of those available for sale today? (I wished earlier that modern techniques could render ones that are convenient to carry and with plently of exchangeable disks be available for general use.)

BTW on Playfair I saw a cite http://www.quinapalus.com/playfair.html. Since you have apparently good knowledge in Playfair, could you find some time to examine it and kindly tell us of your evaluation of it?
That playfair breaker looks like it depends on the matrix being built using a dictionary word as the key. Apparently, if I'm understanding what the web page says, it would fail completely on a cipher with a random playfair matrix.

Here's a commercial Jefferson wheel. It's available from a number of toy stores and online sellers.

Posted Image
Offline Profile Quote Post Goto Top
 
JOE.TEKK1
Elite member
[ *  *  *  *  * ]
That is decent. 5x5 tables I don't like. 5x6 or larger ( 30 cells or more)
is better. Interesting system, Fiz.

Joe

Sat. 14.53hrs 19Apr2014 .
Offline Profile Quote Post Goto Top
 
1 user reading this topic (1 Guest and 0 Anonymous)
« Previous Topic · General · Next Topic »
Add Reply