Computing with printouts
February 22, 2014 7:34 PM Subscribe
The "Off The Grid" Password Generator uses printouts of Latin Squares to hash domain names into unique passwords without a PC or even a pencil. Are there other useful paper based algorithms like this? The concept rings a bell but Google wants to show me papers on computing, not computing on paper.
Bonus link: The less-utilitarian Zen Guide to Paper and Pen Games
(I don't actually recommend Off The Grid for real use. Among other concerns, if your printout is secretly compromised, passwords you haven't even created yet become predictable.)
Bonus link: The less-utilitarian Zen Guide to Paper and Pen Games
(I don't actually recommend Off The Grid for real use. Among other concerns, if your printout is secretly compromised, passwords you haven't even created yet become predictable.)
A grid is a handy and easy to use rendering of a standard simple substitution cipher. Every trivial 1:1 substitution cipher can be represented as a grid. Compare to the yet simpler subcategory, a Caesar cipher, where the substition is so regular that you don't even need a grid (every output is exactly N away from the input in a standard sorting order).
Simple substitution ciphers are vulnerable if they are encoding low entropy material. If you know the plaintext, then you can reverse the characters in that plaintext (which will likely provide other clues, crossword style).
posted by idiopath at 8:28 PM on February 22, 2014 [1 favorite]
Simple substitution ciphers are vulnerable if they are encoding low entropy material. If you know the plaintext, then you can reverse the characters in that plaintext (which will likely provide other clues, crossword style).
posted by idiopath at 8:28 PM on February 22, 2014 [1 favorite]
Do you specifically want paper-and-pencil algorithms for encrypting things? Or any sort of paper-and-pencil algorithm?
posted by this is a thing at 8:34 PM on February 22, 2014
posted by this is a thing at 8:34 PM on February 22, 2014
The Playfair cipher is relatively easy to do by hand, and, for short messages (e.g. domain names) is difficult to crack.
I guess if someone knew your password for a lot of different domains, it would be relatively easy to crack your scheme for most ciphers you could reasonably do by hand.
posted by aubilenon at 8:50 PM on February 22, 2014
I guess if someone knew your password for a lot of different domains, it would be relatively easy to crack your scheme for most ciphers you could reasonably do by hand.
posted by aubilenon at 8:50 PM on February 22, 2014
Maybe the search term you want here is "manual encryption".
Regarding aubilenon's point about crackability, a one time pad properly used is the most secure encryption possible (beating even digital encryption that is not one time pad based), and can be done by hand.
posted by idiopath at 9:21 PM on February 22, 2014
Regarding aubilenon's point about crackability, a one time pad properly used is the most secure encryption possible (beating even digital encryption that is not one time pad based), and can be done by hand.
posted by idiopath at 9:21 PM on February 22, 2014
idiopath: It's called a one-time-pad because you only use it one time. If you use it a couple times it gets a lot easier to crack! But if you have to keep a different key for each password you might as well just store the passwords.
Which actually is what I do - using a password manager like keepass or lastpass or whatever.
I was using algorithmic password generation before that, but when I had to change my password because sites got hacked or whatever, things started getting too complicated.
posted by aubilenon at 9:29 PM on February 22, 2014 [1 favorite]
Which actually is what I do - using a password manager like keepass or lastpass or whatever.
I was using algorithmic password generation before that, but when I had to change my password because sites got hacked or whatever, things started getting too complicated.
posted by aubilenon at 9:29 PM on February 22, 2014 [1 favorite]
Best answer: Rereading, you may be more interested in general manually computed algorithms? In which case you would likely want to look up materials related to pre-1950's computation (slide rules, abacus, various systems used by accountants, bookkeepers, gamblers, odds-makers and computers in the pre-electronic computing era).
posted by idiopath at 9:34 PM on February 22, 2014 [1 favorite]
posted by idiopath at 9:34 PM on February 22, 2014 [1 favorite]
There is also the field of mathematical algorithms where you will see things that look like computer code, but are only a pseudo code for describing algorithms to other humans.
posted by idiopath at 9:40 PM on February 22, 2014
posted by idiopath at 9:40 PM on February 22, 2014
Response by poster: Ideopath, those are great leads. Did you know knitting is Turing complete? You can compute with air bubbles too, and some jet engines do a certain amount of logic using the interaction of high speed air flows.
posted by jayCampbell at 12:53 AM on February 23, 2014 [2 favorites]
posted by jayCampbell at 12:53 AM on February 23, 2014 [2 favorites]
In principle any algorithm that can be implemented as a program can also be executed by a human with pen and paper (corollary: computer science is really just paper shuffling in disguise).
Since humans have little patience, algorithms with large inputs or many operations are not practical because they're boring. It's a large overlap with mental calculation tricks, and stuff like computing the day of the week for arbitrary dates.
posted by dhoe at 12:53 AM on February 23, 2014 [1 favorite]
Since humans have little patience, algorithms with large inputs or many operations are not practical because they're boring. It's a large overlap with mental calculation tricks, and stuff like computing the day of the week for arbitrary dates.
posted by dhoe at 12:53 AM on February 23, 2014 [1 favorite]
Response by poster: So can we mash assembly language with that pencil game where you shoot missiles and gleefully scribble out the other guy's tank?
posted by jayCampbell at 1:07 AM on February 23, 2014 [1 favorite]
posted by jayCampbell at 1:07 AM on February 23, 2014 [1 favorite]
It wasn't clear to me whether you were looking for practical paper based algorithms, or a canonical list. Password Card isn't an encryption algorithm, but rather, a paper-based mechanism associating symbols that you can easily remember with passwords. Achieves approximately the same result as the OTG scheme you linked.
posted by kovacs at 7:54 AM on February 23, 2014
posted by kovacs at 7:54 AM on February 23, 2014
Well, there's diceware as well, although hybrid approaches to cracking passphrases might make some of the shorter diceware passphrases vulnerable.
posted by CBrachyrhynchos at 11:29 AM on February 23, 2014
posted by CBrachyrhynchos at 11:29 AM on February 23, 2014
The Solitaire cipher linked above was designed for use in Neal Stephenson's novel, Cryptonomicon. One of the threads in that novel has an extended description of the use of this cipher, and the appendix explains how to use it, complete with a Perl script.
posted by RedOrGreen at 11:44 AM on February 24, 2014
posted by RedOrGreen at 11:44 AM on February 24, 2014
This thread is closed to new comments.
posted by procrastination at 8:18 PM on February 22, 2014