Write the secret stuff in a different journal, and keep it under lock and key.
posted by Faint of Butt at 9:46 AM on January 2, 2006

I wouldn't advise anything electronic, because someone could copy it and you'd never know (though.. as opposed to xerox.. hmm). Just write it in your regular one, and keep it well hid. A clever ciphering method should be plenty. I often refer to topics I'd rather someone not know about merely as codewords, such as "having trouble out in the orchard this week." I know what it means, but there's no particular method to figuring out what it is except by asking me, and I'm not spilling it.
posted by vanoakenfold at 9:54 AM on January 2, 2006

Reverse text might work a little, but not really. I think Da Vinci used to do is so people couldn't see over his shoulder, but then he was gifted. A ROT cypher is one where letters are moved along, so to speak, so A->B, B->C, etc, but it is weak and easily recognised. Removing punctuation and spaces makes it harder to read though. If your main objective is to make it hard enough that it's not worth the effort to decypher, maybe ROT would do the trick. Vigenere is very reliable and effective and requires a password (it can even be done by hand if you know the algorithm), but not fool-proof. Then again, you don't need fool-proof. Doing it on a PC is a problem, in that the text can be easily pasted into an application that can just feed out your secrets. Encryption and then handwriting is a good plan, because then it has to be typed up, but that is time consuming. If you are saving the document on the computer, would a password or encryption program not do the job?
posted by Acey at 9:54 AM on January 2, 2006

The question is, how quickly do you want to read it? The more complicated you make it for someone else to decrypt, the longer it will take you to do the same.

Ideally, you want to encrypt the text with a key of your own making. Perhaps that key can be different for each of the entries, or maybe one key (basically a password/phrase) is good enough for your purposes as long as you remember it.

Google up 'one time key' and see what you can do with that.

I'd give you one other suggestion, but I'm running a cryptography contest over at userfriendly.org at the moment that uses it, and I don't want to give away the method until it's solved. Drop me an email if you're interested.
posted by Kickstart70 at 9:54 AM on January 2, 2006

One-time pads are much more straightforward to implement and are perfectly secure if the key is statistically random (and unavailable). OTPs can be implemented without a computer — make sure the key is random, and just keep the key in a safe location.
posted by Rothko at 9:56 AM on January 2, 2006

Print out the ciphertext and stick it in your journal and scan it (ie. OCR) later? Or make a pouch in your journal for a thumb drive and refer to it at that point in the journal? You can put GPG for a few platforms on the drive and use a text file (just remember to back it up).

The point is that unless you're going to use a cipher that you can use manually, you'll have to involve a computer, and if you involve a computer in encrypting it, you'll have to involve a machine in decrypting it... no way around the issue, I think. And if you're going to use a machine, instead of Vigenere, you might as well use hardcore cryptography.

Also, don't write your own encryption apps, even if you're sure you know the algorithm inside out. Go with something that's been out there for a while and peer reviewed etc.

I realize that I haven't really answered your question (ie. pointed out any manually-usable ciphers that aren't susceptible to frequency analysis), just pointing out that, depending on how often you wish to do this and how quickly you want to be able to read what you've written in such a manner, you may have to give up the urge to actually write the thing down and let the computer take care of it.
posted by Firas at 9:57 AM on January 2, 2006

Mirror writing and Caesar ciphers (ie. rotation) are easily crackable, although they do withstand the 'little sister' test (especially rotation, I've used that in the past).
posted by Firas at 9:59 AM on January 2, 2006

I've just re-read and realised that you are not doing it on a computer, in which case I am not too sure. A simple and surprisingly effective method involves cutting each letter in two somehow (so for instance, W could be V V and O could be U n). This is easy to read for a person that knows it, but hard due to it's simplicity. The simplicity also means it is easily foiled over large amounts of text. It's good to vary how you do it, that way just as they get the hang of it, you switch to other patterns.

Other than those, I could recommend using more than one simple cypher. That works wonders.
posted by Acey at 10:00 AM on January 2, 2006

what about a homophonic substitution cypher?
posted by snownoid at 10:05 AM on January 2, 2006

Start using an ancient alphabet whose letters corrispond to ours but look nothing the same :)

Alternately, learn latin/greek and just write in that.
posted by devilsbrigade at 10:06 AM on January 2, 2006

Incidentally, don't discount your ability to do the Vignere encoding by hand. If you use the same keyword frequently, it will become almost second-nature to write in ciphertext.
posted by Wolfdog at 10:07 AM on January 2, 2006

How about some steganography? Buy an "invisible" or UV-ink pen and write on the verso side of the page. Put a known symbol (or hell, even a series of tags) on the recto side (for example at the top right corner, above the normal journal text) so that you can scan the book and know where to find the hidden entries.

Personally, if I had to rekey every entry twice, once to encrypt it, and once to decrypt it, that would be the worst kind of security (since I would never do it).
posted by Hildago at 10:09 AM on January 2, 2006

Maybe a completely made up alphabet combined with no punctuation would be quite easy. It wouldn't take long to get used to using some strange glyphs or something.

Failing that, learn Esperanto!
posted by Acey at 10:14 AM on January 2, 2006

Pessimist sounding in. Since it's a "casual" invasion of privacy you're worried about I'd just put a little extra effort into keeping my journals secure. Either that or journal on your computer and encrypt with MaxCrypt or something. Any other method and I would speculate that it will probably prove too cumbersome and you'll just discard it quickly.
posted by JamesMessick at 10:17 AM on January 2, 2006

Invented alphabets are frequency analysis fodder.
posted by Firas at 10:18 AM on January 2, 2006

Personally, I like Hildago's solution best. Are your interceptors going to hold each page to candlelight? Probably not.
posted by Firas at 10:19 AM on January 2, 2006

Invented alphabets are frequency analysis fodder.
posted by Firas at 10:18 AM PST on January 2 [!]

I've been developing one (just for fun, no real intention) over several years now that uses things like letter-stacking and letter-merging that I think might throw off frequency analysis. Not that I've ever had anyone try. The closest I've had is give them their name in the code, then have them try at decoding a sentence or paragraph. No clue how well a puzzle fan would do without the extra help.
posted by luftmensch at 10:28 AM on January 2, 2006

If you use the same keyword frequently, it will become almost second-nature to write in ciphertext.

Yes, but this will make it childs play to break all of your entries, even by hand. A Vignere cipher falls to the rather simple Kasiski method, which is well known amongst amateurs with a passing interest like myself. If I found your notebook, it would be my first though after simple frequency tests.

Wolfdog's suggestion is the only really good one if you insist on going the pen and paper route. I have a different reccomendation.

Pen and paper security will be tedious. You will need to write everything, encrypted it, and destroy the origional. This would stifle my creativity, and all the work would still leave you with something rather easy to crack (relatively speaking).

I asked something similar a while back. My solution, after considering the sage advice of several MeFites, was to use Twiki running inside an encrypted partition and on Apache with SSL on and logging off. The browser doesn't cache anything to the harddisk, I have 1GB of ram so swap is unessecary. I use Diceware for passwords, which I try to update fairly frequently.

Overall, I think this is fairly secure setup. If I wanted to increase the paranoia level a bit, I'd disconnect from the net every time I mounted the secure parition and I'd crawl inside an underground faraday cage and run my laptop off the battery.
posted by phrontist at 10:31 AM on January 2, 2006 [1 favorite]

Hildago's suggestion is good. If you just want to prevent casual snoops that's a good way to do it. This place sells UV ink, and you could buy a nice fountain pen to put the ink in. Man, that's a neat idea.
posted by phrontist at 10:35 AM on January 2, 2006

Secrect Decoder Badge.
posted by airguitar at 10:51 AM on January 2, 2006

When I was a teenager I invented a code system that was easy to write and very easy to read, yet surprisingly few of my friends ever cracked it on their own:



Looking at it now it seems trivial to read, but I'm wondering if it's as obvious to someone who doesn't know the system.
posted by justkevin at 10:53 AM on January 2, 2006 [1 favorite]

Shorthand? Easy to learn, easy to use for you but probably enough of a barrier for almost everyone else. Does anyone still teach shorthand anymore?
posted by mediareport at 10:57 AM on January 2, 2006

As a followup to the one-time pad suggestions earlier - what about a one-time pad using the previous entry, or an entry that you come up with via some algorithmic method? (For example, if the entry starts on an even page use the text on page/2 + 3 or something like that). It would seem difficult to crack, as an attacker would have to a) figure out that it was a one-time pad, and b) go through your journal to figure out which section of text was the pad.
posted by true at 11:03 AM on January 2, 2006

what about a homophonic substitution cypher?

They broke Poe's "The Gold Bug" eventually, but as long as you use at least a twenty or so variations for each letter it's probably the quickest and easiest solution. Throw in a fair amount of misspellings and gibberish into the mix would help a lot.
posted by bobo123 at 11:09 AM on January 2, 2006

Llike justkevin, I invented an alphabetic script, with some shorthand characters for various common digraphs like th and sh. I filled sketchbooks with doodles and script.

Justkevin's appears to be rune/elvish influenced. Mine was influenced by arabic writing.
posted by jimfl at 11:12 AM on January 2, 2006

No one's yet mentioned the playfair cipher which is pretty simple to do by hand (though you will still have to destroy some scratch paper) and somewhat stronger than the vignere cipher. It is still entirely breakable, though (for instance this page links to a bunch of playfair solvers).
posted by advil at 11:32 AM on January 2, 2006

wouldn't playfair be suitable? it's fairly simple/portable and resistant to basic frequency analysis. the only real problem is that it's not possible to go dircetly frm cipher to plaintext in your head.
posted by andrew cooke at 11:35 AM on January 2, 2006

My wife does what justkevin does. She has three such invented alphabets, only one of which I can read.
posted by BackwardsCity at 11:44 AM on January 2, 2006

I think your best bet is a transposition cypher. Let's say that the text you want to encrypt is: The sky above the port was the color of television, tuned to a dead channel.

First, you write the text to be encrypted in columns, in a grid:

T K O H R S C R E I N E A D N 
H Y V E T T O O L S T D D C N
E A E P W H L F E I U T E H E
S B T O A E O T V O N O A A L

...and then choose a pattern for the key. Let's say, an inwards clockwise spiral, starting from the bottom left corner. This gives us a cyphertext of:

SBTOAEOTVONOAALENNDAENIERCSRHOKTHEAEPWHLFEIUTEHCDDTSLOOTTEVY

And now we break it into groups of four, because our columns are four characters tall:

SBTO AEOT VONO AALE NNDA 
ENIE RCSR HOKT HEAE PWHL 
FEIU TEHC DDTS LOOT TEVY

Presto. Encrypted.
posted by Jairus at 11:45 AM on January 2, 2006

The UV pen idea is cool, but is there a version that writes in dark ink, then fades, leaving behind UV?

More on invisible ink:

http://en.wikipedia.org/wiki/Invisible_ink
posted by craniac at 12:02 PM on January 2, 2006

I'd write it in Sutterlin. Once you learned it it would be easy enough for you to read but would discourage the casual finder of the journal from being able to do so. Unless you happen to live in Germany.

Personally, if I had to rekey every entry twice, once to encrypt it, and once to decrypt it, that would be the worst kind of security (since I would never do it).

I agree with Hildago on that. Whatever system you choose, if you make it too complicated you might be unlikely to use it. I think Sutterlin has an advantage over reverse writing in that it's not so easy to defeat (with a mirror). It would be relatively easy to defeat if someone knew that it was in Sutterlin but without that knowledge it might take more work than the casual finder is interested in.
posted by 6550 at 12:14 PM on January 2, 2006

Like Media report, I suggest shorthand. Besides that very few people (other than elderly former secretaries) can read it) it would be kind of cool to learn an ancient code that hads no connection to geekdom or the military.
posted by wryly at 12:21 PM on January 2, 2006

Actually my code above isn't an invented alphabet.

It has the advantage (and downside) that once someone has learned the secret, they can read messages written in it almost as quickly as plaintext. It's also nearly impossible to forget.
posted by justkevin at 12:27 PM on January 2, 2006

Well, just about anything you can do with a pen and paper short of a one-time pad can be cracked with ease. But if you are just interested in the "little sister" level of cryptography, you might think in terms of a code-book rather than a substitution or transposition cypher. The difference while cyphers work on a letter-by-letter (or bit-by-bit) transformation, codes work on entire words or phrases. The nice thing about codes is that a well done code at a casual glance can look just like plaintext or be embedded in plaintext. This might work well if what you are interested in encrypting involves a limited number of names or verbs. A common practice in social sciences research for example is to give all participants pseudonyms, and use a pseudonym for the name of the research site.

Also, don't underestimate the power of metaphor and allegory for casual obfuscation. The problem with substitution and transposition cyphers is they stick out like a sore thumb on the page and invite scrutiny. However, if someone reads your poem about flowers as having a hidden double meaning, you can always maintain plausible deniability.
posted by KirkJobSluder at 12:48 PM on January 2, 2006

Or to extend the allegory idea a bit further, you can use codes and allegory disguised as fan fiction. Nobody wants to read someone else's fan fiction. Seriously.
posted by KirkJobSluder at 12:50 PM on January 2, 2006

That is pretty easy to read, kevin, but it seems like it might be hard to write.
posted by graventy at 1:15 PM on January 2, 2006

it took me several(?) minutes before i got kevin's. that's pretty neat, imho, but once it's clear, it's really clear. in practice, you might want to use something that has a certain cost in reading even if you know the secret.
posted by andrew cooke at 1:23 PM on January 2, 2006

Something simple that you can encode/decode anytime with pen and paper: the Beale cipher ... but instead of the Declaration of Independence you can use another entry in your journal as the key text.
posted by StarForce5 at 1:25 PM on January 2, 2006

justkevin, could you post the cleartext of yours?
posted by Jairus at 2:00 PM on January 2, 2006

(maybe ROT13 it to not spoil it for anyone who wants to figure it out?)
posted by Jairus at 2:17 PM on January 2, 2006

justkevin's text is not a script. have you ever seen those bumper stickers that look like abstract lines until your brain flips over to the "other" state?

think "negative space" :)
posted by joeblough at 2:20 PM on January 2, 2006

I agree with KJS. If you are an obsessive journaler, and your journal is packed full of writing, especially if it's small writing, hide your secret stuff in plain sight, and rely on annoying or boring the reader. Drop in and out of Shakespearean English, Pepe Le Pew French, Huckleberry Finn drawl and Clockwork Orange argot if you feel like it. Stuff like that. Cause pain.

Secret codes and made-up alphabets just say, "look! I'm a secret!"

If I were to use secret codes, I'd stick 'em in a book full of Timecubeish ravings. "Oh, look," says the reader. "Secret ravings."
posted by furiousthought at 3:16 PM on January 2, 2006

yeah, it took me about ten seconds to read justkevin's text, but that's because he tipped his hand by mentioning how easy it was to read.
posted by fishfucker at 4:00 PM on January 2, 2006

i'm still surprised none of your friends figured it out.
posted by fishfucker at 4:01 PM on January 2, 2006

no sex = bad eyes?
posted by NucleophilicAttack at 4:08 PM on January 2, 2006

In some of my journals, I use a substitution cipher. I view it a lot like a door lock. Anyone determined could probably get in anyway, and afficionados could probably read it handily, but I've rarely had to worry about either kind of person having access to the physical space with my journals. This is one of those situations where a weak solution is probably good enough, because it's part of a chain of other considerations involving physical security and trust, and also because none of my secrets are huge.

I think the people here are right on saying anything that's probably useable with a paper journal is likely to be defeatable by a determined smart puzzle enthusiast, and the right solution is therefore some kind of obfuscation combined with a simple cipher.

I like justkevin's method a lot, but once told it wasn't an alphabet, it took me 10 seconds to see it. It might be because I've been looking at a *lot* of graphic design over the last 2 years, though, and it's not uncommon to find artists using that device. I think with some further stylization, you could make it harder, though.
posted by weston at 5:08 PM on January 2, 2006

If you want to be able to do it in your head, you're better off combining several simple methods than using one complex method. Like, combine a simple substitution cypher with a code book for the most common words, plus transposition. Spell words phonetically, replace "the" with "RO" and "A" with "M" or the like, to throw off frequency analysis a little bit. With some practice you'll be surprised at what you can do off the top of your head.

But KirkJobSluder wins, seriously.
posted by RobotHero at 5:23 PM on January 2, 2006

Some ideas...

1. Make a complex origami fold. Write on that, taking care to write letters so they span physical pieces of paper. Unfold it. Xerox it (to hide the folds. Tuck it in your journal. To "solve" simply re-do the origami fold.

2. You probably dont need to "encrypt" all the words, just the important ones, usually key verbs and nouns: for example: "I have feelings of lust for john" is safe as "I have oranges of trapeze for books" To get the second word from the first, do something simple like: look up the word in a specific dictionary. find the word that comes in the same position in the page, 5 pages forward etc.
posted by vacapinta at 5:28 PM on January 2, 2006

You clearly don't need something that will resist analysis, but just be opaque to casually prying eyes.

I'm surprised no one's suggested Tengwar.
posted by zadcat at 6:08 PM on January 2, 2006

A while back, I learned to write in Elian. Easy to learn, pretty to look at, certainly difficult to crack.
posted by unixrat at 7:52 PM on January 2, 2006 [1 favorite]

I bind my own journals, and I always include a few pages that are actually envelopes sewn into the binding, with the openings facing out. Anything I wouldn't want a "slightly more than casual" perusal to uncover gets sealed in one of those.

If I want to re-read the thing myself, I can do so and then put it in another "envelope page", or just tip in an envelope directly on a regular page.

Anyone who cracks open a sealed envelope has gone way past "slightly more than casual", sez me.
posted by ersatzkat at 8:04 PM on January 2, 2006

Find a Navajo, and get him to write it down for you.
posted by gimonca at 8:19 PM on January 2, 2006 [1 favorite]

justkevin: Once I actually stopped to look at your image I guess it took me maybe 30 seconds to work out the message, though it's not a stupid idea. I think if you combined the method with some sort of substitution cipher you'd be onto something that would give a lot of people a real challenge, though I don't know how it would stand up against someone with a serious amateur interest in codebreaking (which, by the way, I'm not).
posted by planetthoughtful at 8:51 PM on January 2, 2006

This thread is closed to new comments.