Human-oriented encryption: from Solitaire to Multitaire Jean-Jacques Quisquater and BoF participants UCL Crypto Group Université catholique de Louvain firstname.lastname@example.org http://uclcrypto.org August 16, 2005 Rump session Crypto
Solitaire (Bruce Schneier) • http://www.schneier.com/solitaire.html • Solitaire gets its security from the inherent randomness in a shuffled deck of cards. By manipulating this deck, a communicant can create a string of "random" letters that he then combines with his message. Of course Solitaire can be simulated on a computer, but it is designed to be implemented by hand. • Solitaire may be low-tech, but its security is intended to be high-tech.
BoF, this afternoon • Ten people discussed during one hour, • How to improve, • How to use many people not only one.
Ideas • Use pro magicians in order to perform very good and reproductible shuffles • Brent Morris (NSA) likes to say that he's the only person with a doctorate in card shuffling • Diaconis, P., R.L. Graham, and W.M. Kantor. 1983. The mathematics of perfect shuffles. Advances in Applied Mathematics 4:175. • Morris, S.B. 1998. Magic Tricks, Card Shuffling, and Dynamic Computer Memories: The Mathematics of the Perfect Shuffle. Washington, D.C.: Mathematical Association of America.
More techniques • Using automata theory (life game of Conway?) • Simulating a large nonlinear feedback register by using a lot of people around a table and cards for storing and communicating information (flipping card): here a lot of problems appear and many optimisations are possible • Random generation? • Use of other games (Chess, Go, ...?),
Conclusions • Many open problems. • Performances, new criteria of design, taxonomy, ... • But is it useful? • Yes, creating a funny BoF and giving a rump talk. Thanks to the participants. More next year.