

The solitaire encryption algorithm (1999) - MindTwister
http://www.schneier.com/solitaire.html

======
kragen
It's been 13 years. Has there been any cryptoanalysis? I can't tell if the
problem Paul Crowley found in <http://www.ciphergoth.org/crypto/solitaire/> is
sufficient to sink it.

~~~
gchpaco
A biased RNG for a stream cipher is very difficult to recover from.

~~~
kragen
What's the effect in practice? I don't know shit about cryptanalysis.

~~~
gchpaco
Unless the data is random (which is to say the additional layer of crypto is
probably not buying you much) you can do e.g. frequency analysis on the output
of the cipher. If you have a reasonable sized corpus (given how biased the
PRNG is, probably a few thousand characters is overkill) you can probably
break it effortlessly.

------
BMarkmann
Cryptonomicon is a great book, btw. It was definitely the one that got me
heavily into Neal Stephenson.

<http://en.wikipedia.org/wiki/Cryptonomicon>

~~~
crikli
I hadn't known that Bruce Schneier created Pontifex for the book as I didn't
know who he was back in the 90's. Kinda neat to circle back to an old favorite
and learn that someone with whom you've become familiar since the last read
contributed a key plot point.

------
B-Con
I remember writing the bulk of the Wikipedia article[1] on this cipher back in
my late teens when I was getting into crypto. Checking back, it's been heavily
edited, but it retains the bulk of the original structure and all of the
original example that I used. Kinda neat.

[1]: <http://en.wikipedia.org/wiki/Solitaire_%28cipher%29>

------
krakensden
I remember reading Cryptonomicon in high school, and being fascinated and
terrified by the Perl implementation of this in the book. It was a perfectly
rectangular, quarter page quote, with no spaces and a terrifying proliferation
of sigils.

~~~
sesqu

      #!/usr/bin/perl -s
      $f=$d?-1:1;$D=pack('C*',33..86);$p=shift;
      $p=~y/a-z/A-Z/;$U='$D=~s/(.*)U$/U$1/;
      $D=~s/U(.)/$1U/;';($V=$U)=~s/U/V/g;
      $p=~s/[A-Z]/$k=ord($&)-64,&e/eg;$k=0;
      while(<>){y/a-z/A-Z/;y/A-Z//dc;$o.=$_}$o.='X'
      while length ($o)%5&&!$d;
      $o=~s/./chr(($f*&e+ord($&)-13)%26+65)/eg;
      $o=~s/X*$// if $d;$o=~s/.{5}/$& /g;
      print"$o\n";sub v{$v=ord(substr($D,$_[0]))-32;
      $v>53?53:$v}
      sub w{$D=~s/(.{$_[0]})(.*)(.)/$2$1$3/}
      sub e{eval"$U$V$V";$D=~s/(.*)([UV].*[UV])(.*)/$3$2$1/;
      &w(&v(53));$k?(&w($k)):($c=&v(&v(0)),$c>52?&e:$c)}

------
jsomers
Here's a little Ruby implementation I wrote a while back:
<https://github.com/jsomers/solitaire>. I hope it's correct...

~~~
michael_michael
Neat. Creating a Ruby implementation of the solitaire cipher was also problem
#1 in the Ruby Quiz: <http://www.rubyquiz.com/quiz1.html>

------
daniel-cussen
I bought a set of Dungeons and Dragons dice (the set that has dice ranging
from 4 to 20 faces) and coded up a Lisp program that turned a roll of 5 of
these dice (approx. 16.4 bits of information) into 16 bits (sometimes you have
to re-roll). With four rolls I have enough data to seed Lisp's 64-bit PRNG,
which was my goal. After all, I use (random x) a whole lot.

[http://dcussen.posterous.com/my-first-toy-in-lisp-was-
random...](http://dcussen.posterous.com/my-first-toy-in-lisp-was-random-x)

------
laumars
This sounds a lot like OTP (One Time Pads) which is more than 100 years old
and was even used, with great success, during WWII.

<http://en.wikipedia.org/wiki/One-time_pad>

~~~
opminion
It's a Stream Cipher, which is an approximation [1] of a One Time Pad, which
allows the key to be much shorter than the plaintext.

The hardest part is how to generate the pad from the key.

[1]
[http://en.wikipedia.org/wiki/Stream_cipher#Loose_inspiration...](http://en.wikipedia.org/wiki/Stream_cipher#Loose_inspiration_from_the_one-
time_pad)

------
dllthomas
I'd love to see another pass at this. I've frequently got a deck of cards on
me, and a 225 bit key isn't bad for a symmetric algorithm; the question is how
to extract it smoothly and easily...

------
dav
Manchurian Candidate!

