U. Fridman

Post image for Securely Encrypt Messages with a Deck of Cards and Solitaire

Neal Stephenson’s cypherpunk novel Cryptonomicon contains a cryptosystem called Pontifex. This low-tech cryptographic algorithm uses a deck of playing cards to encrypt and decrypt messages.

Outside of the book, this algorithm is actually called Solitaire. It was designed by cryptographer and security expert Bruce Schneier at the request of Neal Stephenson. Solitaire allows secure communications without having to rely on computers or other tools that might indicate that cover channels are being used, or where access to a computer is not possible. It was designed to be secure even against the most well-funded adversaries with the biggest computers and the smartest cryptanalysts.

Solitaire gets its security from the inherent randomness of a shuffled deck of cards. Using this deck, keyed in a special way, two people can create a set of random letters that will be use to encrypt the messages. The process is somewhat slow, but it’s hard to spot that a deck of cards is being used to encrypt information. [Read More…]

{ 11 comments }

Post image for Using Red Team Tactics to Secure Your Virtual and Physical Perimeter

The art of war teaches us to rely not on the likelihood of the enemy’s not coming, but on our own readiness to receive him; not on the chance of his not attacking, but rather on the fact that we have made our position unassailable.
– Sun Tzu

Defined loosely, a Red Team is a group of experts engaged in the practice of viewing a problem from an adversary’s perspective. This adversary can be an enemy trying to infiltrate the perimeter, a competitor trying to get the latest marketing documents or a robber trying to break into a house.

The goal of most Red Teams is to enhance decision making, either by finding and pointing to the weak links in a security system or by simply acting as a devil’s advocate. [Read More…]

{ 8 comments }