Tuesday, December 9, 2014

Project CuttleFish - "virtual envelopes" for data

The small text encryption for grandma project Hide-a-KeyText has been a great learning experience **.

For easy but decent protection without messy passwords or the danger of sending your private PGP key to the world, Hide-a-KeyText is a neat option. The old timey Beale or Running Cipher is still there but only as a first pass, supplemented by a second using AES-128 encryption.

Your garden variety criminals won't get through.

The most interesting factoid about Beale/Running Ciphers is that n-grams are bad ass. At the same time, the known efforts to crack these ciphers with n-grams and lots of hot chips are weirdly linear.

A sentence has a beginning and an end.

So, they start reading at the beginning of a message and finish at the end. This means that there can be some more life in these old ciphers if you shuffle the original text with the aim of upsetting the n-grams. Try a virtual paper shredder before the encryption.

But today, we announce Project CuttleFish. Known for its amazing ability to blend in with their surroundings, the cuttlefish seems an okay simile for the new project's name. 

Project CuttleFish will not be about encryption but about making data look different. In the industry, an approach called obfuscation is well known, but Project CuttleFish will bring the joys of looking different to end users.

It is not a new idea. Have a look at the Free Online Barcode Generator for some fishy text camouflage.

Hide-a-KeyText uses the principle by making a message appear to be a .png image or a .wav audio file.

But there are many more suitable formats out there. The first CuttleFish piece will be an executable program that only runs on a specific computer. Run it on a different one, and it will delete its message.

After this, various data packaging formats will be explored. A nice, utterly bogus spreadsheet is likely to be the first in the series.

For sheer fun, because it is fashionable, we'll do a "virtual DNA" packaging piece, using only the letters ACGT. Making up visually appealing fake folded proteins would be a challenge but is beyond ability and scope.

The explicit aim of Project CuttleFish is create a library of "envelopes" for online data. Very much like real life postal envelopes, they will come in different sizes, and their content will be utterly up to you.

** We are happy to see that Java (tm) is doing fine, and we are not blaming it on Oracle.


No comments:

Post a Comment