Article <1053kn9$3imh3$2@dont-email.me>

Deutsch English Français Italiano
<1053kn9$3imh3$2@dont-email.me>

View for Bookmarking (what is this?)
Look up another Usenet article
Path: nntp.eternal-september.org!news.eternal-september.org!eternal-september.org!.POSTED!not-for-mail
From: Rich <rich@example.invalid>
Newsgroups: sci.crypt
Subject: Re: AI's take on my cipher...
Date: Mon, 14 Jul 2025 19:10:33 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 60
Message-ID: <1053kn9$3imh3$2@dont-email.me>
References: <1049c0q$10d0c$1@dont-email.me>   <104r7eo$1i08p$1@dont-email.me> <95a6f265f6bdddcd037a7e48cf5258e77cec9b15@i2pn2.org> <104uecv$2ak1k$1@dont-email.me> <8e54a93978459bb7baa6896adc62508b9deb7d78@i2pn2.org> <104uqme$2cu71$1@dont-email.me> <1050ffb$2q09e$2@dont-email.me> <da6f83987b8b26ab31d7548607aaa6529a7a0f06@i2pn2.org> <10536me$3fgpt$1@dont-email.me> <49d6be48c0d398c0f4e4f95d0566ff9a98e94353@i2pn2.org> <142019b0acc3e2d5159126851baeb0d31d0919b1@i2pn2.org>
Injection-Date: Mon, 14 Jul 2025 21:10:34 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="8a23a2a3293dacde61eee0f701b686e4";
	logging-data="3758627"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX1+f0J7hnSy8iJkLnrL4zaXd"
User-Agent: tin/2.6.1-20211226 ("Convalmore") (Linux/5.15.139 (x86_64))
Cancel-Lock: sha1:RsvaV1wt4/SGvk/6YG2bosm81Xc=

Stefan Claas <stefan@mailchuck.com> wrote:
> Stefan Claas wrote:
>> Rich wrote:
>> > Stefan Claas <stefan@mailchuck.com> wrote:
>> > > Rich wrote:
>> > > 
>> > > > And, how accurately do you think the average person who wants to send 
>> > > > an encrypted message will be at typing this:
>> > > > 
>> > > > KqHtqbSca2hvI02pCMHtdKQLfHhW6OeN7iK1Fg45nMpoT+to8XpwpvARkW6UziY0iyZWUEgP/gol
>> > > > gz5p3XpGCe0hZbYV2IYYLDvvRjGWj1k5IHkDX4WshBZvI5fhVssJOqVI3bzqdEW3XLD4NoGKVQg3
>> > > > ZeNaSJs2hBySnkBoKGI=
>> > > > 
>> > > > That's 128 random bytes, base64 encoded.  128 bytes is right about the 
>> > > > original "tweet length" of tweets on shitter, so there is a severe 
>> > > > limit of the amount of information that can be transferred.
>> > > 
>> > > That why I have my az and ug program for people available, but it uses 2
>> > > bytes, which should be no problem.
>> > > 
>> > > $ openssl rand 128 | az | ug -g
>> > > ZMAXT OPNWC LZWIF OQIMR PNNQV BFQLC BRZDA RUFBT ROLQS GOLKA
>> > > KKNJF ULBLO WINNL IIVVK FWTEE XRGBS UJCYS DCMWH JUMAA VLLNX
>> > > MJMYS LHSKG ENKLL LUGBN YNDSP AJYMO OXUBC YQNOY QMFYW ABOPH
>> > > NUVCJ KMFCM XKDVM EEXYL LVUKO VVGAU UACYV OHKUG GTVAA MWDLO
>> > > KCPYN HOWVM DPNHA ZMGHV MFIKW DILNO FYQHK VQELK OMFNL EOLTL
>> > > ETMPL S
>> > 
>> > Yes, easier to enter than raw base64.  But in this case this "easier" 
>> > is like the fact that it is "easier" to move 10,000kg of sand 1km by 
>> > hand than it is to move one single 10,000kg rock 1km by hand.  "Easier?" Yes, 
>> > but no one will actually want to do so either by hand if they have 
>> > other alternatives.
>> > 
>> > No one, except for the very very truly determined (a tiny sized 
>> > population), will want to hand type that to maintain proper 
>> > air-gapping.  So they will use USB sticks or other methods to "move" 
>> > the data, opening up the possibility of transfer of an exploit via that 
>> > same USB stick.
>> > 
>> 
>> A 3.5 ich disk drive and disk for it come in handy, because you hear
>> every read/write process and can quickly examine the sectors with a
>> disk editor.
> 
> Or better yet, a Telefax and mulitunction offline printer with scan
> option for OCR and the offline PC. With a 16 point mono font you get
> 2000 chars with my az encoder and under Windows OCR is 100% reliably
> scanned from an A4 page.

This is your best bet for making it such that all but the most 
determined are possibly likely to use the system.

The air-gap machine has to have an integrated scanner and printer, and 
OCR software (or else you need to use barcodes for input -- which might 
be more reliable for input).  The user would print the "code", 
scan/read it on the airgap machine, decrypt, create return, encrypt, 
and then print the encrypted version for input to the networked machine 
for sending.  You might at this point also want scan/ocr capability on 
the network machine to read the printout and convert to digital data.