Solitaire as a Key Generator

Here is a link to a great website dealing with security and technology: http://www.schneier.com/.

On Bruce Schneier's site, he has a very interesting encryption algorithm simply called 'Solitaire', and it is what it sounds like. The algorithm uses a deck of cards and the game solitaire to create an encryption cipher that can be used to encrypt/decrypt a message. For those of you who have read the book 'Cryptonomicon', by Neil Stephenson, this is the cryptosystem used by Enoch Root and Randy Waterhouse. Check this out:

"Solitaire gets its security from the inherent randomness in a shuffled deck of cards. By manipulating this deck, a communicant can create a string of "random" letters that he then combines with his message. Of course Solitaire can be simulated on a computer, but it is designed to be implemented by hand. Solitaire may be low-tech, but its security is intended to be high-tech. I designed Solitaire to be secure even against the most well-funded military adversaries with the biggest computers and the smartest cryptanalysts. Of course, there is no guarantee that someone won't find a clever attack against Solitaire (watch this space for updates), but the algorithm is certainly better than any other pencil-and-paper cipher I've ever seen. It's not fast, though. It can take an evening to encrypt or decrypt a reasonably long message. In David Kahn's book Kahn on Codes, he describes a real pencil-and-paper cipher used by a Soviet spy. Both the Soviet algorithm and Solitaire take about the same amount of time to encrypt a message: most of an evening.

Encrypting with Solitaire is an output-feedback mode stream cipher. Sometimes this is called key-generator (KG in U.S. military speak). The basic idea is that Solitaire generates a stream, often called a ``keystream,'' of numbers between 1 and 26. To encrypt, generate the same number of keystream letters as plaintext letters. Then add them modulo 26 to plaintext letters, one at a time, to create the ciphertext. To decrypt, generate the same keystream and subtract, modulo 26 from the ciphertext to recover the plaintext."

It's a very interesting algorithm Schneier goes through very easy to understand steps. A few practice runs and you'll be good to go!! Remember, it takes time to get it set up and executed, but it offers a great thrill once you've completed one successfully! For all of you out there who are programming nuts, he offers a multitude of premade scripts that you can use to turn this into a program. http://www.schneier.com/solitaire.html

Have fun!