General Operation.
Cryptographs are typically operated with 2 keys, a ‘public key‘ that is accessible to everyone, and a secret, ‘private key‘ that is essentially used for the decryption. In the simplest case, the sender uses only the ‘public key‘ for encryption, while the recipient of the encrypted message requires both keys for the decryption. The keys are coordinated. For cases where e.g. the recipient wants to send a secret reply to the sender, key pairings are needed. The cipher version V 3 offers fast, secure encryptions. The secret exchange of the ‘private key‘ between sender and recipient is explained below. The cryptograph can be used by several partners with different ‘private keys‘. The complexity of the cipher version V 3 will also be explained below. The older cipher versions V 1 and V 2 are no longer used here; these were simple encryptions with alphabetic shifts of letters and ASCII characters. The ‘public key‘ of the program versions 1.3.xx is already integrated in the adjoining cryptograph. The domain of the homepage is encrypted via SSH. During your visit you cannot be watched by hackers on my homepage!

Input Fields and Buttons.
Texts, formulas, passwords or program source codes can be pre-typed and simply copied into the input field - input box. In addition to letters, also numbers and ASCII characters can be entered. It is only allowed to set one blank between words. At the end of a text or a single word no blank should be set. The ‘private key‘ is written in the input field - private key. The program is activated with the radio-button V 3. More about the ‘private key‘ see under the next headline: Private Key for the Cipher Version V 3. For the encryption the button [encrypt] is pressed resp. for the decryption the button [decrypt]. The button [delete] clears both the inputs and the outputs of the cryptograph; the cryptograph will be reset. A brief explanation of the principles of ciphering can be found in the appendix.

Private Key for the Cipher Version V 3.
Encryption (button [encrypt])
In the field ‘private key‘ 7 capital letters are entered from the Latin alphabet.
Decryption (button [decrypt])
The same key is entered in the field ‘private key‘ as in case of encrypting.
The 7 freely selectable capital letters are to be selected from the Latin alphabet, umlauts are not permitted. For security reasons, a fictitious, cryptic name should be chosen here which does not contain one and the same letter a second time. Alternatively, one can determine a ‘private key’ for version V 3 with the built-in random key generator in the cryptograph. In the field ‘private key’ the word 'random' is written and afterwards the button [encrypt] is pressed. As long as the button [delete] is not pressed, the ‘private key’ is stored in the background and can be recalled only once with the word ‘retrieve’ in the field ‘private key’ and the button [decrypt]. To retrieve the ‘private key’ a second time is not possible because the generated ‘private key’ is deleted after the first recall. The procedure can be used for the secret key exchange between the sender and the recipient. The sender of the secret message informs the recipient to generate a ‘private key’ via the cryptograph at a defined time. The generation takes place according to the above instruction. Immediately thereafter, the sender can retrieve the 'private key' from the cryptograph. If an unauthorized person first retrieved the ‘private key’, the ‘private key’ would not be available to the sender of the secret message, the external intervention would be revealed. The described key exchange can be reconstructed and checked with 3 PCs (sender, recipient and hacker), which have called the cryptograph via different networks. The integrated ‘public key’ is protected against malicious manipulation. An explanation will be given below.

Sending encrypted Messages.
Encryption and decryption must always be performed under the same program version. The current program version is noted at the top of the cryptograph. Older program versions can only be partially released via the administrator of the homepage. The one-line input of the plaintext or the multi-line output of the encrypted text is limited to 3800 characters. Attention! In the case of the cipher version V 3, the encrypted text output is approx. 60% longer than the plaintext; the plain text may therefore not exceed 2320 characters, or the counter reading may not fall below 1480. Before each new encryption, press the button [delete]. The return or enter key of the keyboard must not be used when entering. For a paragraph, e.g. a slash / can be used.

For the direct transmission of the encrypted text by email, one and the same text format, e.g. UTF-8, must be used in the email programs of the sender and recipient. If other file formats are used there, the decrypting may finally not be readable. Necessary adaptations can be bypassed by saving the encrypted texts as a text file (.txt) under the UTF-8 encoding and sending the encrypted message as an email attachment. The procedure under Windows 7, 8.1 or 10 is as follows: In the file folder of the Windows Explorer will be opened a window with the right mouse button in which under 'New', 'Text Document' a text file is created e.g. with the name 'secret.txt'. The encrypted text is then copied to the open file. Then under 'File', 'Save as ...' before the key operation 'Save' is activated the coding UTF-8 must be chosen out of the options, ANSI, Unicode, Unicode Big Endian and UTF-8. Only then the button 'Save' may be pressed. The encrypted text is now stored correctly and can be sent as an attachment by mail.

Key Security and Error Prevention.
The security of the algorithm of the encryption should depend on the choice of the private key and not on the security of the algorithm of the public key. The algorithm of the public key cannot be kept secret in a long term. The plaintext should be as short as possible and the encrypted text as long as necessary. Strengthening of the encryption is achieved by incorporating dummy characters in the encrypted text and thus masking the text content. From the encrypted texts, no character structures should emerge, which allows the frequency distribution of the characters by means of a statistical evaluation. These requirements are fulfilled by the cipher version V 3. In version V 3, with k = 7 unequal capital letters from the Latin alphabet with n = 26 letters in a disordered order, M = 3,315,312,000 combinations according to the relation M = n (n - 1) (n - 2) ... (n - k + 1) = n! / (n - k)! are possible. This corresponds with an ‘up rounded’ 32-bit encryption. To achieve a 64-bit encryption, the private key must be extended from 7 to 14 capital letters. If a 64-bit encryption is to be carried out with the present cryptograph in version V 3, the encryption is to be performed a second time with another, separate private key. The cryptograph should be reset before the second encryption using the button [delete]. For the second encryption the first encrypted text has to be copied and inserted into the input field - input box -. For the decryption the whole procedure has to be done backwards. The process should be done controlled in order to avoid execution errors. It should always be kept in mind that with every additional encryption, the encrypted text lengthens by about 60% and that the maximum encrypted text length is limited to 3800 characters. If 4 encryptions are executed behind each other, the cryptography allows a 128-bit encryption. The cipher version V 3 algorithm includes a number matrix that can be rewritten with a random number generator at any time; it changes under the cipher version V 3 the program version of the cryptograph. This also changes the connection between the public and private key, and the cryptograph can no longer be used to decrypt older encrypted texts.

A 32-bit encryption offers only limited security. The probability W of the key break is calculated according to the relation W = n! / [k! (n - k)! ] with n = 26 and k = 7. It is only 1 to 657,800. With a built-in delay of one second after each false attempt, encryption would be broken after just 7.62 days. In order to be able to perform with the cryptograph no attempts to decrypt older encrypted text, the program version of the cryptograph must be changed after a security-relevant time. Alternatively, the cryptograph can be easily locked after a certain number of failed attempts. The respective time windows must be matched between the sender and the recipient of the message. For a 64-bit encryption with version V 3, the probability of key break is 1 to 1,768,966,344,600. If the turnaround time for a trial loop is 0.1 milliseconds, breaking the key takes 5.69 years. The probability of key breaking the cryptograph with a 128-bit encryption is
1 to 1.791552855861x1025.
The numerical value provides a relatively high level of security, which should never be considered as absolute!

Example of a 128-bit encryption:
Plain text: The gold treasure is 2.753 km north and 3.543 km west of the cathedral buried in 10 m depth.
Encrypted text under the program version 1.3.10 with the cipher version V 3:
AgsE XallY YBiVZ NWWJC ii+tm eAByf r92Q2 BCbsB pd5BS gg9nc WBCTJ mXQgB ie5R4 g/BCe Jdode Byf/x kdYBC Z+5WQ DCSh4 B2Q2B CdBS4 cpByR Y9HYl ByhC1 nQcBi e7l0c IBiZg lmdoB CRA+F cmBih +t3Ui BCW4F GW2Bi ev5Ve 0ByQC +3Y7B CRK1H V+Bie tp0ge BSZf1 ldfBi RalVc +BCV+ l2YmB CVvdo e2ByZ DyHS2 ByR69 3ZnBS Se9Hf +Bie6 xFiQB SdEGn dzBSg hlIdD BCV+x WQDCS hvdIX 2BCbJ xoX2B yaY93 Z7BSb gxnfQ Bie51 1hGCy dG2md nBCgx FVZmB CX+FH flBii 9VIa2 Bide1 4UwBS RL93Z JCydN 2XQ+B ies9G RACSd Fmldn BiWL6 XcYBC Z+9Xi AByd7 FHU2B iYtxo RzBig H93cV BSXQp GVCCi e4J5f GCSeE +odyB yV/pY c8BCY +1XZ7 Big8x EY2BC atR4Q 2BSWL 9HaBB yheln QDBie qZ4ex BCbGm ldiBS f71oZ CBCV+ xXVzB CT8l0 R2Bia eFVdm BiahJ HWQBi PyAFIE

For decrypting, the following 4 keys are to be used consecutively under the program version 1.3.10 with the cipher version V 3:

Errors in handling and transmission cannot be excluded; therefore the encryption should be checked before shipment. For decrypting, the document should be used in the same text format as it was read out from the cryptograph. In the storage and operations of transmission, e.g. as an attachment in an email, the encrypted text format must not be changed. When copying individual encrypted text words or a text into a text file or into the cryptograph, the first or last ciphered character must not get lost. Unnecessary blank spaces should be avoided in the text and at the end of the text. For longer plain texts, a mark should always be added at the end of the text, for example, a hashtag "#END", or only the word "END". It serves to check the text length. In the case of the cipher version V 3, texts shorter than 6 characters or single words longer than 35 characters are not allowed. Administration changes are required for changes in the input word lengths. Mathematical expressions like 267 are to be written in the form 26exp7. Umlauts do not necessarily have to be rewritten for the encryption. Nevertheless, the cryptograph offers a separate, automated option with the button [autxtch]. Attention! The conversion works only if the text coding in the browser is set to 'Western European (Windows)'. After decrypting the transferred umlauts can be transformed back to its original form again. The text is copied into the input field - input box - and in the field - private key - the word 'umlauts' is entered, finally the button [autxtch] is pressed. The original representation of the umlauts is restored. It should also be noted here that the browser must be set to the coding 'Western European (Windows)'. The author gladly accepts hints to errors. The email address can be found in the table of contents under Imprint.

The use of the adjacent cryptograph is only permitted for private purposes, liability is excluded.

Appendix: Brief Explanation of Principles of Cryptography.

In simple Caesar encryption, the letters are offset from each other:

Plain text letters:      A B C D E F… U V W X Y Z A B.
Cipher text letters: X Y Z A B C D … S T U V W X Y Z,
i.e. instead of a C, an A is written and an U is written instead of a W. The encryption is relatively simple and therefore not very secure. One speaks of a mono-alphabetical substitution of the text. In a poly-alphabetical substitution, different numbers of letters lie between plain and cipher text letters, for example, a C becomes a F and a L becomes a X. In reverse encryption, the alphabetic letters of the plain and cipher text are arranged in ascending order in the opposite direction. At the same time, the arrangement can still be offset from one another.

In the Enigma cipher machine of the last century, several rotating discs are arranged close to each other on a horizontal axis. On the faces of each disc 26 electrical contacts are evenly distributed on a circumference. Each contact features a letter. However, the contacts on the front sides are connected to each other differently on the back side of the discs. For example, the contact A on the front side is connected to the contact C on the back side of the disk. While the first and the last disc are fixed, the discs rotate between them according to a specific switching mechanism. The contacts of the discs to each other describe the momentary displacement of the letters. This results in different current paths through the discs. The last disc in the row serves as a current diverter, allowing the current to flow backwards through the discs. At the end of the current flow through the disks there are lamps with the cipher text letters. With each switched connection from a contact of a plain text letter of the first disk is set a current circuit to a lamp of a cipher text letter. The rotating displacement of the discs by one contact after each keystroke causes a change of contacts so that even two identical letters in a plain text word always let burn a lamp of another cipher text letter. If no disc would rotate, the cipher text would always be the same for a given plain text letter. The number of rotating disks used increases the security of the encryption. The former, patented electro-mechanical technology of the Enigma machine is not easy to break even with today's means, unless the contact connections of each disc and the number of discs of the machine are known.

Encryption with ASCII characters has the advantage that the palette of special characters can be used to encrypt and decrypt single-line formulas.

Modern cryptography with a "public & private key" is associated with the names Ron Rivest, Adi Shamir and Leonard Adelman, who developed the so-called RSA algorithm around 1977, which is based mathematically on the number theory. Letters are converted into numbers via ASCII coding and encrypted with the RSA algorithm. First, the public and private keys are generated, and then, with the Euler theorem and the extended Euclidean algorithm, the transformations of the numbers are performed. The security of the RSA algorithm stands and falls with the key length, which in turn determines the number of decimal places in the arithmetic operation. With a PC that accesses an FTP server via the Internet usually has no more than 20 decimal places, which is already regarded as a limitation for a secure encryption process. It is recommended to use servers that can represent more than 100 decimal places.

Professional executions of a cryptograph undergo cryptanalysis with the aim of breaking the cryptograph, i.e. to refute its protective function. Sovereign secret services employ appropriate cryptologists. Any security is relative and only a matter of time until the cipher code is broken. Although the private cryptograph is less in the public focus, it is not safer. However, improved cipher codes extend the protection time. Encrypting not only according to a mathematical algorithm, but also to integrate a random principle, improves the ciphering. In version V 3 of the adjacent cryptograph, the encryption takes place via a multi-dimensional number matrix, which is generated with a random number generator, and a special algorithm, which links the freely selectable private key from capital letters to the number matrix. In the encrypted text still blind letters are introduced to disguise the statistical frequency of the letters of a language. The advantage of the cryptograph is the extremely fast calculation. For safety reasons, the multi-dimensional number matrix is simply rewritten from time to time with the random number generator; the program version changes automatically. With the change of the multidimensional number matrix via the random number generator, the public key of the version V 3 is also changed, so that the breaking of older encryptions over the public key is made more difficult.

The cryptograph with the input mask is a PHP programming of the author of this homepage.

back to the beginning of the manual

Cryptograph in a bigger Version but without Manual !

Copyright © : Dr. Günter R. Langecker

Date: August, 2014