A new idea to solve the problem with a secret (well, now not so secret)
code scheme, one that you don't have to keep hiding. Here we can hide it
in plain sight. :)

Go here, It's a Sudoku game:

(bring out the link glue)

https://www.chiark.greenend.org.uk/~sgtatham/puzzles/js/ solo.html#3x3:2b9_6i2a4c9_8c6b2_1c8b4b2a1b3b6c2_5b8c4_7c5a1i5_6b8

You can get a link to the game and challenge your friends, or enemies, to
solve it. But that's not my point. Instead, look at the digits. Pick each
digit from top to bottom throughout the game plan, assemble them into a
long string:

29962846214621832585415678

You can even click on Solve to get even more digits, 81 in total:

214963587768512349539847162321675894495281673876439251682394715957128436143756928

Similar to what "Data" did on Star Trek TNG when he locked the main
computer, which brings up the fair question: was that string of numbers in
the script? ;)

One can also convert them to hex for even more obfuscation:

''.join([hex(ord(c))[2:] for c in n]) '3231343936333538373736383531323334393533393834373136323332313637353839343439353

23831363733383736343339323531363832333934373135393537313238343336313433373536393
238'

Gpoing back to the original:

from textwrap import wrap; ''.join([chr(int(n, 16)) for n in wrap(''.join([hex(ord(c))[2:] for c in n]), 2)]) '214963587768512349539847162321675894495281673876439251682394715957128436143756928'

For a bit more clarity, I realized it became a little bit murky:

h = ''.join([hex(ord(c))[2:] for c in n])
from textwrap import wrap
''.join([chr(int(n, 16)) for n in wrap(h, 2)]) '214963587768512349539847162321675894495281673876439251682394715957128436143756928'

Keeping a link to a game "someone" (ahem, fake address anyone?) in your
inbox wouldn't be too suspicious:

--------------------------------------------------------------------------------
Email received: 2024-06-20@16:23:18 GMT
From: Mr. Alan L. Terego <al-terego@ptro-mail.url>
To: cri-cri <c-r-i@ptro-mail.url>
Subject: Here's my challenge for you :)

Body:

Hi,

Just thought you might enjoy this little challenge Sudoku game. It's quite
easy to solve, actually. I solved it in a couple of minutes.

https://www.chiark.greenend.org.uk/~sgtatham/puzzles/js/ solo.html#3x3:2b9_6i2a4c9_8c6b2_1c8b4b2a1b3b6c2_5b8c4_7c5a1i5_6b8

How did you do? Let me know. :)

Regards,
Alan. --------------------------------------------------------------------------------

Simon has several other games on that site as well. Maybe not all of them
lend themselves to picking a random-ish key, but well, anyway.

For the observant curious-minded:
"ptro" is the (written) sound you'd make to bring a Swedish horse to a
halt. The opposite (written) sound is "mpah-mpah." Now you know. ;)

--
Cri-Cri

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Cri-Cri <cri@cri.cri.invalid> wrote:

A new idea to solve the problem with a secret (well, now not so secret)
code scheme, one that you don't have to keep hiding. Here we can hide it
in plain sight. :)

Go here, It's a Sudoku game:

Interesting idea. One could even obtain a paper sudoku book and
"solve" a portion of the games, with one preselected one being "filled
in" for the key one is transporting. Most "police" types are not
likely to look twice at a paper sudoku book, and certianly are not
going to "verify" that the partially solved puzzles are all correctly
solved.

And, if one was worried that some stazi type might "verify" the puzzles
for correctness, then just solve ~ 50% of the puzzles in the book
correctly, and choose one of those 'correct' puzzles to be the source
for the 'key'.

And key source can also be obsfucated somewhat, in that one could
combine the numbers in a pattern (zig-zag, circular, etc., i.e.,
anything other than left to right top to bottom).

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Thu, 20 Jun 2024 16:02:03 -0000 (UTC), Rich wrote:

And key source can also be obsfucated somewhat, in that one could
combine the numbers in a pattern (zig-zag, circular, etc., i.e.,
anything other than left to right top to bottom).

Yes, it could be built upon indefinitely. I suppose even being used as a
code in itself. For example, grouping numbers for page-row-word numbers in
some book. If only a few words are in need of being encrypted, like
"DELIVERY FRIDAY", 81 digits might be enough.

And, who's to know that we aren't writing in code now? ;)

--
Cri-Cri

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Thu, 20 Jun 2024 19:16:00 -0700, Chris M. Thomasson wrote:

http://fractallife247.com/test/hmac_cipher/ver_0_0_0_1?

ct_hmac_cipher=4719759cad9265f6f38ec25a7fbec19144df819e9f049d87a016c43a86c864c66366e5162872b616a579549433dbcb93fa5d17601e6f8e9c6eb9c34ff0884362a13437d0d0714f18f8ff2ab75a37a4ee

I don't get it.

--
Cri-Cri

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Cri-Cri <cri@cri.cri.invalid> wrote:

On Thu, 20 Jun 2024 19:16:00 -0700, Chris M. Thomasson wrote:

http://fractallife247.com/test/hmac_cipher/ver_0_0_0_1?

ct_hmac_cipher=4719759cad9265f6f38ec25a7fbec19144df819e9f049d87a016c43a86c864c66366e5162872b616a579549433dbcb93fa5d17601e6f8e9c6eb9c34ff0884362a13437d0d0714f18f8ff2ab75a37a4ee

I don't get it.

Chris likes to insert his hmac cipher into every thread.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Thu, 20 Jun 2024 20:45:24 -0700, Chris M. Thomasson wrote:

Decrypted: <<< that...

...was not what I didn't understand. I am perfectly capable of clicking on links.

No shit! Thanks. <<< this...

...was what I did't understand. The way it is written it looks like an
insult.

--
Cri-Cri

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Cri-Cri <cri@cri.cri.invalid> wrote:

On Thu, 20 Jun 2024 20:45:24 -0700, Chris M. Thomasson wrote:

Chris very much so likes to "insert" his hmac cipher into every
discussion thread, even those where it is off topic (although the
off-topicness is questionable here....).

He did this so much that Richard Heathfield killfiled him a couple
years back after having become frustrated with his "insertions" (among
other things).

It is best to just ignore his off-topic insertion of quasi-advertising
of his hmac cipher into every thread. If this becomes too much,
there is always the killfile method of ignoring the posts.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 21/06/2024 21:31, Chris M. Thomasson wrote:

... generating a
complex password from a simple password...

You can't actually increase the entropy

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Oscar <oxxxxxxxxxxxs@gmail.com> wrote:

Op 22-6-2024 om 10:54 schreef Richard Harnden:

On 21/06/2024 21:31, Chris M. Thomasson wrote:

... generating a
complex password from a simple password...

You can't actually increase the entropy

Perhaps, but the recent discussions here seem to boil down to "password
based key derivation functions" which may frustrate bruteforce attacks a
bit.

The thread has kind of drifted in that direction. It began as a way to
try to "remember" a complex password by encoding it as "something else"
such that one might not need to worry should the stazi examine your
papers and find the "something else" in your possession.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Chris M. Thomasson <chris.m.thomasson.1@gmail.com> wrote:

On 6/21/2024 3:01 PM, Rich wrote:

Cri-Cri <cri@cri.cri.invalid> wrote:

On Thu, 20 Jun 2024 20:45:24 -0700, Chris M. Thomasson wrote:

Chris very much so likes to "insert" his hmac cipher into every
discussion thread, even those where it is off topic (although the
off-topicness is questionable here....).

He did this so much that Richard Heathfield killfiled him a couple
years back after having become frustrated with his "insertions" (among
other things).

Ahhh, the open secret... I gave away too many of my experiments. He got pissed.

More accurately, you *hijacked* too many threads to insert your hmac
cipher into them, and then did not listen and crucially, *adjust your
behavior in the face of negative feedback* about your doing so, with
the result that he got tired of the hijacking and killfiled you.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Chris M. Thomasson <chris.m.thomasson.1@gmail.com> wrote:

On 6/22/2024 9:09 AM, Rich wrote:

Chris M. Thomasson <chris.m.thomasson.1@gmail.com> wrote:

On 6/21/2024 3:01 PM, Rich wrote:

Cri-Cri <cri@cri.cri.invalid> wrote:

On Thu, 20 Jun 2024 20:45:24 -0700, Chris M. Thomasson wrote:

Chris very much so likes to "insert" his hmac cipher into every
discussion thread, even those where it is off topic (although the
off-topicness is questionable here....).

He did this so much that Richard Heathfield killfiled him a couple
years back after having become frustrated with his "insertions" (among >>>> other things).

Ahhh, the open secret... I gave away too many of my experiments. He got
pissed.

More accurately, you *hijacked* too many threads to insert your hmac
cipher into them, and then did not listen and crucially, *adjust your
behavior in the face of negative feedback* about your doing so, with
the result that he got tired of the hijacking and killfiled you.

Oh. I do remember him getting pissed off about me talking to much about
my progress with SCOS.

Ah, that too, you revealed some details that he asked the group not to
reveal, in order that the 'challenge' of cracking it oneself remained
possible.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Rich wrote:

Oscar <oxxxxxxxxxxxs@gmail.com> wrote:

Op 22-6-2024 om 10:54 schreef Richard Harnden:

On 21/06/2024 21:31, Chris M. Thomasson wrote:

... generating a
complex password from a simple password...

You can't actually increase the entropy

Perhaps, but the recent discussions here seem to boil down to "password based key derivation functions" which may frustrate bruteforce attacks a bit.

The thread has kind of drifted in that direction. It began as a way to
try to "remember" a complex password by encoding it as "something else"
such that one might not need to worry should the stazi examine your
papers and find the "something else" in your possession.

Well, regarding "password based key derivation functions". I have uploaded 'red' to my GitHub repositories, which allows users to generate deterministic Ed25519 key pairs, in hex notation. and then sign, for example, Usenet messages (like this one). :-)

https://github.com/stefanclaas/red

--
Regards
Stefan

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)