Internet Storm Center Infocon Status

Could This Be The World’s BEST CODEBOOK?

pocketnewtestamentOver a year ago I was asked by PrepperRecon to join in on an interview regarding secure email systems.  In the interview I gave an overview of email servers in Israel, Switzerland, and Norway.  One of my recent favorites is ProtonMail (Switzerland).  I love that you can send a secure email message and password that message so that the recipient must know the password in order to see the contents.  Of course, this raises the question, “How do I come up with a password method that I can share?”

This is a problem as old as espionage.  Even Israelites used a password in the Old Testament, when a word was used which was difficult for Israel’s enemies to pronounce.  The word was Shibboleth (see Judges 12 and wikipedia:

Over the course of history, various methods have been developed to share passwords.  The most secure method of encryption is OTP (or One Time Pad) – see this link.  Basically, two one time pads are created.  Each one time pad can be used to send or receive a message.  In order to maintain security, each one time pad must be destroyed after use.  One time pads are typically only used for very short messages.  (Note: One time pads are still in use today.  Broadcasts can be heard over various frequencies saying things like, “alpha, alpha, juliet, bravo, etc., etc.”  Agents in the field can receive the messages using receivers which are pretty much undetectable, thereby maintaining good security).

One time pads come with a slew of problems.  Creating messages can be time consuming.  If a one time pad booklet is lost, there is no way to recreate it.  Messages are short, so you are limited by what you can communicate with a limited amount of characters.  The one time pad booklets would need replacing when they run out, which means contact might need to be reestablished anyways (and that could breach security).

What if instead of a one time pad you simply used a codebook?  The codebook would need to be small.  It would need to be common enough that it can be obtained easily by all team members.  It would also need enough pages to keep passwords fresh.  I think a pocket New Testament would be ideal.  Of course, everyone in your group would need to obtain the very same version so that all the letters fall in the same place on every page.

The problem remains about developing a password method that can be shared.  So, here are some ideas.

First, identify a page.  This could be done in a multitude of ways, but basic ways include:

  • simply giving a Book, chapter, and verse.
  • use a page number
  • reference a verse that others would know where to find (this also enforces the value of knowing scripture)

Second, coordinate a pattern.  The pattern will give you the code.  There are thousands, or millions, of patterns that could be used.  Here are some ideas:

  • the letter on the top right corner of every page over the next 20 pages
  • the third line from the bottom backwards for 20 characters (be sure to confirm whether or not spaces should be used)
  • use a column of letters down or up (like the right column of characters moving up from the bottom)
  • every other character of a specified line
  • use the page number to develop a pattern (like page 143, could be the first character, then skip four characters, then skip 3 characters).
  • keep it easy enough that you can remember and use it easy!

When using a system like ProtonMail, you may just need to put a verse, or page number, in the subject line.  As long as the person you communicate with has the code book and knows the proper pattern, then they can use the password to decrypt your message.

Never ever use the same page twice unless you are using a new and unique pattern.  But, the good news is that you never need to destroy your pages like a one time pad.  You simply need to communicate a new pattern.

Besides all this stuff about codebooks, having access to God’s Word is most important.  In the pages we find strength, encouragement, and salvation.  It’s just smart to have access to the Word anywhere you go.

ePrepper is going offline this month and will likely be offline before the end of January 2017, unless I can find someone to either take over the site or migrate its content to. Properly maintaining the site has been taking up too much time and cutting into my family. I would like to see the content of ePrepper get absorbed into a larger site. If you run a blog and are interested using content from ePrepper, please email dan [dot] michaels [at] eprepper [dot] net.

Leave a reply