Yesterday I was trying to find a good encryption algorithm one could realistically memorize, when I found that RC4 is great for that. The implementation not only fits into a few lines of code, but also doesn't require one to remember obscure constant or odd steps in the algorithm you can easily forget. In contrast, the Corrected Block Tiny Encryption Algorithm contains strange constants and difficult to explain operations.
Of course, weaknesses in RC4 led to an important attack on WEP wireless encryption (which you shouldn't use anymore, by the way), so it's not as secure as AES for example. But then, there are variants such as RC4-drop and CiperSaber-2 that may provide additional safeguards, making the traditional RC4 attack too difficult.
Since RC4 can be bit-flipped, it needs to be combined with some MAC using a crypto hash that also can be remembered. Luckily, both HMAC and Tiger's specifications are pretty simple to remember, and quite secure to boot.
Now, I wonder, how difficult would it be for a non-programmer, or even a kid, to learn RC4-drop, HMAC and Tiger? Purely hypothetical question, of course...
Published on July 29, 2012 at 22:14 EDT
Older post: Cinema Allergy
Newer post: The Problem With Prn