This demo is the solution that first jumped into my head and inspired me to start building this doc. It turns out someone else thought of the same solution WAYYY before I did, and named the algorithm after himself. Rude.
I don’t think he built it in Coda though, so at least I have that...
Anyhoo.... let’s get into the demo. This is a really stripped-down demo of the solution I want to present. It’s important to note that because your password is used as a cipher key for the encryption, we don’t need to store it anywhere.
That’s what I wanted to present in this doc - a solution for storing data securely in a way that assumes an attacker has full access to everything in your doc.
What do I do?
1. Click the + New Secret button, and scroll down.
2. Add some info to the Your Secretfield
(you can click Enlarge if you need some space).
3. Enter a Password, confirm it, and click Encrypt.
You’ll notice your secret text is replaced by a bunch of jumbled up characters. That’s the result of the encryption, and is how we store it permanently.
To decrypt your encoded secret, enter the same Password and click Decrypt.
New Secret
💡 If this block is empty, and says No Items Available,
please click the + New Secret button, alongside. 👉
No items available
Ok, but how does it work?
This demo is an implementation of a Vignère Cipher. Like the Caesar Cipher on the home page of this doc, this cipher encodes plaintext by shifting each character by a number of places. It’s far more secure, because where the Caesar Cipher shifts all characters uniformly by the same number of places, the Vignère Cipher shifts each character by a different number of places, determined by the Key Phrase.
For Simple Security, we utilize the user’s provided Passwordas the Key with which to encrypt their Secret. We convert each character in the Secretand the Password into numbers, sum them up, and convert the resulting numbers back into characters. This produces the final, encoded Ciphertext.
I’ve created a Step-By-Step Interactive Guide which runs through the process in a lot more detail. Click the button below to launch it.
Start Guide
💡 If this block is empty, and says No Items Available,
please click the Start Guide button, above right. ↗↗
No items available
To Summarize
We split the user’s Secretand Password into individual characters, then used a helper table to convert each into a number.
We repeatPassword’s characters until we have the same length as Secret.
We then sum the numbers from both columns up to produce a new array.
We adjust any numbers that are “out of bounds” by subtracting
Finally, we convert each adjusted number back into a character (using the same helper table) and Join() them into a string. This produced our final Ciphertext.
What about Decryption??
Decryption works the same, in reverse:
Instead of Summing, we perform a difference operation:
Ciphertext minus Password equals Original Secret
After the difference operation, some numbers will be “out of bounds”, except instead of being too high, some will be too low.
Any numbers which are zero or below zero, would need to be adjusted by ADDING
161
to them.
Where to from here?
You may recall the “subtitle” at the top of this page mentioned this was a “relatively low security” implementation. I thought it may be fun to show you why that is.
So before we get into the Strong Security demo, let’s throw on our hoodies, strip ourselves of melanin and basic social skills... and step into the mind of a hacker.