Can you keep a secret?

Explore

Simple Security

This solution has relatively low security.

This demo is the solution that first jumped into my head and inspired me to start building this doc. It turns out someone else thought of the same solution WAYYY before I did, and named the algorithm after himself. Rude.

I don’t think he built it in Coda though, so at least I have that...

Anyhoo.... let’s get into the demo. This is a really stripped-down demo of the solution I want to present. It’s important to note that because your password is used as a cipher key for the encryption, we don’t need to store it anywhere.

That’s what I wanted to present in this doc - a solution for storing data securely in a way that assumes an attacker has full access to everything in your doc.

⁠

What do I do? 1. Click the + New Secret button, and scroll down. 2. Add some info to the Your Secret field (you can click Enlarge if you need some space). 3. Enter a Password, confirm it, and click Encrypt. You’ll notice your secret text is replaced by a bunch of jumbled up characters. That’s the result of the encryption, and is how we store it permanently. To decrypt your encoded secret, enter the same Password and click Decrypt.

⁠

New Secret

⁠

💡 If this block is empty, and says No Items Available, please click the + New Secret button, alongside. 👉

⁠

No items available

⁠

Ok, but how does it work?

This demo is an implementation of a Vignère Cipher. Like the Caesar Cipher on the home page of this doc, this cipher encodes plaintext by shifting each character by a number of places. It’s far more secure, because where the Caesar Cipher shifts all characters uniformly by the same number of places, the Vignère Cipher shifts each character by a different number of places, determined by the Key Phrase.

For Simple Security, we utilize the user’s provided Password as the Key with which to encrypt their Secret. We convert each character in the Secret and the Password into numbers, sum them up, and convert the resulting numbers back into characters. This produces the final, encoded Ciphertext.

I’ve created a Step-By-Step Interactive Guide which runs through the process in a lot more detail. Click the button below to launch it.

⁠
Start Guide
⁠

⁠

💡 If this block is empty, and says No Items Available, please click the Start Guide button, above right. ↗↗

⁠

No items available

⁠

To Summarize

We split the user’s Secret and Password into individual characters, then used a helper table to convert each into a number.

We repeat Password’s characters until we have the same length as Secret.

We then sum the numbers from both columns up to produce a new array.

We adjust any numbers that are “out of bounds” by subtracting

161

⁠

(the row count of

Character Mapping⁠

Finally, we convert each adjusted number back into a character (using the same helper table) and Join() them into a string. This produced our final Ciphertext.

What about Decryption??

Decryption works the same, in reverse:

Instead of Summing, we perform a difference operation:

Ciphertext minus Password equals Original Secret

After the difference operation, some numbers will be “out of bounds”, except instead of being too high, some will be too low.

Any numbers which are zero or below zero, would need to be adjusted by ADDING

161

⁠

to them.

⁠

Where to from here?

You may recall the “subtitle” at the top of this page mentioned this was a “relatively low security” implementation. I thought it may be fun to show you why that is.

So before we get into the Strong Security demo, let’s throw on our hoodies, strip ourselves of melanin and basic social skills... and step into the mind of a hacker.

This how-to guide may surprise you.

⁠

Breaching Simple Security I did tell you it wasn't secure, right? 🤔⁠

Gallery

Want to print your doc?
This is not the way.

Try clicking the ⋯ next to your doc name or using a keyboard shortcut (

CtrlP

) instead.