eCoder Ring v.1.4 (Beta)
Written by Flack / Cult of the Dead Cow NSF

eCoder Ring is a fun, friendly, easy to use program that allows two people to send secret messages to one another. While eCoder Ring is intended for entertainment purposes only, if used correctly eCoder Ring is capable of producing nearly unbreakable* ciphers.

01. Introduction
02. Requirements
03. Theory / How it Works
04. Instructions
05. Advanced Features
06. Examples
07. Important Notes / Key File Issues
08. eCoder's Strength and Weaknesses, encryption theories and types, etc.
09. eCoder Ring Code Challenge
10. Credits

01. Introduction

Who hasn't had the desire to send a private message to a friend before without the fear of having a friend, roommate, parent, kid, spouse, co-worker, boss, nosy ISP employee, nasty hax0r, or three-letter agency reading your every word? Don't these people have anything better to do than to stick their collective noses into our private conversations? What's a guy to do?

eCoder Ring is a handy-dandy little application that allows people of any skill level to convert messages into secret codez! eCoder Ring was designed to be so simple to use that anyone from elementary school kids to your grandma (if she were still alive) can use it! Even with the default settings, secret codez created with eCoder Ring will be unbreakable to the average pair of prying eyes. By using some of the advanced features, users can create virtually unbreakable* codez.

02. Requirements

eCoder Ring was written in Visual Basic The program was designed to be one self-contained executable, small enough to be stored on and run from a floppy disk (a what?) or a USB pen drive. Any computer capable of running Visual Basic applications should be able to run eCoder Ring. eCoder Ring does not need to be installed and does not write or modify any files while running. While the typical "use at your own risk" notice applies, eCoder Ring is not capable of affecting or altering any file on your computer, including itself.

03. Theory / How it Works

eCoder Ring encrypts/decrypts messages through the use of an ENCRYPTION KEY FILE. The encryption key file can be any file that the sender and receiver agree upon. eCoder Ring can use locally stored text files, or any file residing on the world wide web, including websites or graphic files. To decrypt your secret code, the receiver must have the same encryption key file that you used to encode your message. If you are using a website with dynamic (changing) content, the receiver will not be able to decode your message.

eCoder Ring searches the encryption key file you have selected and exchanges your message with the numerical position of the letters in the key file. Confused? Here's a simple example. Let's say you are using this very document as your encryption key file, and you want to send a secret message to someone that says "html". eCoder Ring will begin searching this document for the first letter of your message ("h"). eCoder Ring finds "h" at position 2 of this document. Then it would search for an "t", which is at position 3. Using this document as a keyfile, the word "html" would be "2 3 4 5". Obviously this isn't a very interesting or useful code. Let's send the word "hello" instead. Using the same keyfile, "hello" becomes "2 9 114 143 148". In other words, "h" is in the 2nd position, "e" is in the ninth position, "l" is in the 114th position, the next "l" is in the 143rd position, and the final "o" is in the 148th position.

The next step would to be send "2 9 114 143 148" to your friend. Obviously, your friend is going to need to know what file to use to decrypt the message. You should not send the file, the name of the file, the location of the file, or any information about the key file to your friend through the same e-mail -- if someone is reading your e-mail, you will tip them off as to the location of the keyfile! Even with the use of eCoder's advanced features, 99% of the security of the encryption comes from keeping the keyfile a secret. Once your friend receives the message, s/he would load the agreed upon keyfile into eCoder Ring, and click "decrypt." In the plain text message, the word "hello" should appear.

04. Instructions

Encoding a Message

To encode a message, you will first need to select an encryption key file. On the right hand side of the eCoder Ring interface, under Encryption Key File Settings, click either "Use Local TXT File" or "Use Web URL". If you clicked "Use Local TXT File" a file dialogue will open. Select the TXT (or HTM*) file you wish to use as a key file. If you clicked "Use Web URL," you will be prompted to enter a web address. This can be a URL ("http://www.google.com"), a graphic file ("http://www.google.com/intl/en_ALL/images/logo.gif"), or a web document (http://www.gutenberg.org/files/10607/10607.txt). Remember that to decrypt your message the recipient will need access to the exact same key file, so using a dynamic website (like Google.com) is a really bad idea.

Once a key file is loaded, type your message into the PLAIN TEXT MESSAGE window. If you are not using any of the advanced encryption variables, click ENCRYPT at the bottom right hand side of the interface. Your cipher should appear in the ENCRYPTED MESSAGE text box. Cut/paste the encoded message and send it to your awaiting cohort!

Decoding a Message

Decoding a message is the exact opposite procedure. First, cut/paste the encoded message into the ENCRYPTED MESSAGE text box. Next, load the key file that was used to encrypt the message into eCoder Ring. Finally, click DECRYPT, and the secret message should magically appear in the PLAIN TEXT MESSAGE text box. WOW!

05. Advanced Features

eCoder Ring allows users to use Encryption Variables to further obfuscate your encrypted message. The current build of eCoder Ring provides four Encryption Variables for users to adjust.

START allows users to modify where eCoder Ring begins reading the key file. A START of 100 would not start reading the key file until the 100th position.

SHIFT adds a number to all your numbers. It is similar to START in theory.

SKIP only SHIFTS every Nth number. In other words, a SHIFT of 5 adds 5 to every number, but a SHIFT of 5 with a SKIP of 3 adds 5 to the first two numbers and then skips the third, then adds 5 to the next two numbers and skips the next one, etc. The most effective SKIP would be a 2, which would only SHIFT every other number in the sequence.

XOR BIT is a XOR bit flip. It is simple to do but difficult to undo unless you know the original number which was used.

06. Examples

For these examples I used The Real Mother Goose, located on The Project Gutenberg at the following location: http://www.gutenberg.org/files/10607/10607.txt

PLAIN TEXT MESSAGE
Cult of the Dead Cow

ENCRYPTED:
503 617 636 648 652 674 676 696 740 757 758 759 908 911 918 920 921 926 946 1000

Same message, but with a START of 555:
4 62 81 93 97 119 121 141 185 202 203 204 353 356 363 365 366 371 391 445
(We are now starting at position 555 in the text file.)

Same message, START=555, SHIFT=5:
9 67 86 98 102 124 126 146 190 207 208 209 358 361 368 370 371 376 396 450
(Note how "5" has been added to every number.)

Same message, START=555, SHIFT=5, SKIP=3:
4 62 86 93 97 124 121 141 190 202 203 209 353 356 368 365 366 376 391 445
(We are now only shifting every 3rd number)

Same message, START=555, SHIFT=5, SKIP=3, XOR BIT = 55
51 9 97 106 86 75 78 186 137 253 252 230 342 339 327 346 345 335 432 394
(Things are all weird now!)

07. Important Notes / Key File Issues

-- For a secure message, your encryption key file should be long enough that no repeat numbers are used. If eCoder Ring reaches the end of your key file it will continue to encrypt your message, but you will receive a warning message. For the code to be virtually unbreakable, no numbers should be repeated. Repeated numbers could add patterns which could potentially weaken your cipher.

-- Some of the Encryption Variables are more important than others. Start and Shift (without Skip) will stop your codes from being easily broken by someone with eCoder Ring, but if someone were trying to decrypt your messaging using brute force methods, chances are these would merely slow down the process. Shift in conjunction with Skip should greatly increase the security of your codes. XOR bits would also fool most manual decrypters but would merely slow down a computer-based attack. The single most important factor in keeping your codes 100% secure is making sure that the key file remains a secret.

-- For 100% security, a key file should not be reused.

-- The more random a key file is, the fewer patterns will appear in your message. The most secure key file is probably an obscure Internet-hosted picture or a text file consisting of random numbers and letters.

-- For the encryption variables, come up with a series of numbers that can be easily remembered. For testing purposes I've been using Jenny's phone number, 867-5309. That's a START of 867, a SHIFT of 5, a SKIP of 3, and an XOR of 09. Obviously any numerical pattern that can be identified can weaken the strength of your cipher. If you are using an easily guessable series of numbers that represents a telephone number, a zip code, a birthday, etc., you may be making it easier for someone to decrypt your message.

08. eCoder's Strength and Weaknesses, encryption theories and types, etc.

The inital concept of eCoder Ring was be a simple electronic "secret decoder ring," similar to the ones given away for free in cereal boxes and immortalized in A Christmas Story ("Be sure to drink more Ovaltine!"). As I began developing eCoder Ring I recalled a conversation my dad had with me as a young boy about book ciphers. From Wikipedia:

Book Cipher: http://en.wikipedia.org/wiki/Book_cipher

A book cipher is a cipher in which the key is the identity of a book or other piece of text. It is generally essential that both correspondents not only have the same book, but the same edition. Traditionally book ciphers work by replacing words in the plaintext of a message with the location of words from a book. In this mode, book ciphers are more properly called codes. This can have problems as if a word appears in the plaintext that doesn't appear in the book then it can't be encoded. An alternative approach which gets around this problem is to replace individual letters rather than words, in which case the book cipher is properly a cipher — specifically, a homophonic substitution cipher. However, if needed often, this has the side effect of creating a larger ciphertext (typically 4 to 6 digits being required to encipher each letter or syllable).

As I began work on eCoder Ring I realized that a homophobic substitution cipher would be very easy and fast for a computer to perform. Of course as I was writing eCoder Ring I was not familiar with the technical implementation or even the names of some of these cipher techniques; it was only after releasing eCoder Ring that people have informed me of their similarity. Brilliant minds think alike, perhaps? eCoder Ring introduces nothing new to the world of cryptography and doesn't claim to. Instead, it mixes together and borrows from several different theories of codework, including:

Homophonic substitution
http://en.wikipedia.org/wiki/Substitution_cipher#Homophonic_substitution

One-time pad
http://en.wikipedia.org/wiki/One_time_pads

Running Key Ciphers
http://en.wikipedia.org/wiki/Running_key_cipher

One improvement I believe eCoder Ring makes to some of these methods is that it, in conjunction with a large keyfile, it does not repeat numbers. This should make breaking the codes more difficult. Additionally, with the use of flipped bits and skipped spaces, it should stop a straight forward computer attack on your codes. When combined with an obscure key file, I believe virtually unbreakable codes can be created. In the next section, you have the ability to prove me wrong.

09. eCoder Ring Code Challenge

This is the portion of the program where I, the author, get to put my money where my mouth is. The following message was encoded with eCoder Ring, using a key publicly available on the Internet. The message is written in English. The first person to crack the code will receive autographed copies of my first book, Commodork: Sordid Tales from a BBS Junkie, and my upcoming (currently untitled) book about collecting Arcade Games, and will have their name immortalized in this readme and on multiple websites. As time goes on, more prizes/money may be added to this offer. To win the challenge, participants must decipher the following code and e-mail the exact message to me.

[Begin Code]

1011 162 1817 2046 1829 1234 1495 2273 2517 3823 3383 4763 5063 4160 4375 5772 5849 5200 5454 6791 6847 6181 6250 7775 7962 7250 8067 7168 8789 8738 8955 10135 10233 9498 9665 10266 10461 11960 11350 11402 11417 11574 11635 11755 12859 12652 12762 12729 12714 13959 14022 14236 14210 15318 15261 14448 15284 14549 14526 14798 14805 15991

[End Code]

10. Credits

eCoder Ring was written by Flack / cDc-NSF

The eCoder Ring icon is from Activision's The Last Ninja.

Beta Testers: Myles Long/cDc, Punkle Jones/cDc-NSF, GreenDiamond, Ubikuberalles, Transcend, Shadow405 and Charon.

eCoder Ring, although amazingly secure, should probably not be used in lieu of other secure means of communication.

Drink more Ovaltine!