Frequently Asked Questions
Of course, nobody has asked me anything yet, but here are some things they might.
What does it do?
You give it a message and it'll encrypt it and send it to someone for you. You can either make sure the person at the other end has the details to decrypt it, or you can pose it to them as a potentially infuriating puzzle.
Why did you bother?
It's just a bit of fun. Plus the sort of text manipulation the script does is good practice in a language I'm not all that familiar with.
So it'll give me secure communications, right?
If you consider a set of ciphers that schoolchildren can beat to be 'secure communications', then sure it will. Otherwise, get hold of a proper cryptography suite for your system (PGP is a good place to start, or OpenSSL if you're running a server). Once you've got that sorted, feel free to use the kind of encryption featured here as an additional layer (although if someone can get through a modern thousand-bit block cipher I don't see them taking long to defeat a monoalphabetic substitution).
It looks like a CGI script! I thought you were a PHP fiend/I thought you hated Perl!
That isn't a question. Yes, I do normally use PHP, and yes, this is a CGI script instead. And I never said I hated Perl (I just don't know anything about it), but that's a moot point since the script is in Python. I just felt like a change.
I may even port it to Perl as my next project.
What next?
Next step is to add the support for the two polyalphabetic ciphers that I've disabled the buttons for. After that I'll give it some more features and stuff. If I feel generous (or there's a good response to this one) I may even give it the ability to decrypt messages...
What are the ciphers? What does it all mean?
This is the brief version: for an excellent 'popular science' guide I recommend Simon Singh's The Code Book.
- Atbash turns the alphabet around, replacing each letter with it's counterpart from the far end: A ~ Z, D ~ W, M ~ N and so on.
- A Caesar shift moves each letter on a fixed amount. For example, a Caesar shift of two places maps A to C, L to N, Z to B and so on. For various reasons I tend to denote a Caesar shift by the letter that A maps to, so it has a character as key rather than a number.
- A substitution cipher has a key that fully defines where each letter goes; it's best represented by a string with each letter of the alphabet once. It maps A to the first, D to the fourth, Z to the last, etc.
- A Vigenère cipher uses a specified word as a key, using each letter to force a Caesar shift.
For example if the keyword is
LOVE, the the first letter (and fifth, ninth, etc.) gets shifted as per a Caesar with keyL, the second (sixth, tenth, etc.) gets anO-shift, and so on. - A one-time pad cipher is like a Vigenère cipher with a random keyword as long as the text. Used properly, it's impossible to defeat, but proof of why is left as an exercise to the reader: I'm waffling enough as it is.
Version History
I'm going to play version numbers by ear; since I often want to apply small fixes in a hurry and the version currently accessible to the public is my development copy, the script in use will change more often than I can be bothered to update the history.
2007-02-23: 0.2
Vigenère is ready, checking for format of e-mail addresses (you can still get bad ones through to some extent, but not so bad they break the script) and reuse keys.
2006-04-13: 0.1
First testing release.
Known Issues
Many fields can be left empty (although the results of doing so may not be what you'd expect). Leaving the names empty will cause some undesirable results but shouldn't break anything, leaving the main message empty will be undesirable and might break things
Sending mail to addresses local to the server (which includes all the domains I host on it) makes the script check that the address exists, so putting non-existant addresses in my domains breaks execution.
I'll be taking another look at these things later. Since this is still a testing copy it was a higher priority to get some functionality done; provided you fill out the form properly it'll be fine.