Is it possible to securely encrypt some text with password without a computer?

Arqwer

2/8/24, 11:22 PM

Encrypting text with a computer has problems: we need to worry about hardware backdoors in processors, motherboards, and extension cards, software backdoors in OS, vulnerabilities in software, and viruses.

Computers are so complex that no single person knows every detail of how they work. It makes it impossible to examine every single part of hardware and software, so we can only hope that the computer isn't maliciously modified.

Encryption machines like Enigma don't have all these weaknesses. I know that Enigma is broken. Are there other ways to encrypt text with a password without a computer, but still secure by modern standards?

(I know that one-time pads are secure, but they require a random key to be stored somewhere, so it doesn't count as protection by password only).

1 + 4

Morrolan

2/9/24, 12:06 PM

See [this question about cryptosystems one can do with a pen & paper](https://crypto.stackexchange.com/questions/1653/what-is-the-most-secure-hand-cipher), and [this question about related terminology to help your search](https://crypto.stackexchange.com/questions/81871/is-there-a-name-for-strong-human-computable-encryption-schemes-are-there-defini)

Morrolan

2/9/24, 12:07 PM

As an aside, I'd be hesitant to claim that 'encryption machines' are less likely to contain backdoors, given some [recent happenings](https://en.wikipedia.org/wiki/Crypto_AG).

Paul Uszak

2/9/24, 1:16 PM

This is a comment as it only relates to a question paragraph (2nd) and not the nub of the question. Virtually all computers’ functions can be externally validated through testing. Even stuff like encryption can be tested against test vectors and against other computers, perhaps of different architectures. You can even write your own tests. There is also a plethora of μcontrollers that can be used, including those manufactured in non allied regimes. See [What's the reason for Monte Carlo tests for block ciphers?](https://crypto.stackexchange.com/q/68680/23115) .

Arqwer

2/12/24, 9:06 AM

Modern processors have closed source blobs in microcode, which can't be validated. Also, backdoors might be included at microscopic level inside processor cristals - to detect those it is necessary to scalp the processor, scan it with electric microscope and reverse-engeneer it, which is not only laborious and expensive, but will also destroy the processor. Plus, Intel ME has encrypted microcode with unrestricted access to memory and network, making it a perfect place for a backdoor - which can't be validated either.

Score:1

Crypto

Meir Maor

2/9/24, 12:32 PM

Try Solitaire cipher https://en.m.wikipedia.org/wiki/Solitaire_(cipher) As of today it has some known weaknesses but still can't be practically broken. It requires a deck of cards in a certain order bot just a password as a key.

+ 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Is it possible to securely encrypt some text with password without a computer?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.