Can a Tabula Recta provide security in the XXI century?
This addresses security for users in extreme scenarios where computers are compromised, but it is incremental as it builds on classic tools.
The paper investigates whether human-computable cryptographic algorithms using a Tabula Recta can provide security against computer-aided cryptanalysis in scenarios of total computer compromise, concluding that some algorithms offer sufficient security based on computer-based statistical analysis.
In the not so unlikely scenario of total compromise of computers accessible to a group of users, they might be tempted to resort to human-computable paper-and-pencil cryptographic methods aided by a classic Tabula Recta, which helps to perform addition and subtraction directly with letters. But do these classic algorithms, or some new ones using the same simple tools, have any chance against computer-aided cryptanalysis? In this paper I discuss how some human-computable algorithms can indeed afford sufficient security in this situation, drawing conclusions from computer-based statistical analysis. Three kinds of algorithms are discussed: those that concentrate entropy from shared text sources, stream ciphers based on arithmetic of non-binary spaces, and hash-like algorithms that may be used to generate a password from a challenge text.