Article 54516 of alt.security.pgp: Path: matra.meer.net!news.spies.com!genmagic!sgigate.sgi.com!enews.sgi.com!news.mathworks.com!uunet!news-maint From: Tim Ruddick Newsgroups: alt.security.pgp Subject: Reasonably Adequate Privacy :-) Date: Wed, 29 May 1996 14:13:44 -0400 Organization: UUNET Technologies, Inc. Lines: 340 Message-ID: <31AC93D8.69D8BD19@UUNET.uu.net> NNTP-Posting-Host: riddler.uu.net Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="------------353C51DE3B54AFBF7D55368C" X-Mailer: Mozilla 2.01 (X11; I; SunOS 4.1.3_U1 sun4c) This is a multi-part message in MIME format. --------------353C51DE3B54AFBF7D55368C Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Enjoy! (An HTML version of this document is also available. E-Mail me if you'd like it: TRuddick@UU.NET.) Tim. --------------353C51DE3B54AFBF7D55368C Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="rap.txt.asc" -----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------------- Tim's Reasonably Adequate Concepts Presents RAP Reasonably Adequate Privacy Data Obfuscation for the Masses RAP User's Guide Volume I: Essential Topics by Timothy Ruddick Revised 27 April 1996 RAP Version 0.9 beta - 27 April 1996 Documentation by Timothy Ruddick Hardware by Sunkist and General Electric - ---------------------------------------------------------------------------- Synopsis: RAP uses a simple chemical process to protect data. Communicate easily with people you've never met, with minimal prior training. RAP is simple to use and fast, with robust construction, very low computational cost, and adequate ergonomic design. Documentation (c) Copyright 1996 Timothy Ruddick. All rights reserved. For information on RAP licensing, distribution, copyrights, patents, trademarks, liability limitations, and export controls, see the "Legal Issues" section in the "RAP User's Guide, Volume II: Special Topics". Distributed by Ruddick Institute of Silliness. - ---------------------------------------------------------------------------- "This is a dog license with the word `Dog' crossed out and `Cat' written in in crayon" --Monty Python, Eric the Half-a-Bee - ---------------------------------------------------------------------------- Contents * Quick Overview * Why Do You Need RAP? * How It Works * Installing RAP * How to Use RAP o Obfuscating a Message o Obfuscating a Message to Multiple Recipients o Signing a Message o Using Additional Obfuscation o Revealing Messages and Checking Signatures o Managing Keys * Advanced Topics o Sending Obfuscated Messages Through the Postal Service * Configuring RAP * Vulnerabilities * Beware of Snake Oil * Notice to Macintosh Users * RAP Quick Reference * Advanced Topics o Summary of RAP functions o Key management functions * Legal Issues * Acknowledgments - ---------------------------------------------------------------------------- Quick Overview Reasonably Adequate Privacy (RAP), from Tim's Reasonably Adequate Concepts, is a simple concealment concept requiring only hardware available at the local supermarket. RAP allows people to exchange written documents with reasonable privacy and convenience. Reasonable privacy means that only those intending to receive a message and possessing the appropriate hardware can read it. Convenience means that privacy is provided without the need for any software or computer hardware, whatsoever. No secure channels are needed to obtain the necessary hardware, which makes RAP much easier to use. This is because RAP is based on a simple technology known as "invisible ink". RAP combines the convenience of ordinary handwriting systems with obfuscation speeds impossible to match with conventional cryptography, data compression, adequate ergonomic design, and simple hardware requirements. And RAP performs its functions faster than any software implementation. RAP is truly data obfuscation for the masses. RAP does not provide any built-in modem communications capability. In fact it provides no data-transmission capabilities whatsoever. You must use separate products for that. This document, "Volume I: Essential Topics", only explains the essential concepts for using RAP, and should be read by all RAP users. "Volume II: Special Topics" covers the advanced features of RAP and other special topics, and may be read by more serious RAP users. Neither volume explains the underlying chemical processes used by the technology. Why Do You Need RAP? You want to transmit a message or some data and you don't want anyone else to see it. Duh! How it Works Conventional cryptosystems require complicated hardware and software to scramble a message, rendering it unreadable to anyone but you and the intended recipient. With invisible ink there is no need for all that stuff. You just need a stylus or writing implement (frequently called a "toothpick"), a document substrate (frequently called "paper"), an ink-source (frequently called a "lemon") and a heat-source (frequently called a "light-bulb"). Using the heat-source the recipient can cause the invisible ink to become visible. Anyone can use invisible ink to conceal a message to another person. Only a person who knows that the document contains a "secret message" will think to use a heat source to render the message visible. Message authentication is also provided. One way would be for the recipient to call the sender on the phone and say something like, "Hey! Did you just send me a blank piece of paper?" And the sender could say something like, "Yes..." and pause, knowingly. These two processes can be made to occur automatically whenever a sender creates a document using invisible ink. There is no need to acquire any information about the recipient at all! Installing RAP The Basic RAP package comes complete with a box of styli (styluses for the Latin-impaired), several sheets of document substrate, an ink-source, and a heat-source. The Professional package contains a secondary ink-source, known in the industry as a "potato" (or "potatoe" to those working for former CIA staff), and a high-quality stylus similar to those sold at calligraphy counters of art and craft supply stores. Installation of RAP is as simple as removing the parts from their box and placing them near where you wish to compose your message. If you already own an earlier version of RAP there is no need to dispose of it. All items in any version are guaranteed to be fully compatible with all past and future versions and can even function in parallel! (Try to do that in software!) In addition, you may find that you already own items similar to those found in a RAP package. These, too, should be fully compatible, except in the case of heat-sources purchased outside the U.S. Unlike certain other cryptosystems there are no export restrictions on any item in the RAP package; you may find, however, that heat-sources produced in the U.S. are incompatible with foreign fixtures. How to Use RAP Obfuscating a Message Obfuscating a message is simple. Dip the stylus into the ink-source and use it to write on the document substrate. You may find that certain styli are easier to use than others. Experiment until you find a stylus that functions adequately and practice a little. You'll soon find that writing becomes easy. If you wish, you may compress messages after using RAP. It is easiest, however, to wait until after obfuscation to perform compression. One method is to fold the document substrate into thirds, so that it may more readily be inserted into an standard document carrier (or "envelope"). To foil Message Interception Attacks you might consider crumpling the substrate into a ball so that it resembles an item of trash. More elegant and artistic solutions to the same problem may be found in any good origami book. Obfuscating a Message to Multiple Recipients If you want to send the same message to more than one person, you have several choices: you can write the same document on more than one substrate; you can find a print shop willing to use your invisible ink during the production process; or you can try to ensure that all recipients are present when the document is made visible. Signing a Message Sign a message much as you would sign a check. The only difference is that you will not be able to read the signature. It will be invisible. You're using invisible ink. Using Additional Obfuscation Sometimes you need a little extra obfuscation. RAP can also work in this environment. If you and the recipient both know a foreign language, you could write in it. If you don't know a foreign language, consider Pig-Latin (known in the industry as "Igpay- Atinlay"); it is an easy language even for non-native writers, and has the expressive power of English. Revealing Messages and Checking Signatures To make an obfuscated message visible, hold the document substrate over a heat source. The message will soon become apparent. If the message has been signed you will see a signature on the substrate. If the substrate is held too close or too long next to the heat-source you risk Rapid Oxidation and Message Loss (ROML or "fire"). You may also damage your fingers, eyebrows, or hair, so be careful! Managing Keys Since the time of Julius Caesar, key management has always been the hardest part of cryptography. One of the principal distinguishing features of RAP is that it uses no keys. The hardest problem simply vanishes (just like the ink)! Advanced Topics Most of the "Advanced Topics" are covered in the "RAP User's Guide, Volume II: Special Topics". But there is one topic that bears mentioning here. Sending Obfuscated Messages Through the Postal Service Any message sent through the Postal Service should probably be enclosed in a document carrier, the simplest being an envelope. To save on postage and envelope costs you may wish to consider compressing the message prior to sending it. Various techniques for accomplishing this are outlined in the "Obfuscating a Message" section, above. Invisible ink would seem to lend itself well to message delivery via postcard. RAP does not support this mode of transport, as postcards are difficult to use with a heat-source which increases the likelihood of ROML (see " Revealing Messages and Checking Signatures", above). It should be strongly stressed that to avoid a Message Interception Attack the recipient's address should be written in standard, visible ink! Configuring RAP RAP has few user-serviceable parameters. If you wish you may experiment with alternate styli, heat- sources, ink-types, and message substrates, but the basic concepts remain the same. Vulnerabilities No data security system is impenetrable. RAP can be circumvented in a variety of ways. The greatest vulnerability is message interception by parties owning heat-sources. Try to make sure that this doesn't happen. Beware of Snake Oil It doesn't work and you have to find a snake. Lemon juice is better. Notice to Macintosh Users RAP is fully compatible with your choice of computer. You will find the user interface elegant and intuitive, and far better than those command-line things you'd otherwise need to put up with. RAP Quick Reference Summary of RAP functions: To obfuscate a message: * write it on a message substrate using invisible ink. To sign a message: * sign it as you would a check but with invisible ink. To reveal an obfuscated file: * hold it near a heat-source. To obfuscate a message for any number of multiple recipients: * write it on several message substrates using invisible ink. or * write it once and make sure all recipients read the revealed copy. Key management functions: To make your keys easier to find: * try leaving them in a basket near the front door. Legal Issues For detailed information on RAP licensing, distribution, copyrights, patents, trademarks, liability limitations, and export controls, see the "Legal Issues" section in the "RAP User's Guide, Volume II: Special Topics". RAP uses technology that is unpatentable. Seriously, who besides a raving genetic engineer would try to patent a lemon. As such, you are free to redistribute the RAP hardware and this document in any way you see fit, provided the text remains unaltered. Acknowledgments Substantial portions of this document were basically stolen outright from Phil Zimmermann's documentation for his excellent Pretty Good Privacy (PGP) product. PGP is available on the Web at: http://web.mit.edu/network/pgp.html -----BEGIN PGP SIGNATURE----- Version: 2.7 iQCVAgUBMayN+MZ3OZazVF09AQGqqQQAr4LwI/h15X8y9CNgZqXf2Z5cwfuPranO si2YlD+tMYCQ+//0rSqu8RXX2H8eHtAbvbRkfWMpObkrMN4b8qSEXOriphW9nQWb qqgrX7DS6uQjoufJa9cmgj5F2kfTpWa8fauWZOnKbeoMYPPozkz8pcqW3OvagXHf m187EqB6jdo= =l1d1 -----END PGP SIGNATURE----- --------------353C51DE3B54AFBF7D55368C--