When Orwell wrote Nineteen Eighty-Four in the mid-twentieth century,
he could not have imagined that mere individuals would ever command such complex and expensive technologies as they do now.
Orwell died in 1950, so he never lived to see the spread of modern communications devices into everyday personal use -- the photocopying and fax machines, the cassette tape, the personal computer, the Internet, and the camera-equipped cell phones that helped save the world from the end he so feared.
The well known Party slogan from Orwell's Nineteen Eighty-Four 'Who controls the past, controls the future: who controls the present controls the past'
could equally be paraphrased as this 'who controls information controls the future'. Something which the little known American Norbert Weiner understood very well.
(It was Weiner who foresaw "a second industrial revolution," during which information, mediated by mass produced computers would become at least as important
as manufactured goods. )
This paper provides only an overview of the methodology to encrypt the Internet. The vast majority of internet sites and pages not only do not require encryption, but their creaters and users do not want them to be encrypted.
This procedure therefore is relevant only to those sites and creators who do require this security -- it is the first such public description we know of to date, that goes beyond the mere theoretical means to do this.
Actual examples will be provided and upon request a Reader to decrypt and load a hypertext page will be provided to interested parties.
Apart from the problems of creating an AES
certifiable encryption algorithm, there are new
technical challenges involved with controlling the encrypted information after the encrypting process.
This paper addresses these issues from a practical commerialization perspective,
much of the processes will not however be revealed in detail, an international
trademark for ltwpsyn® is now finalised but the problem of piracy and unauthorised use of ideas presented
in this discussion paper remain, especially where anyone
can copy and use information presented on the internet in almost any way they want.
Like Oliver Lodge whose 1897 patent for a practical way to tune radio signals was commercialised by others, our
preference is to sell this idea for use by others. No patents have currently been filed for this invention, however working detailed POC's are available.
Keywords: World Wide Web, Encrypt the Internet,
A practical guide to encryption of the internet, ltwpsyn encryption A mirror copy of this page can be found at sites.google.com/site/ltwpsyn
(Note: This version contains only simple encryptions using a POC developed in 1998.
The POC encryption only simulates randomness by using a different password for each encryption) When Tim Berners-Lee created the web software routines he bypassed the issues of encryption
and left them for later users to resolve. To date the most often quote paper on how encryption of the internet could
be done suggests using RSA or another encryption algorithm, you can read this here
Encrypting the Internet.
however as far as I am aware no one has solved the issues of encryption of the internet "in situ", to begin with it requires enormous bandwidth
and using RSA may not be practical given the latest NSA revelations. The NSA has not only broken RSA and probably almost every other
encryption algorithm it has also introduced back doors in them as well!
Follow link here RSA warns over NSA link to encryption algorithm. An alternative approach to encrypting the internet is required.
This site has been created to demonstrate the first site specific way to encrypt the internet
To encrypt the internet you require 3 things
(1) an encryption protocol or algorithm
(2) some HTML code to be encrypted
(3) a hyperlink to open an HTML page
This Temporal Protocol for site Specific encrYptioN uses VBA code,
found in Microsoft Office because it has the above 3 requirements. VBA or Visual Basic Applications
is quite adequate to create an encryption algorithm but has one
major drawback, it has almost no security. Protection for the code relies almost entirely on copyright protection.
Excel and VBA have the ability to create a file and load it with HTML code and then using Internet Explorer and
hyperlinks the HTML page can be opened.
1.2. Microsoft, Google and encrypting the internet
Google and Yahoo! and other search engines have a vested interest in NOT encrypting the internet.
after all their algorithms stop working once a site is encrypted.
Google Chrome is the biggest competitor for Microsoft Internet Explorer.
The reason VBA or Visual Basic Applications is a good language to encrypt the internet with is availability,
Microsoft Office is quite possibly the most widely used and available commercial program in the world, VBA or Visual Basic Applications
comes with Excel which after HTML must be the most widely used or available language, certainly in business applications.
The fact it is a Micosoft program and therefore uses Internet Explorer is incidental.
1.3 Why encrypt the internet and Examples of Uses
In one word Privacy as opposed to Secrecy.
While encrypting the internet achieves both aims, the most relevant aim for commercialisation is Privacy.
In any environment you can only control those factors you have the ability to influence. If by providing privacy secrecy is enabled
then that secrecy is ancillary and for practical purposes can be considered irrelevant. But Privacy equates to Security, and what organisation
or individual doesn't require security at certain times?
The definitive article on Encrypting the Internet by Michael E. Kounavis, Xiaozhu Kang, Ken Grewal, Mathew Eszenyi, Shay Gueron and David Durham discusses some of the motivations for encrypting the internet, they make interesting reading here is a link
Encrypting the Internet.
Some practical examples of uses for privacy on the internet, here a few
(1) a CEO for a company is not physically on site, lets say he goes overseas, but he still wants to view his
Weekly Key Indicators report, or perhaps his monthly Management Report. This can be encrypted and loaded
as an ltwpsyn® page and should he want to he can then look at the report/s regardless of his physical location
if he has internet and Microsoft Office access.
(2) a Customer example. A company supplies raw materials to a manufacturing company. The Supplier company
may hold certain stock specifically for the Manufacturing company. On a daily/weekly basis a listing of the SOH of the products
used by the Manufacturing company could be encrypted using an ltwpsyn® encryption. The Price list for that client could
also be included, perhaps even an ordering template. At any time in the future the information showing the SOH for any day could
be then known, permitting the Manufacturing company to keep the Supplier company appraised of their requirements.
(3) a person could have an internet page advertising their services but wish to keep some parts of their information confidential.
As an example perhaps their mobile phone number or their physical address. Once a potential customer has identified
themselves they might then like to make available their complete Internet page. Rather than having a secure area and issuing
passwords etc they just have a truncated internet site with an ltwpsyn® encryption of the full site.
1.4 Brief Design Overview
The ltwpsyn® algorithm design is as follows:
a cipher of the keyboard keys is created using a password. The number of combinations for this cipher is 100!
After the cipher is applied to the text to be encrypted the resultant numerical result is put into tables 100 characters
wide by 100 lines. A randomly generated number is added to the data to help create the line mixing sequence and the remaining
data to complete the 100 by 100 table are randomly generated.
The sequence to mix the 100 characters in a line is then applied and the same sequence is then applied to the lines.
In theory each block of numbers can contain up to 5000 letters ( 100 times 100 divide by 2 chrs per letter).
The worlds fastest Supercomputer is the Tianhe-2 , it can process up to 33.86 petaflops calcs per second.
Given the rate of change in processing capacity and speed it is feasible that at some point in the
future the home PC will have comparative abilities to todays supercomputer.
The computers used by WWII codebreakers are only as powerful as an everyday calculator today.
When designing an encryption algorithm today it is important to take into consideration possible future hardware
ability to "break" an encryption using simple computational capacity. (Brute force)
Certainly a Vigenere Cipher or any other cipher would be childs play for a modern supercomputer.
Even modern assymetric cryptographic techniques barely slow them down . . . . .
The DES standard which was derived from Lucifer and subsequently replaced by the AES standard is administered
by NIST, an American govt organisation. The cost to become AES "certified" is probably in excess of $30,000USD, not that being
certified is any guarantee that the NSA is not able to "break" an encryption. . . . .
I spoke to John Kelsey who is a far better crytographer than I could ever dream of becoming, ( not that I want to become one)
The encryption algorithm itself is not particularly important, it is the use you make of it.
For reference purposes attached is the email from John Kelsey (co inventor of Twofish)
John Kelsey correspondence
2. System Features
The ltwpsyn® algorithm has two important features that differentiate it from most other encryption
algorithms. They are it only uses numbers and the listing sequence for the 100 keystrokes is obtained via the internet. The
actual cipher is generated by the ltwpsyn® program but because the sequence is already random the resultant cipher
must also be random, and the algorithm can be turned off.
2.1 Complexity vs Simplicity
Encryptions as mentioned have standards, administered by NIST. Being compliant with AES 256
is the most commonly relied on standard. Unfortunately being AES 256 compliant does not prevent an encryption algorithm from being "broken"
or having a "back door" being added. RSA which is a good example of a widely used encryption algorithm has had both and is a good example of this
RSA warns over NSA link to encryption algorithm. The NSA and other organisations also employ the services of crytographic experts and supercomputers for the task of subverting, "breaking"
or creating "back doors". In fact any encryption algorithm designed in America is almost certainly able to be read by the NSA, here is some detail:
Legislation Seeks to Bar N.S.A. Tactic in Encryption. By their nature encryption protocols are complex, if they weren't then they would be "broken" quickly and easily, thus defeating their purpose.
But by being complex they can only have one one answer, the difficulty of course is finding that answer. But by being complex does an encryption algorithm
contain the seeds of its own destruction.
As explained by John Kelsey from NIST a typical example would be Helix which was broken a couple years after it was published it was then revised into Phelix.
Is it then possible to have a simple encryption protocol that effectively cannot be "broken". It would seem not. But if the false positives were to exceed
by an extremely large number the 1 correct result then the result could be seen to be that the encryption is "broken" but the answer still cannot be deduced.
The "noise" is so extensive that the searched for 1 answer cannot be found.
2.1.1 In Plain sight (steganography)
If you look at the history of encryption the first form of crypography and secret systems
History of Computer Cryptography and Secrecy Systems
was to actually hide the message in plain site. One way to do this was to shave a persons head, write a message on his scalp and after the hair grew back
send the messenger, when he arrived his head would then be shaved and the message read. Modern crytography substantially relies on complexity to protect a message.
The act of hiding in plain site has also been lost as most encryption text is clearly just that - secret. Numbers on the other hand can easily be extracted
from the letters and other characters in a message, they can therefore be hidden in plain site.
Numbers cannot be verified, unlike letters it is difficult to know if a number is correct. . . they are the perfect medium for the encryption text.
2.1.2 Scriptoria Continua
If you look at the history of the written word, Masters of the Word by William J Bernstein
to briefly summarise 5000 years -- the first phonemic writing system evolved into Phoenician, Hebrew, Aramaic and finally the ancient world's most easily mastered
writing system - Greek, with its vowels. Greek script then evolved into the Latin alphabet, with its interpunct punctuation, used in most Western languages today.
Until around the 1500's all writing was in the form of scriptoria continua, that is without punctuation or spaces, around this time some masterful Irish monks
invented the space, and silent reading was invented. . . .
ltwpsyn® protocol uses the Cipher as the beginning of its encryption, then random mixing of numbers to arrive at a blocks of numbers 100 by 100 characters
in size, but in order to further complicate and simplify the encryption it can produce a result creating a Scriptoria Continua encryption, that is one with no spaces,
Scriptoria Continua (for the Internet) with no resultant lower case text where any key stroke excluding <>/, the numbers and the letters can be used to create a space.
The reason for these additional encryption options will become more apparent when demonstrating reverse engineering of the ltwpsyn® encryption protocol
in the False Positive example.
2.2 Edward Snowden & Bradley Manning
In mid 2010 when Private Bradley Manning took 75,000 United States government
documents on Afghanistan and then a further 400,000 State Department documents and delivered them to WikiLeaks who then leaked them, he demonstrated a fateful
flaw in the NSA encryption protocols.
Edward Snowden a private contractor to the CIA and DELL then took , amongst other things, quite a few of his own documents, presumably some of these
were encrypted documents. He also breached a variety of safeguards and area controls and left with all these files.
These 2 examples, amongst some pretty major other things, show us that the NSA, CIA etc do not have records of the number of encryptions
and the locations, presumably with different security levels, that their encryption protocols are used at and also subsequent to a breach they are unable to turn
off their encryption. Either of these 2 options would likely have highlighted, if not pevented these leaks.
On the basis of the points I have very briefly covered here is a list of what I think a good encryption protocol should have:
(1) Difficult to break, stands to reason, but if broken should still be able to be used. To be difficult to break the encryption algorithm should automatically be
random, no two encryptions, even using the same password and encrypting the same text should produce the same result. The algorithm should be dynamic
for commercial reasons, piracy and unauthorised duplication are just as big an issue as the complexity of the algorithm.
(2) Easy to use, ideally the encryption algorithm can be used on public or shared computers as easily as on private and secure computers and/or computer systems.
(3) Different levels of security and the ability to know which levels are accessed and ideally how many times.
(4) Ability to be turned off if required. This may be required by the owner/distributor of the encryption and also by the user of the encryption.
(5) Cost effective flexible costing options to suit the volume of use made of the encryption.
(6) The encryption result should be concise, this may be especially relevant if the encryption will be hidden in plain sight.
Many encryptions rely on additional characters which are not required but used to help disguise the actual encryption characters.
3 Related Work
While discussions with John Kelsey have clearly establish that the encryption algorithm is ceratinly replaceable and not the critical
input, it is never the less important that the encryption algorithm can be relied upon given the current situation as discussed in
Edward Snowden & Bradley Manning
and with John Kelsey Because the POC was developed in 1998 various improvements and adjustments can now be made. . . .
3.1 Law of the Minimum
Sometimes known as Liebig's Law, this is a biological aphorism that states that growth of an organism is restricted by that factor
present in the least favorable quantity. In a cryptographic setting this is also very relevant. You can also think of it as a chain is only as strong as its weakest
link. In this case the key or the password used in the encryption.
The human mind struggles to remember more than 7 things, this is often cited as Miller's Law.
Getting a user to provide a password which has more than 10 digits and is "strong" is always difficult. Given that the number of combinations for a 10 digit password
is 100 ( roughly the number of different keys on a keyboard) to the power of 10, or 10 followed by 20 zeros, once the methodology for an encryption is known there are
only 10 to the power of 20 combinations. With a modern supercomputer such as the Tianhe-2 (33,863 trillion calc's per second) clearly one way to "break" an encryption algorithm is to do it by brute force.
Is it possible to create an encryption algorithm with a normal password but which has in excess of 10 to the power of 20 combinations?
The answer is yes & no. No if you try to use a stand alone algorithm such as RSA. Yes if you break the paradigm. ltwpsyn® is therefore a reversal of conventional exegesis.
3.2 Rounds as used in encryptions
Most encryption algorithms use rounds. In AES (which replaced DES in 1977) rounds are defined as . . .
" several processing steps, each containing four similar but different stages, including one that depends on the encryption key itself. A set of reverse rounds are applied to transform ciphertext back into the original plaintext using the same encryption key"
applied to transform ciphertext back into the original plaintext using the same encryption key" Advanced Encryption Standard -- Rounds. In AES designed and accredited algorithms rounds are necessary because the encryption is "self contained", if the algorithm obtained additional data externally
then the need for rounds would be eliminated or reduced.
Further obtaining some of the mixing sequences or parts of the rounds from an external source creates a "cut out" switch for the algorithm.
In the case of ltwpsyn® this also means that the encryption only works when the Internet is available.
4 System Adumbration
High-level description of the algorithm
The initial cipher is created from a password, for security reasons if the password is less than 10 characters it will automatically be increased to a minimum of 20 characters.
This cipher is only used to store the passwords used in the encryption. Each spreadsheet copy of the algorithm can store more than 1000 passwords
and while the number of copies of the spreadsheet is not limited the registration licence would limit the number of actual people who can use the algorithm.
The ltwpsyn® is pretty much an AES standard algorithm, FYI here is a quick summary of an AES algorthm from Wikipedia . . . .
4.1 Using the Internet as part of an encryption algorithm
No existing (to my knowledge) AES accredited encryption algorithm uses the internet as part of
the processing calculation procedure to arrive at the resultant encrypted text. By this I do not mean is on the net, many encryption algorithms are available on the net,
what I mean is that the internet is an integral part of the incryption calculation process.
In essence the encryption process has barely moved forward since Arthur Scherbius invented the Enigma Cipher during WWII. All that has happened
is that the algorithms have become more complex but the approach has not really changed.
This is the class 42 NZ registered trademark for the encryption algorithm used in the attached examples. If the algorithm and how it works was explained in detail it would be lost
almost immediately. It is very simple to create and currently is fully contained in a 500KB Excel spreadsheet. (The Reader.xls is in fact only 125KB in size!)
If you had the world's fastest supercomputer you would still require more than eight years to solve the algorithm, or at least that's according to Dennis Charter,
and he should know, he helped invent and commerialise encryption for banks , for reference purposes attached is the email from Dennis Charter ltwpsyn® requires approximately 8.9 years for a supercomputer to "break". It can be turned on and off and has the 6 features that a good encryption should have as outlined in 2.3 Features a good Encryption Protocol should have.
The lexicon of the current internet has many different forms, dot com being the most widely known.
The current internet is considered by many to be US-centric, see President Dilma Rousseff of Brazil's comments here
Brazil looks to break from US-centric internet. be that as it may the internet may or may not now be US-centric but it is certainly English-centric! You cannot for example have a chinese language
internet site, take www.weibo.com, one of the most used chinese sites, ( in simplified chinese this is written 新浪微博 or 北美微博广场 or just plain 微博 ) have you ever heard of 新浪微博.com? how about 北美微博广场.com or 微博.com?
The lexicon naming rules of the internet don't apply when the page is constructed on your drive, therefore the naming conventions of the internet don't apply.
Maybe one day soon you will see 新浪微博.com or 北美微博广场.com or 微博.com coming to a place near you. . .
Because I would only initially use a limited number of external sites to demonstrate the ltwpsyn® encryption protocol I have
created some encryptions of existing sites, my preference was to actually get those sites I choose to actually load the ltwpsyn® encryption page,
but for these sites it proved too complex to explain to them and get their permission. I also decided that I would not, even technically, breach copyright.
Therefore I was further limited in the choice of sites/pages I could encrypt.
I believe it is easier to demonstrate the process rather than explain it in detail. (A picture is worth a 1000 words and so perhaps are a 1000 demonstrations)
I have either included a link to the original page encrypted and you can look at the source code yourself, or occasionally I have shown the html code that
is being encrypted to help you.
Of course the ltwpsyn® encryptions are very hard to decrypt so you need to request a Reader program, here is the link which also explains
how to do this. Request a ltwpsyn® Reader.
www.tumblr.com I needed a blogg site to demonstrate this with, I have a person who was going to create a www.tumblr.com page which I would encrypt.
I am still waiting on the tumblr site so temporarily I have made a google site.
www.sites.google.com I wanted this type of site to demonstrate that you don't need a web site to be able to use the ltwysyn® protocol.
www.sites.google.com This is the mirror copy of this site explaining the ltwysyn® protocol.
www.sites.google.com/ elaborar a declamatio privada e pública is the summary of the ltwysyn® sites and all other sites using the ltwysyn® protocol.
As part of my discussion on 2.1 Complexity vs Simplicity. I mentioned that it was possible
to get many more false positive results that the actual result. To show you this I will use an encryption and by reverse engineering the ltwpsyn® encryption
algorithm produce several possible results to demonstrate this, and I will use (π) Pi because this can be easily found on the internet and is a number.
the decryption results will be:
eureka : what Archimedes was suppose to have said when he worked out displacement in the bath . . .
lasciate ogni speranza, voi ch'entrate : Dante's inferno canto III line 9 . . .
i love you : because that is one of the answers you get with an ltwpsyn google search google search: ltwpsyn
ltwpsyn® is designed to be a low price universal encryption algoritm to enable encryption of the internet. The
primary goal is to provide a methodology that permits privacy where this is desired or required on the
World Wide Web. ltwpsyn® employs a number of techniques to achieve this outcome.
Furthermore, ltwpsyn® may be able to be adapted for other important areas of security.
An encryption algorithm is a complex system and further improvements from the current simple
POC versions are required. There are many additional features for which programming needs to be completed.
One interesting ltwpsyn codicil I am thinking of making is a secure communication array. By creating a summary page by user of the people
a person is communicating with (including "Public" ) the program could access the summary and if new ltwpsyn® encryptions had
been added since the last decryption then the program would hyperlink transfer from the relevant location the ltwpsyn® encryption
apply the relevant password to complete the encryption protocol and decrypt the communication, display could be by the usual hyperlinked
Hypertext page stored on the users drive.
As previously mentioned the biggest problem facing users of the internet relate to languages.
This program will be a fully interactive multi language encryption tool when completed. I envisage encryption being available in ALL languages.
6.3 Naming conventions
It is very important when dealing with the entire Web that the current naming restrictions be overcome, ltwpsyn®
protocol could facilitate this.
6.4 Copyright protection
In addition to being an encryption tool it could be possible to use the same approach to "turn off" unauthorised
copies and duplications of other programs, music etc distributed via the internet. This requires more research before this can be definitively proven.
7 Expressions of Interest & Contact Procedure
Readers are available for ltwpsyn® examples and current ltwpsyn® users, click to follow link: