When we looked at the Rilke Kryptogramms, our initial thought was that it had to be a pad with keys for encrypting text to generate a cipher, since the tests conducted on the pages of code concluded, it couldn't be a cipher in its own right. Claiming it to be exercise pages to train morse code, as suggested, appeared even more unlikely. The person in possession of the pad, was sent to France in 1943. The location he was placed, had been in enemy country and a communication unit. The pad is dated 1944 and it seems very unrealistic that he, being drafted from the reserve, would have still needed exercises to do his job. Certainly units in occupied France wouldn't have had the time to train someone on the job, but would more likely expected people sent there to know their job.

Why we think that the pages are a pad, used for a system that combined two encryption methods, we have to go back to Shannon and read what he said about the Vernam cipher. Certainly the Germans could have come to the same conclusions, prior to Shannon publishing them at the end of the 1940's. They were aware that a one-time pad and the security depended on the length of text to be transmitted and the amount of available unique keys (known since the 9th century with the first written records by a mathematician who went by the name of Al Kindi and lived around Damascus). They also had knowledge of the Alberti Disk, a very simple form of the Enigma and known since the 16th century.

Shannon:

The situation is somewhat more complicated if the number of messages is infinite. Suppose, for example, that they are generated as infinite sequences of letters by a suitable Markoff process. It is clear that no finite key will give perfect secrecy. We suppose, then, that the key source generates key in the same manner, that is, as an infinite sequence of symbols. Suppose further that only a certain length of key LK is needed to encipher and decipher a length LM of message. Let the logarithm of the number of letters in the message alphabet be RM and that for the key alphabet be RK .

Then, from the finite case, it is evident that perfect secrecy requires RMLM ≤ RKLK. This type of perfect secrecy is realized by the Vernam system.

The emphasis here is placed on messages and the last sentence declaring that no finite key will provide perfect secrecy. The question we have to ask us is what conditions are required to make that statement come true? If for example we select a random string of characters from the alphabet, let's say 2000 characters and now select randomly a key out of a pool of 26 available to pair these characters with the key characters, we still have perfect secrecy when attacking the cipher. Anybody claiming after only intercepting a cipher to predict the two random strings used to built it, will live in a different part of the multiverse where that kind of mathematics is taught, which we normally call magic.

But it tells us that the wording messages has to be something that can not be random and has to have structures and rules, which turn it into a property that in its own right can be measured. So, instead of using a Markov Process (Markoff - spelling has changed since Shannon wrote it) to generate messages, we use a Markov Process to turn a message into a random string of data (here characters). For our Markov process we will use a single permutation of the English alphabet and we add a space character, two punctuation marks and the numbers 0 to 9. Now we have an alphabet that has 39 characters. This alphabet will allow us to encrypt English and German text (Umlaute in German can be written as OE[Ö]; UE[Ü]; AE[Ä] and the character ß as ss.

Alphabet & one random permutation & Mod 39

We have two options to encrypt a message when using a permutation. The first one is mapping the plaintext against the permutation (here the key lies in the actual mapping), which isn't an inspiring or smart idea since it will be the shortes way to give a cipher away. The same plaintext characters mapped would result in the same cipher character. The second option would be to select the first character and use it as key character (pairing it with the plaintext character and apply modular arithmetic) and continue this way with the next plaintext characters. Now we have the same problem as the one-time pad encryption and face the problem pointed out by Shannon, that exceeding the amount of available key characters will reduce entropy and depending on the length of the plaintext enable an attacker to crack a cipher.

For the Rilke "Kryptogramms" we will change the modus and use for each plaintext character a different permutation, replacing the punctuation marks with the German Umlaute and regard the characters on the paper sheets as key characters. The mapping is our Markov process, transforming the plaintext into random data before we use the characters on the sheet as key characters. The plaintext we encrypt is "THIS MESSAGE" and the result can be seen in the following images. By moving the first character of the permutation to the end of it after each mapping step, we have in the example 39 possible permutations.

Alphabet & one random permutation & Mod 39

Message & Mapped Characters & Key & Cipher

Looking at the cipher we have to ask the question if we are still in compliance with Shannon's statement that RMLM ≤ RKLK has to be achieved? What happens if the plaintext exceeds the length of 39 characters, which is the amount of available key characters? For that let us take a quick look at the mathematics involved here:

(m → tm)    c_i = tm_i + k_i | mod 39

By transforming (mapping) m to tm we change the position of a character and its value in correlation to the original alphabet. If we take a look at our first permutation we can see that the position of E(4) is occupied by G(6) and and postions and values of other 38 characters have changed too. That tells us that each permutation is a different alphabet, where we use the same character set, but the rules that govern frequencies and pattern have changed. However, to rely on Shannon's statement that RMLM ≤ RKLK, means we have to stay in the same alphabet. In our example we used a very simple shift modus which gave us 39 permutations. This provides us with the opportunity to enter 39 times the 39 available characters (39 x 39 = 1,521). This also means that we can have a plaintext of this length and the only time we would violate Shannon's statement would be if we exceed the length of 1,521 characters.

This was the point, we reached some time ago and since then we have continued to modify the modus operandi. The first step from there was removing the annoying key transmission, which is regarded as the biggest obstacle when dealing with the OTP. An example is below. The other steps ensure that we never use the same start permutation and that the shift from one to the next permutation always creates a new unique permutation and no restrictions on the text length (data) are placed. None of these steps are based on mathematical algorithms, but random choices made by a user.

Message & Mapped Characters & Key & Cipher

We used two of the columns in our permutation, which would after each encryption step switch and provide the key character. In the example above we used K and Y, however, we could have used more. We place these two characters in front of the cipher and call it the PIN. The PIN length can be from 1 (8 bits) to 32 (256 bits) characters. Encrypting one megabyte of data and using all available PIN options will increase the amount of data to be transmitted by approx 0.003 %, when compared to the original plaintext. Using the original OTP would require another megabyte of key data. An adversary only intercepting the cipher, but knowing the modus operandi, could not determine what is PIN and where the actual cipher starts.

Naturally we don't use the English or any other language alphabet anymore. We could have used the ASC code or the binary code system and the software we developed uses the binary system, which doesn't change the modus operandi. However, what it changes is the initial secret we have to share with recipients. Using the hexadecimal system would require a randomized string with the 16 hexadecimal characters and the binary system 8 randomized bits. But now any file format can be encrypted and ASC or any of the Unicodes presents not a problem. Text, images, media files etc can be encrypted as single files or as block, generating one cipher file.