## Case Study CS00010: Embed Ciphered Message in Email or Document and Decipher

The problem: Embed Ciphered message in Email or document, extract and decipher. CS00009 illustrates a technique in Glee for ciphering and deciphering text. This technique works fine for binary transmission where all characters are valid. However, if you are transmitting in a medium where some characters (e.g. control characters) are invalid or perform operations, the example shown in CS00009 would not be suitable. If we could assure that only characters we specify can be in the result we can get around this problem.

The solution: The solution is to take the output from the cipher and run it through the base conversion. This reduces the string to the domain of specified characters. On receipt, the string is first reconstituted using representation conversion before submitting it to deciphering.

1. Form a message containing in the open leading text; an embedded secret text; and trailing open text.
2. Create a string to be used as the base character set for transmission
3. Convert a secret phrase to a numeric ciphering/deciphering key
4. Cipher the secret text
5. Convert the ciphered text to the base character set
6. Build up the message by strand catenation and send (display)
7. On the receiving end, cut out the base character set and the secret message confetti.
8. Represent the secret text using the base character set
9. Decipher the secret part using the key and display.

Note: You can cut and paste these code fragments into the code pane of the Glee interpreter and experiment as you go along to see the actual operations live.

The Glee code:

\$\$ The ciphering and deciphering functions
\$\$==========================================
'init'#pgm   {t# => n; n %% n?k ``< => hv; 256 %% n ? => vv; hv vv};
'ciph'#pgm   {init=>v;(t[v[1]<]) #asc +(v[2]<) % 256 #asc};
'deciph'#pgm {init=>v;t #asc +256 -(v[2]<) %256 [v[1]< ``>] #asc};

"The following is a secret message"=>t1;
" *** this is really secret *** "=>s;
"And some more in the open "=>t2;
13 10 #asc => n; \$\$ New Line
"="%%40 => bar;
"Security phrase" #crc =>k;
s k[.t.k]ciph =>ct;
ct.b64 =>bct;

t1 n bct n t2 %* =>Message;

\$\$On the other end display the message
"The Received Message"\$;bar\$;Message \$;bar n\$;

"Cut out the secret part"\$;
\$R__\$r+YdOyHR3vozJqATwtMTgWGSFrIyRMthZi7oEht/Ryw==__ =>sp\$;\$;

'Security Phrase'#crc =>k;

"The embedded secret" n bar\$;
sp.r64 k[.t.k]deciph =>st\$;

The Output:
The Received Message
========================================
The following is a secret message
+YdOyHR3vozJqATwtMTgWGSFrIyRMthZi7oEht/Ryw==
And some more in the open
========================================

Cut out the secret part
+YdOyHR3vozJqATwtMTgWGSFrIyRMthZi7oEht/Ryw==

The embedded secret
========================================
*** this is really secret ***

The play-by-play:

1. 'init'#pgm   {t# => n; n %% n?k ``< => hv; 256 %% n ? => vv; hv vv};
'ciph'#pgm   {init=>v;(t[v[1]<]) #asc +(v[2]<) % 256 #asc};
'deciph'#pgm {init=>v;t #asc +256 -(v[2]<) %256 [v[1]< ``>] #asc};
. These are the ciphering/deciphering functions from CS00009
2. "The following are the valid characters. "=>t1;
" *** this is really secret *** "=>s;
"And some more in the open "=>t2;
13 10 #asc => n; \$\$ New Line
"Security phrase" #crc =>k;
"="%%40 => bar;

Set up some variables for the demonstration: t1 is some text ahead of the secret; s is the secret text; t2 is some text after the secret; n contains a new line character; the cyclical redundancy check word #CRC of the security phrase (the secret key) is in k; bar contains a 40 character double bar produced by reshaping %% the equal = character.
3. s k[.t.k]ciph =>ct;. Given the secret text s and the secret key k we call the cipher function ciph and capture the result in ct.
4. ct.b64 =>bct; performs the base64 operation on the ciphered text while will flow smoothly thru email systems. This is saved in bct
The result is:
+YdOyHR3vozJqATwtMTgWGSFrIyRMthZi7oEht/Ryw==
5. t1 n bct n t2 %* =>Message; Collects our variables containing input and output together. This forms a sequence which is converted %* to a character string (containing embedded line feeds in n ) and saved in the variable Message. This simulates a message being sent.
6. \$\$On the other end display the message
"The Received Message"\$;bar\$;Message \$;bar n\$;
simulates the receipt of the message. It displays the message guarded by the double bar lines.
This is the output::
The Received Message
========================================
The following is a secret message
+YdOyHR3vozJqATwtMTgWGSFrIyRMthZi7oEht/Ryw==
And some more in the open
========================================
7. "Cut out the secret part"\$;
\$R__\$r+YdOyHR3vozJqATwtMTgWGSFrIyRMthZi7oEht/Ryw==__ =>sp\$;\$;
. The recipient captures the secret text in sp.
8. 'Security Phrase'#crc =>k;. The recipient is privy to the secret phrase. Notice, since the #crc operator is insensitive to extraneous whitespace and case, only the pertinent characters are necessary to produce a matching key k.
9. "The embedded secret" n bar\$;
sp.r64 k[.t.k]deciph =>st\$;
. The recipient now has everything needed to produce the secret part of the message. First the sp is represented from base64 sp.r64 from the base string. The secret key k is strand catenated and a namespace formed [.t.k]. This names the represented text t and the secret key k and delivers it to the deciph deciphering function which is invoked. The result is the secret text st which is displayed \$.
This result is:
The embedded secret
========================================
*** this is really secret ***

Obviously in a real application this process would be greatly simplified to the user. They would probably highlight text and press a cipher button. Here they would be prompted for the pass phrase. The text would then be ciphered and based in place in the document. On the other end the user would highlight the text (or it would be automatically highlighted) and he would reverse the process by giving the pass phrase and revealing the secret text. Underneath a very few simple lines of Glee code do all the work.

This completes the example. To better understand these operators and other things you can do with them, consult the operator pages according to the type of data you see being operated on.