Basically, use message authentication algorithm with shared secret to authenticate correct message bits and their position, and output random values for incorrect message bits.
For example, to encrypt 2-bit message '10':
1: (1, 2388) -- '2388' is a correct MAC(key, 1||1)
1: (0, 3777) -- '3777' is a random number
2: (1, 9796) -- '9796' is a random number
2: (0, 4786) -- '4786' is a correct MAC(key, 2||0)
Your full message is transmitted as plain text bits + authentication tag, intermixed with opposite bits + random data. Someone not knowing the secret key cannot guess which bits are the correct message bits, and which are incorrect.
To "decrypt", the receiver just calculates authentication tags with the same key, and keeps those bits that correctly authenticate, discarding the ones that don't authenticate.
The easiest to memorize and implement MAC, I think, is SipHash which uses 128-bit keys and outputs 64-bit tags: https://131002.net/siphash/
"As we face a real threat of a ban on the distribution of strong cryptography, in the United States"
When I first read this I said "Really? The cryptowars ended a long time ago." and then I saw the last modified date on the home page: 2002. This was when the cryptowars were finally coming to an end...
For anyone else who thought, "What, there was a period of time known as the cryptowars?" and wants to know more, I found this article gave a decent rundown[1].
A one time pad consumes as many bits as the message length. It has nothing to do with the bits of information that can theoretically be stored in a deck of cards.
One time pads need to be as long as the data they are encoding. They must not have any repeats. The pad has to be really random.
Thus the maximum length of the message is 54 chars (52 cards, 2 jokers).
And then you have the pad distribution problem - you need to get the pad from Ann to Bob. And the message needs to get from Ann to Bob. So are you using security by obscurity and hoping no-one notices the deck of cards is a OTP?
The main idea is interesting, but the justification for the name - that Jedi Knights built their own light sabers as a reaction to an Empire - does not sound correct. The Jedi were around long before Emperor Palpatine was destroying the Republic.
It's a boring political tie-in, even if the implications are interesting:
> Its political aspect is that because it's so simple, it can be reimplemented anywhere at any time, and so it provides a way for users to communicate privately even if government or other controls make distribution of normal cryptographic software completely impossible.
Basically it just means that it's a cheap to run and easy to use algorithm.
The interesting implication is that this may make it pointless for "relatively free" nations to ban cryptography. The vast quantities of good, publicly accessible crypto would make it an impossible rule to enforce (although it would give them a leg up in a courtroom setting).
http://people.csail.mit.edu/rivest/Chaffing.txt
Basically, use message authentication algorithm with shared secret to authenticate correct message bits and their position, and output random values for incorrect message bits.
For example, to encrypt 2-bit message '10':
Your full message is transmitted as plain text bits + authentication tag, intermixed with opposite bits + random data. Someone not knowing the secret key cannot guess which bits are the correct message bits, and which are incorrect.To "decrypt", the receiver just calculates authentication tags with the same key, and keeps those bits that correctly authenticate, discarding the ones that don't authenticate.
The easiest to memorize and implement MAC, I think, is SipHash which uses 128-bit keys and outputs 64-bit tags: https://131002.net/siphash/