# Half Scrabble encryption

This is a cipher based directly on John F. Byrne's Chaocipher from 1918, which was kept secret for many years and finally revealed in 2010. It simplifies Chaocipher so only the cipher "wheel" is used. Known plaintext attacks are prevented by optionally prepending random letters to the plaintext, or by applying a transposition after the main encryption process. There are two keys for a total key space of size 26!^2, equivalent to 177 binary bits. The name is because it can be most easily implemented using Scrabble tiles.

## Step 1. Alphabet preparation

We begin by making scrambled alphabets out of the keys. This is why we input the keys before the plaintext. The boxes are blue to indicate that they can be written on. Do this to make a scrambled alphabet: take each key and write the different letters of the alphabet in the order they appear in the key, if a letter has been used already, write instead the immediately preceding letter in the normal alphabet not yet chosen. If there are letters that did not appear in the key, write them now in reverse alphabetical order (key 1 only).

It is OK to use keys that have been used before, even for a message of identical length as a previous message. In this program, if you leave the key 2 box empty, key 1 will be used also. Write a single letter in the key 2 box to turn off transposition.

### Key 2 (transposition)

So here are the initial mixed alphabets produced by processing the keys. If you are using Scrabble tiles, put the first alphabet above a ruler where the straight alphabet has been written on cells of equal width as the tiles, with the first letter lined up with the "A". We will be looking up plaintext letters in the alphabet written on the ruler, ciphertext letters in the alphabet made with tiles:

### Transposition alphabet (might not be full length)

Here we tell the program which ciphertext letters relative to the one being encrypted are to be swapped. First (0 to 25, default 0): and second (0 to 25, default 25):

And here whether the ciphertext alphabet takes one step forward or backward after that:     Forward     Backward

Here we tell the program whether or not to prepend twenty random letters to the plaintext in order to prevent a known plaintext attack:

Finally, since the processes for encryption and decryption are slightly different, we need to tell the program what we want to do:

Encrypt     Decrypt

## Step 2. Plaintext preparation

### Plaintext / Ciphertext

Which is converted to this, after spaces, punctuation and diacritics are removed, and everything is turned into lowercase:

### Processed Plaintext / Ciphertext

If we are decrypting, the ciphertext is descrambled using the Transposition alphabet as key. There is no transposition when encrypting, but we may add as many as twenty random letters at the beginning, in order to defeat a known plaintext attack:

## Step 3. Encryption / Decryption

It is hard to show how the ciphertext alphabet changes after every letter encrypted or decrypted, so we'll only show the ciphertext obtained. Do the following to encrypt each plaintext letter:

1. Look it up on the plaintext alphabet (marked on the ruler), then read the letter above it on the ciphertext alphabet. This is the ciphertext letter, which you should write down.
2. Swap the letters located at the positions written in the small blue boxes, relative to the letter you just wrote (0 is the same letter, 1 the one after, 25 the one before). Whenever you reach the end of the alphabet, continue counting from the beginning.
3. Shift the whole alphabet one space to the right and move the last letter to the first position if the "Forward" box is checked. Do the reverse if "Backward" is checked.

The instructions for decryption are the same, except that you look up the ciphertext letter on the ciphertext alphabet, in order to obtain the corresponding plaintext letter. Then the ciphertext alphabet is shuffled after each letter is decrypted exactly as described above. Here's the result of the operation:

## Step 4. Final transposition and result

When encrypting, we do a transposition as final step, using the Transposition alphabet as key. We begin with the result of the previous operation, which will be repeated if we are decrypting instead (transposition was done earlier). The ciphertext (plaintext when decrypting, possibly with the initial random letters removed) is the first box below. The lower box contains the same, but split into codegroups of five characters each. We also perform some statistical tests, which are displayed before the last box.

### Ciphertext / Plaintext

Information about output randomness will appear here