Secure Method of Communication

Comments (20)

Secure Method of Communication

By: Max Penn


In today's business world, your business competitors will often try and get an edge over you by any means possible.This includes attempts at intercepting your sensitive business communications.

This is why it is highly recommended all companies, including yours, buy secure communication equipment for sensitive business communications.

The problem...

But what happens when you're out of the office, you don't have your secure equipment with you , and yet you still urgently need to communicate sensitive information with a colleague...?

The solution...

The solution is having an alternative method of communicating securely by encoding your messages. This system is called the one-time pad and is absolutely impossible to crack. Even the biggest supercomputer of any one spy agency would not be able to accomplish this feat.

The only things required are a pen and a paper. Once encoded, you may send your messages by mail, email, or even by phone.

Let's get started.


Step 1: Create the key...

The critical component of this system is the random key. A key is a series of numbers that is used to take your original message (the plaintext) and turn it into a coded message (the ciphertext).

Before creating a random key, you need a way to convert alphabet characters into numbers.

Make a conversion table by taking a sheet of paper and writing letters and numbers as follow:


01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18


19 20 21 22 23 24 25 26

You are now ready to create a key. First, write down a series of random alphabet characters, such as RTISEWVZQYHKOPBU.

Break this long string of letters into blocks of two characters each, as follow:


Using the conversion table we've created above, convert the characters into numbers. For example R=18 and T=20, so the first block HL becomes 1820.) The result is 1820 0919 0523 2226 1725 0811 1516 0221 You have now created your first key. (Make sure to create a key much longer than this so that you can send several messages before the key is used up.)

As you will use the block of numbers to encode your messages, you will cross out each block you have used as to not use it more than once. (To simulate the crossing out of a block i will gray the blocks as follow: 1820 0919 0523 2226 1725 0811 1516 0221 )

Create two copies of your key. One for you and the other for the recipient of your messages.

Step 2: Format your message...

Let's use an example.

If the message you want to encrypt is ACCEPT IT, you format this text message into blocks of two characters each, yielding AC CE PT IT.

Next, convert the letters into numbers by using the conversion table above. In this example, A=01, C=03, so the first block would be 0103.) The entire string becomes 0103 0305 1620 0920.)


Rule 1- Numbers. Spell out numbers in full in your plaintext. For example, 123 becomes ONE TWO THREE

Rule 2-The Period. Use an X for each period in your plaintext. For example, GOT YOUR MESSAGEX APPROVE TRANSACTIONX.

Rule 3-End of message. Add XX at the end of your plaintext message for termination. Spies would add several bogus characters after the XX to make it even more difficult for code breakers(those who tries to decode secret messages) by making them try to decode those meaningless characters after the XX.

Step 3: Encode your message... We need a way to tell the recipient where the key begins, otherwise he won't be able to decode the message.

Remember in our earlier example, we created a key and stroked off (in gray) the blocks we'd already used.Here's what our key looked like. 1820 0919 0523 2226 1725 0811 1516 0221

The starting position in the key is at block 0919.) So we will place the string 0919 at the beginning of our message so the recipient will know how to decode.

The plaintext message of 0103 0305 1620 0920 becomes 0919 0103 0305 1620 0920 because we place the pointer 0919 at the beginning of the string. We are now ready to encode our message.

First we write out the plaintext. Directly below it we write out the key. Then we add the key to the plaintext using Fibonicci addition. This means we do no carrying. For example, 9 + 2 would yield 1 not 11.) And 7 plus 6 would yield 3 not 13.) Here's how the agent's working sheet would look.

Plaintext 0919 0103 0305 1620 0920

Key -- 0523 2226 1725 0811

Ciphertext0919 0626 2521 2345 0731

The encoded message is ready to be sent to the intended recipient. You now have a message that can absolutely not be cracked by anyone but the intended recipient.

Decoding the message...

To decode a message, simply reverse the calculations. Subtract the key from the ciphertext using Fibonicci subtraction. This means we allow no negative numbers. We add 10 if required. For example, 1 - 9 would yield 2 (because we add 10 so that we're able to subtract 9 from 11). The first block in the ciphertext tells our intended recipient where to start in the key. Here's what the recipient's working sheet looks like.

Ciphertext 0919 0626 2521 2345 0731

Key 0919 0523 2226 1725 0811

Plaintext -- 0103 0305 1620 0920

Here's how we subtract 0523 from 0626.)

The first column is 0 - 0 = 0.

The second column is 6 - 5 = 1.)

The third column is 2 - 2 = 0.

The fourth column is 6 - 3 = 3.)

(If your substraction look something like this: 1 - 6, it gives 1-6 = 5 because 11 - 6 = 5.)

By using the conversion tablet described earlier, the recipient converts the string of numbers back into alphabet characters. In this example, 01=A and 03=C, so the first block 0103 converts to AC. The string 0103 0305 1620 0920 becomes AC CE PT IT. The receiver reformats it to become ACCEPT IT.

Security measures...

If your key is kept to yourself and the intended recipient, and no one else ever gets access to it, this system is 100% secure. No one will ever break the code. Period.

But you need to be careful about security. Strong key security...means you must conceal your key in a location where you'll know if it's been tampered with. Usually this means carrying it on yourself at all times. Good disposal security...means shredding and/or burning your messages and the keys when you are done with it. One time and one time only...means you don't use a key more than once. Ever.

When used correctly, this system will enable you to share even the most sensitive pieces of information with your colleagues over unsecured channels of communications such as mail, email and even by phone.

Test your skills... To verify your new skills, try to decode the cyphertext by using the key below.

the key: 0418 4678 1223 4104 0804 0123 6212 8840 7013

the ciphertext:4104 1129 1028 6520 8360 8338

Remember that the first four-digit group in the ciphertext is a pointer indicating where to begin in the key.

Max Penn

About The Author

Max Penn, webmaster of

Article may be redistributed only if a link to my site is placed at the end of the text.


Euphorik 22.08.2011. 00:36

What method of communication on computers is the most secure? I heard that SSH (Secure Shell) was pretty secure, but is there anything that is more secure than that, like what kinds of things would governments use to communicate, I'd lol if they were sending top secret information over MSN xD.


Admin 22.08.2011. 00:36

i'm guessing your not a secret agent undercover or James Bond so just use something like skype (webcam..etc)


Arthusus 19.06.2013. 15:00

What are the best secure communication links? If a building were to connect somehow to another building roughly 80km away and are not visible by clear line of sight. What are 3 high speed secure communication links between the two offices? Why? Recommend one?

I have VPN down, what other methods are there?


Admin 19.06.2013. 15:00

There are no such thing as a secure line of communication...

There is a such thing as Tunneling Protocols which can be used on communication lines.

Communication lines are (also Media Lines): Ethernet, Fiber, Wireless...
Communication Protocols (run on Media Lines): TCP, UDP, LLC...

Then you Tunnel Protocols which Tunnel (a safe rode on highway which no one can see) in Communication Protocols on Media lines.

Tunneling Protocols:
SSH - Secure SHell Tunnel
PPP- Point to Point Protocol
L2TP- Layer 2 Tunneling Protocol

VPN - Runs on SSH... Or can run on SSL depending on the setup of the server... or run on PPP or L2TP depending on the infrastructure on the network....


Arthusus 19.06.2013. 14:09

What are the best secure communication links? If a building were to connect somehow to another building roughly 80km away and are not visible by clear line of sight. What are 3 high speed secure communication links between the two offices? Why? Recommend one?

I have VPN down, what other methods are there?


Admin 19.06.2013. 14:09

Quantum cryptography on specially laid fiberoptics. If you're the military or a government.
Reasonably secure would be just to get fiberoptic cable laid. Perhaps using end to end encryption.


Russell Mania 23.11.2007. 16:58

Is this method of getting free Internet actually illegal? If you buy one of those things that picks up access points, and hook it up to your computer, so you can use the Internet without paying a dime. Would it be consider stealing Internet serviece, without paying. I don't see how it would be legal if the access points are not secure or anything, its not like your hacking or anything.

Russell Mania

Admin 23.11.2007. 16:58

You're safe. Here is the technical facts about the situation however.

It depends on how your state laws concerning fraudulant media access are constructed. Most states do have these laws, but some don't. Of the states that do have these laws, they are usually written with acts in mind such as stealing newspapers, sharing software product key codes, and stealing cable television; even then it is very possible that mooching off of someone else's home network will be covered under those laws as well.

The main idea is that most laws define the fraudulant behavior as something very similar to "gaining access to a device, product, service, or electronic communication connection of which you are not given the express permission of the provider."

Still even then, you are right. Technically you are not "hacking" or causing any damage.

You can argue that since the network has the capabilities to be encrypted and/or passworded, and the provider elected not to utilize those safety features, then he demopnstrated a minimal expectation of privacy, thus implying that he did not mind if you SHARED access to a service that he is paying for.

Still however, the other side may argue that you were gaining access to a service that you were not entitled to with the intent of defrauding the Internet Service Provider by avoiding the payment of fees for a service which is only offered to customers under contract and requires payment by users.


edlbmw 07.09.2006. 04:36

is it safe to buy a car tru Yahoo Autos? Im buying a car tru Yahoo autos, and the method of payment is tru Western Union. The instruction is to submit payment tru Western Union and payment made to a Yahoo agent in West Palm Beach, Florida. To confirm the payment receipt I will fax the Western Union payment receipt to (xxx) xxx-4315. Im just curious if this is the safest method to pay the car instead of using Paypal or other secured payment method.


Admin 07.09.2006. 04:36

Please see my answer to your other questions.

Please note that Yahoo! Autos does not take possession of users' vehicles, we do not work with agents, and we do not work with money transfer agencies, so please beware that any communication you receive stating that Yahoo! Autos does use these services, as it is a misrepresentation. We advise buyers against sending online payments to sellers without meeting the seller or seeing the vehicle in person. Again, we strongly encourage buyers to see the vehicle, meet the seller, and complete any transfer of any payment in person.


Encyclopedia 13.02.2009. 20:51

How does Electromagnetic Interference affect the following? 1) Medical Devices
2) Data communication
3) electronics systems

If you know any more examples other than those I have mentioned above, Please write the effect of Electromagnetic Interference on them.



Admin 13.02.2009. 20:51

Medical devices are about the most secure. They run at a low rate, are redundant, and usually have a method of alarm to warn of data failure. Data communications use "packets" with sum checks to make sure data is not lost. Failure to confirm sum checks will result in packets sent repeatedly until correct or until a message is sent that data is lost. Electronics systems is a very broad catagory and need to be defined. The system to be most concerned with is the power grid. EMI from sunspot problems or from high altitude nukes will put the grid out of action. A nuke EMP will put the most electronics out of action.


Ernest 21.03.2010. 19:48

Can secure sites get hacked the same way as unsecure ones? By secure i mean the https ones

is it the same method/ harder?


Admin 21.03.2010. 19:48

The sites themselves are still vulnerable to being hacked the same way.

"https" means the communications between you and the server are encrypted, it says nothing about the security of the site. This means that no one can listen in on your conversation with the server and steal your password. But that's not how sites are hacked. Here's some of the common methods

SQL Injection: information used by the website, like usernames and encrypted (hopefully) versions of the passwords are stored in databases. You see up above, in the URL for this page, where it says "qid=". That's going to get put into a database statement that says something like "Get me the question where the qid=20100321124850AADWtFd". But, if Yahoo wasn't careful, someone could type in a URL that said "qid=20100321124850AADWtFd. Give me everyone's username and password" And the database would then give back not only the question, but also everyone's username and password because that's what the query said to do. It's not too hard to stop, but a lot of careless people for get to do that

Cross-site scripting: this is a vulnerability that affects web forums, like Yahoo Answers. When we put stuff in the box, Yahoo Answers displays it. They also allow you to do a limited amount of HTML. For instance, if I were to type in ♥, it would show up as ? If they're not careful, someone could just write programs in the text box and whoever views the webpage would execute it. Again, not too hard to defend against but a lot of people don't.

Social Engineering: The worst type of vulnerability. This is an example of PEBCAC- Problem Exists Between Chair and Computer. Users are tricked into giving up their login credentials. If you email someone the password to your bank account because you thought it was an email from the bank, there's nothing anyone can do to protect that.


ghc1020 02.10.2008. 12:58

What is the difference when accessing a web site using HTTP vs. HTTPS? Is one method preferred over the other?


Admin 02.10.2008. 12:58

Well, OK...

HTTPS is an extension of HTTP

HTTP = HyperText Transfer Protocol
HTTPS = HyperText Transfer Protocol over Secure Sockets Layer

HTTP is what most websites are run on. However, everything is sent "in the clear"; any info sent over HTTP can be eavesdropped.

HTTPS, the connection is encrypted. The server owner buys a certificate validating the site from a trusted CA (Thawte, Verisign, Comodo, to name a few). This serves two purposes:
-It encrypts end-to end all of your communications, making them safe for sensitive data.
-It prevents man-in-the-middle attacks. HTTP, I could hijack requests for and you wouldn't be able to tell. HTTPS, I wouldn't have the secure certificate (which the bank has, protected by an undoubtedly insanely long and complex password). Your browser would prompt you with a scary "Invalid security certificate" warning.

For anything sensitive (email logins, banking sessions, etc), HTTPS is the preferred and proper choice. However, for unimportant stuff (forums, simple browsing), HTTPS is not needed. Most pages are served over HTTP because they don't require the security of HTTPs (remember- you have to pay for a certificate, which is expensive), and install it. Also, it puts load on the server- the server has to individually encrypt everything before it sends it, and decrypt any data you send it. So if a website was all HTTPS it would require more powerful hardware to accommodate the same number of users.

Hope this helps!


Immature Straight Guy 28.10.2010. 19:55

What's a theorized way of communication more advanced than radio waves? I was wondering if scientists have an idea as to what might be the way we communicate across large distances as opposed to radio waves thinking as far as 1000 years into the future.

Immature Straight Guy

Admin 28.10.2010. 19:55

If we can find a way of easily generating neutrinos and detecting them, they would make an ideal method of communication. There is nothing that will block them outside a neutron star or black hole, and directing them in a tight beam will allow for secure channels without the need for encryption. But for now it's just sci-fi.


GennyB 02.07.2011. 19:35

What experience do I need to secure a job in Public Relations ? I have an associates degree in Video Production, but I would like to go the Public Relations route. I do not really have the time and money to get another degree at this point. What could I teach myself, that would help me get a PR job ? I am thinking to start statistics, economics, and photoshop.


Admin 02.07.2011. 19:35

Here is how to get a job in Public Relations.

1) Demonstrate excellent communication skills. Ideally, you will be able to submit examples of public relations materials--such as press releases--when you apply for a job, but articles or even essays you've written can help showcase your skills.

2) Volunteer to work with a non-profit to develop your public relations skills. While many non-profits make a point to hire a main public relations specialist, they may not have the funds to pay for assistants. Take advantage of these opportunities to network and learn.

3) Network with public relations professionals. Attending events can be an ideal method of meeting specialists, especially if you can offer a compliment to the planner. Alumni lists from your school may also offer you an opportunity.

4) Decide if there is a particular field of public relations you'd prefer to deal with, such as corporate, non-profit or event planning. Make a list of local public relations firms that work in those fields, whether or not they are hiring.

5) Approach the firms on your list and ask to submit your resume for consideration. If nothing is currently available, ask the hiring manager to contact you if a position opens up or freelance work or an internship becomes available. Positions can open surprisingly quickly or develop from smaller offers.


Write a comment

* = required field





* Yes No