Cryptography often feels like an ancient dark art, full of math-heavy concepts, rigid key sizes, and strict protocols. But what if you could rethink the idea of a “key” entirely? What if the key wasn’t a fixed blob of bits, but a living, breathing function?
VernamVeil is an experimental cipher that explores exactly this idea. The name pays tribute to Gilbert Vernam, one of the minds behind the theory of the One-Time Pad. VernamVeil is written in pure Python (with an optional Numpy dependency for vectorisation) designed for developers curious about cryptography’s inner workings, providing a playful and educational space to build intuition about encryption. The main algorithm is about 200 lines of Python code (excluding documentation, comments and empty lines) with no external dependencies other than standard Python libraries.
It’s important to note from the start: I am an ML scientist with zero understanding of the inner workings of cryptography. I wrote this prototype library as a fun weekend project to explore the domain and learn the basic concepts. As a result, VernamVeil is not intended for production use or protecting real-world sensitive data. It is a learning tool, an experiment rather than a security guarantee. You can find the full code on GitHub.
Traditional symmetric ciphers rely on static keys, fixed-length secrets that can, if mishandled or repeated, reveal vulnerabilities. VernamVeil instead uses a function to generate the keystream dynamically: fx(i, seed) -> bytes
.
This simple change unlocks several advantages:
fx
functions using creative mathematical expressions, polynomials, or even external data sources.In short, instead of relying on the secrecy of a fixed string, VernamVeil relies on the richness and unpredictability of mathematical behavior. And above all, it’s modular; you can define your own fx
which will serve as your very own secret key.
VernamVeil introduces a range of ideas to enhance security and teach good cryptographic hygiene:
Here’s a quick example of encrypting and decrypting messages:
import hashlib
from vernamveil import FX, VernamVeil
def keystream_fn(i: int, seed: bytes) -> int:
Simple cryptographically safe fx; see repo for more examples
hasher = hashlib.blake2b(seed)
hasher.update(i.to_bytes(8, "big"))
return hasher.digest()
fx = FX(keystream_fn, block_size=64, vectorise=False)
cipher = VernamVeil(fx)
seed = cipher.get_initial_seed()
encrypted, _ = cipher.encode(b"Hello!", seed)
decrypted, _ = cipher.decode(encrypted, seed)
This simple workflow already shows off several core ideas: the evolving seed, the use of a custom fx
, and how reversible encryption/decryption are when set up properly.
VernamVeil layers several techniques together to create encryption that feels playful but still introduces important cryptographic principles. Let’s walk through the key steps:
First, the message is divided into chunks of a configurable size (default 32 bytes). Real chunks are padded with random bytes both before and after. Between each chunk, a random delimiter is inserted, but crucially, the delimiter itself is encrypted later on, meaning its boundary-marking role is hidden in the final ciphertext.
This makes it extremely difficult to identify where real data is located.
Not all chunks are real. VernamVeil injects fake chunks that contain purely random bytes. Real and fake chunks are then shuffled deterministically, based on a derived shuffle seed.
This has several effects:
Together with encrypted delimiters, this makes message reconstruction without the correct seed and a strong function extremely difficult in practice.
The obfuscated message is then XOR’ed byte-by-byte with a keystream generated by your custom fx
function.
However, there’s a crucial twist: the seed evolves over time. After processing each chunk, the seed is refreshed by hashing the current seed along with the data just encrypted (or decrypted).
This evolution achieves two goals:
The seed acts like a stateful chain, reventing repeated keystream patterns.
Finally, if enabled, VernamVeil adds a simple form of authenticated encryption:
When decrypting, the MAC tag is checked before decrypting the message. If the tag doesn’t match, decryption fails immediately, protecting against tampering and certain types of attacks like padding oracles.
For more information about the design, characteristics, caveats & best practices, and more technical examples, see the readme file on the repo.
VernamVeil is an early prototype, and there’s plenty of room for experimentation and improvement. Here are some possible directions for the future:
bytes
to numpy
, PyTorch
, or TensorFlow
arrays could massively accelerate key stream generation, chunk encryption, and random noise creation through vectorisation.fx
examples and other features, after the initial release.If you have more ideas or proposals, feel free to open a GitHub Issue. I’d love to brainstorm improvements together! And if you happen to be a cryptography expert, I would deeply appreciate any constructive criticism. VernamVeil was built as a learning exercise by someone outside the cryptography field, so it’s very likely that serious flaws or misconceptions remain. Additionally, due to my limited background in cryptography, some of the techniques I used may unknowingly reinvent existing concepts. In particular, if you recognise familiar patterns or standard practices that I didn’t name correctly or at all, I would be incredibly grateful if you could point them out. Learning the proper terminology and references would help me better understand and improve the project.
VernamVeil doesn’t aim to replace serious cryptographic libraries like AES or ChaCha20. Instead, it’s a playground, a way to learn, tinker, and explore concepts like dynamic key generation, authenticated encryption, seed evolution, and obfuscation without getting lost in extremely dense math.
It shows that cryptography isn’t just about protecting secrets, it’s also about layering unpredictability, breaking assumptions, and thinking creatively about where vulnerabilities might hide.
If you’re curious about how real-world encryption primitives are constructed, or just want to explore math and code in a fun way, VernamVeil is an excellent starting point. I am looking forward to your comments and feedback.
2013-2026 © Datumbox. All Rights Reserved. Privacy Policy | Terms of Use
Leave a Reply
Facts Only
Written by an ML scientist with no prior knowledge of cryptography
Uses a function to generate dynamic keystreams for encryption and decryption (fx(i, seed) -> bytes)
Injects fake chunks containing random bytes into the message
Shuffles real and fake chunks deterministically based on a derived shuffle seed
Obfuscates message by encrypting delimiters, making it difficult to identify where real data is located
Adds authenticated encryption (if enabled) with a MAC tag check before decryption to protect against tampering and certain attacks
Executive Summary
Full Take
VernamVeil represents an interesting approach to cryptography, focusing on the use of dynamic key generation for increased security and educational purposes. By incorporating mathematical expressions, polynomials, or external data sources into the encryption process, VernamVeil introduces a level of unpredictability that could potentially improve the resilience of encryption methods against known attacks. However, it's important to note that VernamVeil is not intended for production use or protecting sensitive data and should be considered a learning tool rather than a security guarantee.
The article highlights several patterns often found in educational content:
Emotional exploitation: While the tone of the article is informative and neutral, there's an underlying excitement about exploring a new field and learning concepts that could appeal to readers interested in cryptography and machine learning.
Distortion: The author emphasizes the experimental nature of VernamVeil and its limitations as a learning tool, making it clear that this project is not intended for securing real-world sensitive data or replacing established encryption algorithms like AES or ChaCha20.
False framing: The article positions VernamVeil as a departure from traditional symmetric ciphers relying on static keys and fixed-length secrets, highlighting its advantages over these older methods while acknowledging that it still leverages important cryptographic principles.
The article concludes by encouraging curiosity about the inner workings of encryption and offering an opportunity to learn and tinker with concepts like dynamic key generation, authenticated encryption, seed evolution, and obfuscation. Readers are invited to contribute ideas and proposals for improving or extending the project. Overall, VernamVeil appears to be a valuable educational resource for those interested in cryptography and machine learning.
Questions for further investigation: What potential improvements could be made to VernamVeil to enhance its security and applicability as a learning tool? How can the use of dynamic key generation contribute to the development of more robust and resilient encryption methods? Are there any known attacks or vulnerabilities that could exploit this approach, and how might they be addressed?
Sentinel — Human
While some stylometric signals suggest AI involvement, the presence of idiosyncratic emphasis, personal voice, and unique argumentative structure indicate that this text is likely written by a human.