You are on page 1of 19

Scalar Cryptography. Copyright 2009 Austin O Byrne.

Scalable Key Cryptography Mutual Databases One-way trapdoor

Austin O Byrne
1 / 12 / 09
This document is the intellectual property of the author. The encryption scheme it describes is copyright registered in the USA and In the UK. Any attempt to copy it for any purpose without his permission will be vigorously defended Austin O Byrne.

Scalar Cryptography. Copyright 2009 Austin O Byrne.

A Handbook of Applied Cryptography by A.Menezes, Paul Van Oorschot, S Vanstone is a highly respected information reference and I quote them as follows. The context is in relation to the defunct One-Time-Pad cipher but is generally applicable to all scalar ciphers. Quote: the One-Time Pad can be shown to be theoretically unbreakable. That is, if a cryptanalyst has a cipher text string c1 , c2 , c3 ,....... ct encrypted using a random key string that has been used only once, the cryptanalyst can do no better than guess at the plaintext being any binary string of length t i.e. (t-bit binary strings are equally likely as plaintext). It has been proven that to realize an unbreakable system requires a random key of the same length as the message. Unquote. see Appendix-A for a personal proof. NB. used only once means within that message on that occasion. It does not mean ever before or ever again as one handbook implies.

(Appendix -A shows a demonstration of this basic axiom that is fundamental to scalar cryptography) The cryptography about to be described is a new invention. The basis of it all is that every language is represented as a set of code points i.e. a set of positive integers that represents the character set of the language. Some principles of modular arithmetic can be used on this set of positive integers to create encryption transformations that provide the unbreakable class of ciphers called Theoretically Unbreakable, according to the standards of the secure communications industry. The principles described are applicable to any language but will be demonstrated on ASCII since that is nearest to home. The cryptography being described here uses the writable subset of ASCII i.e the set of alphanumeric characters numbered 32 to 126 inclusively as its selection domain for both plaintext and keys. Keys in this context means a random set made up of 150 modules of ASCII that have been entered one by one and scrambled. There is a second key in the scheme in the form of the modulus N integer set that has also been keyed in one by one and scrambled and is random. Each of these sets is 14250 in extent and enables a message of that length (about five pages of A4 format paper) in one go.

Scalar Cryptography. Copyright 2009 Austin O Byrne.

A plaintext for encryption is paired with any key from this 95-character set so that there are 95 x 95 possible combinations of (Plaintext + Key) that may be used as the operand of an encryption transformation of a single plaintext into a single cipher text item. This means there are 9025 possible combinations.
The encryption transformation. The basic formula is,

(Plaintext + Key) (Mod N) = a residue where N is sized so as to divide the sum of (Plaintext + Key) only once and leave a residue. We are chiefly concerned with this residue and the residue class that it forms. There are N possible classes for every N and each class is an infinite set of integers. The residue found in this way becomes the midpoint of the set of integers that forms its class and each integer is separated by a value of N. In the theory being expounded here the class is envisaged as a straight line of integers, a number line having a special scale = N. Call N the scale or the periodic division of the integers in the class of residues and remembering that there are N possible classes then there are N sets of integers that may form residue classes and the midpoint of each set of integers is the calculated residue in the equation above. Because the periodicity of each residue class is different and indeed can be configured specially if it comes to that, this cryptography is being called scalable key however dubious the understanding of that word may become in other disciplines. It can be seen that there are 9025 combinations so that to catch them all and satisfy some other important criteria at the same time N has to be sized carefully. Looking at the residue again, when it is calculated according to some N, there are N possible values of residue. This residue becomes the midpoint of its class and,
The Cipher text is the next integer below it. The Decryption Key is the next integer above it. A further twist.

Both Plaintext and Key are systematically incremented by a value X when being encrypted by a particular N so that the equation now becomes,

Scalar Cryptography. Copyright 2009 Austin O Byrne.

[(Plaintext + X) + (Key + X)] (Mod N) = a residue (modulo N) The plot thickens! The effect of incrementing the plaintext and the key with X has a profound effect on the range of N and bearing in mind the caveat that N divides the LHS only once then it becomes mind-boggling to try and think this through with pencil and paper. I have constructed a computer program that does it all and what follows later as theory is a set of empirical rules that have been formulated from running this program on lots of test values. The purpose was to find a relationship between X and N that would enable me to set bounds on the range of Ns that would result from the selection of any positive integer X as the initialising start point of a key creation process. Briefly, the maximum available message length in an infrastructure depends on the value of N being used, the range of N and therefore the size of N are dependent on the value of X, there is a minimum value that X may take and then, above this minimum value,
The lower bound of N is (X +127). The upper bound is 2(X +32).

These bounds are for ASCII in the western world similar bounds are easily calculated for the code point set of any other country world wide in Unicode. (Appendix B is a discussion document that looks at the application of the abstract residue class theory being modeled as specially scaled lines in cryptography) The reader needs to be advised that this is all mind-boggling stuff initially and it takes time to get your head around it. There is a large range of Ns and Xs that enable a very large range of message lengths to be encrypted using the encryption keys just once (within the message) as required by the one-time rules of cryptography. Messages up to 1 million characters long are possible on even an older home computer. In passing, regarding the re-use of the same keys in other messages this is quite in order but it is also quite easy to use a fresh key if a user prefers that. There are 14250 elements in each of the two random key sets. This means there are 95**150 permutations of

Scalar Cryptography. Copyright 2009 Austin O Byrne.

alphanumeric keys in the set of ASCII elements and another 14250 factorial permutations of integer keys in the moduli set of N elements that can be called at the touch of a few keys by a keyboard operator. There is no shortage of fresh keys but a user does not need to be forced into a wrong belief (by the authors of handbooks) that there is a constraint on the re-use of a key in a different message when in fact there isnt. There are five ciphers up and running, these all use the same encryption algorithm and only differ in the mode of management that a user might use. The ciphers are irrefutably unbreakable and have a high encryption rate. It is very convenient that this design will fit any language worldwide. The notes that follow start with a broad summary of the theory that is later refined into cipher algorithms and management rules. There is a worked example in Abstract-C.
How it Works. Decryption by an illegal cryptanalyst is impossible because he is confronted with an equation in four unknowns. He needs to know three of these variables which he doesnt of course but the legitimate entities do know this essential data as trapdoor information in their synchronized databases and can legally decrypt the cipher text at will.

The ciphers are written in the Ada-95 programming language. The program source code is on offer just for the asking. The experimental computer program is on free offer to interested parties also. Enjoy Austin O Byrne ------------------------------------------

Scalar Cryptography. Copyright 2009 Austin O Byrne.

Summary of the Theory and Background.

A basic discussion model is, (Plaintext + Key) Mod N = Cipher text This model is configured as an encryption algorithm in several ways that produces a reversible encryption/decryption transformation in the cryptography. The writable subset of ASCII i.e. the alphanumeric characters bounded by 32 and 126 comprising a set of 95 elements is taken as the selection domain for both plaintexts and for keys. The modulus N is sized so as to divide the operand (Plaintext + Key) just once only and leave a non-zero residue usually but may be zero on occasions. The chosen Plaintext and key are incremented by a value of X so that the encryption algorithm is now, [(plaintext + X) + (Key +X)] Mod N = a residue (modulo N)

The upshot of incrementing the plaintext and keys with X is to set a range of values of N that make the equation true within certain bounds of N. Trying to determine these bounds by thinking it through is humanly impossible for large values of X and it is necessary that X is quite large in the thousands, a computer program was devised that enabled algebraic bounds for N based on X to be formed for any X .

How it works. To set the scene, N has a large range i.e. sufficiently large to encipher 14250 characters of plaintext in one unbroken string using a separate value of N for each plaintext. Each elemental N has a residue class space of N elemental classes belonging to that N.

When a plaintext is enciphered, the equation is, [(plaintext + X) + (Key +X)] Mod N = a residue (modulo N). Cipher text = residue N. Decryption key = residue +N

Scalar Cryptography. Copyright 2009 Austin O Byrne.

Graphically, Residue class modulo N Decryption Key (residue +N) n +1

[(Plaintext +X) +(Key +X)] (Mod N) = a residue modulo N

n (say)

Cipher Text item (residue N) n -1 * cipher text decryption key (modulo N)

Lemma_1 There are N residue classes associated with every N that can be used. Lemma_2 Each elemental residue class modulo N in the class space of N is an infinite set. The range of values that N itself may take is determinable and is finite.

The set in Lemma_2 may be represented as a line of integers that has periodicity equal to N. The integer points n, n+1and n-1 are salient points on this line. The points representing the plaintext and the key are also on the same line and can be found by the decryption algorithm, PlainText (i.e. message text) = Cipher text +2N (Key) 2X. The plaintext and the key are also integers on the same line as n, n+1 and n-1.
Comment. There are 95 x 95 possible combinations of key and plaintext that is 9025 all told. There are 14250 values of N that may be used on each combination in the set of 9025, this is a total of 95x95x14250 = 128606250 possible residue classes that may be commissioned as number lines that may have 14250 different periodicities between integer residues that represent encryption transformations of plaintext. One residue class only is used for one encryption of a single plaintext character. These lines are virtual number lines that each has a different scale. The lines are characterized by their varying periodicity or scale in other words that varies from line to line hence the title Scalable Key.

Scalar Cryptography. Copyright 2009 Austin O Byrne.

A companion site called is promoting Vector Cryptography. That cryptography is closely related to the scalar cryptography being expounded here in that they both boil down to using convoluted methods of defining number lines. It could be said that vector cryptography sets out to characterize encryption lines by their direction while scalar cryptography does a similar thing in characterizing lines by their periodicity. The latter lines may have any direction. They are equally secure methods of achieving security of communications. I have been laboring the point repeatedly for some years now that the traditional number line of integer numbers is totally unsuited to the work of cryptography by direct application. It is simply too good at what it does and leaves discernible structure in the cipher text that I am calling indelible footprints. It is surprising that this has not been addressed before now by researchers in cryptography and I am assuming that it has gone unnoticed by these clever people. There has to be some primary entanglement wrought on the integers so as to conceal their natural structure and foil all inductive thinking by cryptanalysts.

Scalar Cryptography. Copyright 2009 Austin O Byrne.

General Refinements.
Let the ASCII subset be the encryption domain for key and Plaintext in the expression, (Plaintext +Key) Mod N = a residue => 0 (equal or greater than zero) N divides (Plaintext + Key) just once each time and leaves a remainder called a residue. If (Plaintext and Key) are both incremented by a value X then the expression again becomes, [(Plaintext +X) +(Key +X)] Mod N = a residue. There is a finite range of values of N (there for the finding) that is related to X in which this is always true for any N in the range. There is an infinite range of other Ns that will produce a totally unsuitable result also. The range of suitable Ns is bounded as follows, Lower bound = X +127. Upper bound = 2(X + 32). Within this range, the following is true.
Congruence Class Mod N

Decryption Key (residue + N) n + 1 [(Plaintext +X) + (Key + X)] (Mod N) = a residue n Cipher text Item (residue N) n 1

Encryption. The cipher text is simply (residue N) for the current N. Decryption. Plaintext = Cipher text + 2N (Key) 2X gives the value in ASCII of the plaintext. This is an equation in four unknowns. An interloper would have to know N, X and the alphanumeric (Key) value in order to solve it and evaluate the plaintext. (* Decryption Key Cipher text (Mod N).)

Scalar Cryptography. Copyright 2009 Austin O Byrne.

Theory. The key and the plaintext are both drawn from the 95 strong subset of ASCII. They can be combined as pairs in 95 2 different ways i.e. 9025 different possible combinations. Every N that will be used with each combination must be less than the sum of those two so as to leave a residue in the form of some positive integer > 0. It is too much to try and think through the dynamics of 9025 operand integers representing pairs of key/plaintext combinations and test a given N for even one value of X so it requires a specially constructed computer program to validate the calculations. That was done and the empirical formulae being used here was derived from inspection of the results.

A salient combination of (plaintext + Key) is the one where they are equal in all the 95 pairings. Giving these their ASCII values, Plaintext. 32 33 ------126 Key 32 33 ------126

This special case sets the minimum value that X may take as the starting point and it also sets the lower bound of the range. The minimum value of N that will fit the bill and belong in the required range of N that gives the required residue is 127, this can be seen by mental experiment (126 would lead to an endless loop in the decryption algorithm). At the other end of the table, N must not become greater that the combined value (32 +32) and when these are incremented by X then its 2(X+32) for the upper limit of the range of N, after this N becomes too large. This explains how the bounds of the dilating key are arrived at. This example takes no account yet of increments of X.
Note. Upper bound minus lower bound in any range of N is taken to be inclusive of both ends so that if the difference found by subtraction is 0 then this implies 1 in fact, 1 => 2, 2 => 3, etc., (always 1 extra).

This is similar to the bounds of a loop in a computer program. Testing,


Scalar Cryptography. Copyright 2009 Austin O Byrne.

X decides how many Ns belong in a range. Let us say we require 1 element of N. Then, 2(X +32) (X+127) = 0 (=> 1) X - 63 = 0 X = 63 So, the minimum value that X may take and provide 1 value of N is 63, testing this, 2 x (63 +32) (63 +127) = 0 => 1 Put X = 64, just to see the result, 2(64 +32) (64 +127) = 192 191 = 1 => 2 (it works) So, N = 63 and N = 64 are suitable values in the range of N implied by X = 63 Clearly X must be at least 63 before it yields any value of N as a suitable encryption key that will leave the required residue.
Dilating Key. X doesnt have to stay at 63. If it did there would only be 1 value of N in the range.

X moves up to whatever value will give the required no of keys that a cipher user needs. X is usually in the thousands. Let us say X is 1200, then, Lower bound is 1200 +127 =1327 Upper bound is 2 (1200 +32) = 2464 No of Keys as modulus N = 2464 1327 = 1137 Consolidating, X must be at least 63. The number of keys = 2(X+32) (X+127), notice that this is always (X-63) so that if I set out to get a specific number of elements I should increase the starting value of X by 63 and initialize the process at X + 63. Checking this ; in the last example I put X =1200 and got out 1137 useful moduli as keys. To get 1200 keys I should make X = 1263, then, 2(1263 +127) (1263 +127) = 2600 1400 = 1200 (works) This is always the case, an arbitrary X yields X 63 Keys. To get out exactly X keys initialize the process at X +63.


Scalar Cryptography. Copyright 2009 Austin O Byrne.

Cryptanalysis. If the illegal adversary has got hold of some cipher text by having intercepted this while it was in transit then he must know that there are thousands of values of N that will decipher the cipher text in as many ways, that number is X Keys all of which are equally likely to be the correct one. He can only guess that the plaintext string is any one of X equally probable plaintext strings. It is this total uncertainty in the mind of a cryptanalyst that a random key must always provide. Discussion. Achieving randomness in the large set of moduli N. Scientific randomness is quite easy to achieve and it means the elements of a set have equal probability in some common retrieval system such as say being called sequentially in a computer program to serve as data in some process.

I have a strong personal belief that it is also necessary to scramble the set of data so as to trump any ideas that the data has positional structure that would enable an adversary to make accurate predictions on a positional basis and give the data unwanted order. In order to foil this latter event and put my own mind at rest I have keyed in all 14250 elements of the moduli key in the ciphers to hand when I constructed the first one. That was a horrendous task that I will never again undertake. It meant keying in an integer within the range 14440 28690, then scrolling to a new position for the next entry and so on to completion. The benefit at the end of the day is that I have a truly random set of integers for my discussion model of scalable cryptography. The computer program that was used to validate the creation theory of the sets of Ns is available to any reader for the asking. ------------------------------------


Scalar Cryptography. Copyright 2009 Austin O Byrne.


The proof generally applicable to any cipher.

Quote from, Handbook of Applied Cryptography A.Menezes , Paul Van Oorschoot , S Vanstone. : The One Time Pad can be shown to be theoretically unbreakable. That is, if a cryptanalyst has a cipher text string c1 , c2 , c3 , ct , encrypted using a random keystring which has been used only once, the cryptanalyst can do no better than guess at the plaintext being any binary string of length t (i.e t-bit binary strings are equally likely as plaintext). It has been proven that that to realize an unbreakable system requires a random key of the same length as the message Unquote. Apropos the latter part it has been proven . . . etc. This may not be what the authors of the handbook had in mind but it demonstrates a proof of my own that makes the point sufficiently clear. Let the reader be assured that there is no heavy mathematics unseen in the present background and it is only necessary to understand the descriptive logic that follows in order to prove the OTP. Regarding the sentence t-bit binary strings are equally likely as plaintext , the cryptanalyst is guessing his way along and is in the dark. Suppose he assigns some plaintext to the first cipher text c1, there are two possibilities, he may be right or he may be wrong in his guess. The solution space is 2. Assigning a plaintext to c2 as his next guess means he may again be either right or wrong and two more possibilities are added to the solution space making it four for the first two ciphertext. Ditto for c3 adds four more possibilities (as permutations) to the solution space making it eight now for three guesses. Clearly, each cipher text that is guessed doubles the existing solution space. Collecting these results, C1 => 2 = 21 of plaintext strings that are each 1 characters long. C2 => 4 = 22 of plaintext strings that are each 2 characters long. C3 => 8 = 23 of plaintext strings that are each 3 characters long. Ct => 2 t of plaintext strings that are each t characters long.


Scalar Cryptography. Copyright 2009 Austin O Byrne. This number 2 t now represents the size of the possibilities of plaintext strings in the solution space and clearly this a binary number that is t bits long. (i.e t-bit binary strings are equally likely as plaintext is thus explained) Suppose a guess for some cipher text is a right one (an imaginary hypothetical situation only) it will not double the solution space as a pair since it is correct as one and will only multiply the key-space by one. The solution space then becomes t -1 in extent of plaintext strings that are each still t characters long. For a correct plaintext string all of the guesses will have to be correct and the size of the solution space will then be 2 ( t t ) i.e 2 0 = 1 i.e there is only one element in the solution space that can be a correct plaintext string t characters long when all the guesses are correct. Because of the randomness of the cipher text string, it is impossible for a cryptanalyst to know if any of his guesses are correct because a) being scientifically random, all guesses are equally probable and 2) there is no rule to the string that might be mimicked in any way by a brute force program that exhaustively tests every possibility, or by approximating numerical analysis, or by lexical probability methods (linguistic probability possibly). This latter is underwritten by the fact of the cipher text being alphanumeric in nature and therefore has no methodology to it and also by being composed of the 256 characters of ASCII that are in part comprised of the un-writable characters of the code. Alphanumeric is tantamount to bad data to numerical methods and to lexical methods alike. That is randomness equal probability between the elements of the keypad in satisfying any cryptanalysis no rule to the key string that might enable the elements to be identified by having determinable order. The foregoing description is deliberately expanded here and experienced readers should not feel patronized by the simplistic approach. It is normally demonstrated as an XORing exercise that may also be simulated as a stylized form of binary addition.


Scalar Cryptography. Copyright 2009 Austin O Byrne.

Appendix B . A Discussion Model

n 2N -ve n-N 0 n n+N n + 2N +ve

(Note: some license has been taken with the spacing of the integer points on this line they should in theory align perfectly but dont it is just a discussion model) This line is being used here to model the residue class n (Modulo N). This class is one of the N elemental classes that exist for every such N. The elemental class is infinite in extent although the number of these classes is finite in N. The midpoint of the infinite line of the residue class (modulo N) is at n. The line is characterized by the fact that it contains the particular residue n (modulo N). A second role of the same line is that it also functions as an ordinary integer number-line with mid-point 0 and in this cryptography it is used to calculate the message text associated with the N in question at decryption time. The encryption algorithm is , [(Plaintext +X) + (Key +X)] (Mod N) = the residue n Cipher text = (n N) The Decryption key is (n + N) The Decryption algorithm is, Plaintext (i.e. message text) = Cipher text + 2 x N 2 x X Key. The value of the plaintext is found in this way and that value is decoded back into ASCII. The decryption algorithm is a single equation in four unknown variables, an interloper would have to know three of these in order to find the fourth. He would have to know the values of N, X, Key. These values are trapdoor information that is privy to the entities of the secure communications loop alone, it is read sequentially from their mutual databases at decryption time. As long as the entities keep their databases private they can have perfect secrecy of communications. Rather like the vector cryptography being promoted elsewhere this scalar cryptography boils down to defining a number line uniquely by means of its periodic scale, the periodic scale with period N is superimposed on the integer lines natural scale, whatever that might be. A different line (<= a different N) emanates for every single plaintext that is encrypted. The varying periodic scales are 15

Scalar Cryptography. Copyright 2009 Austin O Byrne.

scalable by this definition of the word scalable. There is nothing to tell an adversary what residue class is currently being represented by the line externally. Having the cipher text in hand is worthless to him without knowledge of the instantaneous N, Key and X. These latter are all true random keys safely stored in the entities databases.
Range of N. In the notes, X decides N. The maximum value that N can be is determined only by the capacity of the computer to store positive integers. The capacity of a home computer with 32-bit arithmetic means the largest positive integer that can be stored is 2147483647. It works out that X can be no larger than 1073741698 or thereabouts.

This enables a message-length in excess of 100 million characters which is much more than any normal situation will require. That value of X has been tested for feasibility on my old clapped out home computer and it runs quite okay. A different N is used for every plaintext of the message being encrypted, this means the spacing of the residue class (the periodicity) changes with each new plaintext character being encrypted. This period i.e. the space between the congruent integers (modulo N) that form the class, sets the scale of the class when it is next superimposed on a universal integer line of any scale and possessing arbitrary direction. Recapping, vector cryptography uniquely defines a number-line for encryption work by its direction, scalar cryptography defines a similar number-line for encryption work by its unique periodicity. They are equally secure crypto systems, they both use a line only once before discarding it for a new one. It boils down to management preference which one to choose, - a happy state of affairs. ---------------------------------------


Scalar Cryptography. Copyright 2009 Austin O Byrne.

Appendix-C. A Worked Example.

Alice and Bob are the industry pseudonyms for the sending entity and the receiving entity respectively in some crypto circles although a lot of people do not use the expressions and I suspect it is because it is often disconcerting to talk with such familiarity about complete strangers. It does save the repeated verbalising of large mouthfuls of the English language and I shall use them here for that reason. Alice is the administrator of an office secure network. She has set the scope of her infrastructure encryption scheme at 14250 characters of message length capability. => she wants to be able to send messages this long if needs be => X = 14250 + 63 = 14313 Lower Bound of N = 14313 + 127 = 14440 Upper Bound of N = 2(14313 + 32)= 2 x 14245 = 28690 So, the range of N is 14440 28690 inclusive (14440<= N <=28690) The encryption algorithm is, [(PlainText +X) + (Key+ X)(Mod N) = a residue (modulo N) Cipher text = residue N Let us say that Alice wants to encrypt the letter Q (Capital Q) ( 81 in ASCII) Let us say also that the instantaneous key she is using is the $(dollar sign) (36 in ASCII) Let us say also that the instantaneous modulus N is 17359. Then, [(81 +14313) +(36 +14313)] (MOD 17359) = (14394 + 14349)(MOD 17359) = 11384 Cipher text = 11384 17359 = -5975 (in practice this is made positive by multiplying it by (-1) Cipher text = 5975


Scalar Cryptography. Copyright 2009 Austin O Byrne.

The decryption algorithm is, Plaintext = Cipher text + 2N 2X - Key Cipher text = 5975 x (-1) = -5975 Then, Plaintext (as message text) = -5975 + (2 x 17359) (2 x 14313) 36 = 81 Decoded back in ASCII 81 => Q as expected. Comment. There are 95x95x14250 possible permutations of (Plaintext, Key, Modulus N) as encryption transformations in Alices scheme i.e. a possibility space of 128606250. (large possibility spaces mean nothing in cryptography of course). The reader might like to try encrypting a few of your own characters. ---------------------------------------------


32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79

`` `!` `` `#` `$` `%` `&` `` `(` `)` `*` `+` `,` `-` `.` `/` `0` `1` `2` `3` `4` `5` `6` `7` `8` `9` `:` `;` `<` `=` `>` `?` `@` `A` `B` `C` `D` `E` `F` `G` `H` `I` `J` `K` `L` `M` `N` `O`



80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127

`P` `Q` `R` `S` `T` `U` `V` `W` `X` `Y` `Z` `[` `\` `]` `^` `_` ``` `a` `b` `c` `d` `e` `f` `g` `h` `i` `j` `k` `l` `m` `n` `o` `p` `q` `r` `s` `t` `u` `v` `w` `x` `y` `z` `{` `|` `}` `~` DEL