Inspired by my recent conversations with Erik ArnesonTres Henry, and Taylor Bell, I’ve been thinking a lot of late about the potential uses for cryptographic hashes in the creation of magical sigils.  After playing around with the ideas a bit and making a few false starts, I’ve developed a proof of concept to share with the wider community.

Background: What’s a Cryptographic Hash?

In the world of cryptography, a hash function is a one-way encryption operation.  This means that source data (plaintext) can be encrypted with a hash function, but once encrypted it cannot be decrypted.  This doesn’t sound especially useful at first glance, but in truth these hash functions play a vital role in the world of information security.  Because the same input will always give the same hashed output, the hash of a file or other piece of data serves as a unique signature of that input.  This has many uses in file integrity checking, authentication, and other arenas, but from a magical perspective it gives us an output which is very much like a sigil or seal, in that it provides a uniquely identifying signature which also serves as a representation in miniature of the spirit whose sigil it is.  Because the output of a cryptographic hash function uniquely represents the essence of the input (i.e. if even one bit of data in the input is changed, the resulting hash will be drastically different), we can treat a hash value as a true symbol for the underlying data and interact with it semantically at that level.

While the above may all sound good on a theoretical level, it doesn’t give you much of a feel for what a hash actually is.  Although it may sound complex, from an operator perspective taking the hash of a piece of data is very easy.  To illustrate, let’s generate an MD5 hash.  Mac and Linux users have it easy here, with the built-in md5 and md5sum commands, respectively; Windows users can make use of the certutil command or use a third-party program to perform the same function.So let’s say we’ve created a large file named data.fil, and now we want to compute the hash.  From the command line, we’ll do the following:

Mac:  md5 data.fil
Linux:  md5sum data.fil
Windows:  certutil -hashfile data.fil MD5

The output of an MD5 hash function will always be a 128-bit value, given in 32 hexadecimal characters, similar to the following: d0dcbadbba85a2e1ca7cf53d64bd7728

Easy enough, right?  Now that you know what this looks like in practice, let’s talk about how we can leverage this output in a magical operation.

Proof of Concept: Steps and Missteps

Having recognized the relationship between a hash value and a sigil, my first inclination was simply to sigillize the hash value itself.  While the hexadecimal value itself may indeed be the signature of the data it represents, I don’t find long strings of hex especially compelling from a magical-aesthetic standpoint.  Magic relies on the affective dimension of experience to connect with our non-rational minds, and visual representations of sigils are far more effective in my experience at doing this.

Fortunately, turning the hex output into a visual sigil seemed to be an easy matter.  Given that hexadecimal values use 16 characters, there appeared to be a relatively clean mapping onto the 4×4 magic square traditionally ascribed to Jupiter.  I wrote out a petition and saved it to a text file, then took the MD5 hash of the file.  When I began to draw out the sigil, however, two significant problems presented themselves.

The first problem is that while the 4×4 magic square represents a 16-value symbol set, it does so using the numerals from 1 to 16.  Hexadecimal, on the other hand, uses the values 0 to 15.  This meant that the math on the magic square that works in decimal fundamentally does not work for hex.  I considered working around the problem by reassigning 16 to 0, but ultimately this was an unsatisfying solution.  Some preliminary googling turned up no results on any prior work done to create a hexadecimal magic square, so in the interests of developing a proof of concept I set this issue aside for the time being.

As it turns out, the second problem was much more of a showstopper.  Namely, when you try to create a sigil with 32 nodes, especially in a 4×4 magic square, it turns out ugly.  There simply seems to be no way to cram in that much data visually without it turning into a jumbled mess.

That escalated quickly…

The crux of the issue here wasn’t the fundamental approach, however, but rather the sheer length of the hash value to be sigillized.  There are common hash algorithms other than MD5, but these have outputs that are even longer–I needed to go in the other direction.

My inspiration came in the form of one-time pads.  If you’ve ever used Google Authenticator for two-factor authentication, or used 2FA recovery codes, you’re already familiar with them.  The TOTP and HOTP algorithms, respectively, specify a method of generating unique codes based on two parameter values.  One of these parameters is always the “seed”, which is a hashed message.  The other parameter is either an incrementing counter in the case of HOTP, or a time value in the case of TOTP.  Most valuable for my purposes, however, was the fact that both algorithms have a default output of six decimal numbers.  This means that all of the “signature” value of the hash function is maintained (as hashing is an integral part of both OTP algorithms), while giving us a far more manageable output to work with.

While I considered using HOTP for these purposes, ultimately I decided to go with TOTP instead.  Although the intended use of both OTP algorithms is to generate multiple unique codes, for the purposes of creating a magical sigil we only need one.  This means that HOTP adds no real value to the equation, because its counter parameter is entirely superfluous to our needs.  TOTP, however, allows us the additional benefit of incorporating magical timing as an integral part of the sigil itself–which is a significant advantage, as it gives us an additional layer of meaning to incorporate into the “payload” of the final result.

Creating the Sigil

For my proof of concept I wrote out a petition to Michael and Raphael as the archangels of Tiphereth/Sol.  The text contains an invocation with the relevant divine names and with specific requests.

Next it was time to hash the text file containing the petition.  Though I had used the MD5 hashing algorithm previously because it generates the shortest commonly-used output, this time I elected to use SHA-1 as this algorithm is also utilized by the TOTP protocol and it felt more important to maintain symmetry given that the size of the hash value would not have any bearing on the size of the final OTP value.

While not a part of the TOTP protocol, when hash algorithms are used for password authentication it is common to “salt” the hash by prepending the individual’s username to the plaintext password before hashing the two together as a single unit.  This is done to mitigate against certain types of password cracking attacks, and serves to uniquely tie a password (which may be used independently by any number of people) to a specific username.  It felt meaningful to me to “salt” the hash of my petition with my magical name, which I did before taking the SHA-1 hash of the combined name and petition.  Now that I had the hex value of my hash output, I entered this as the seed value (or “shared secret”) in the TOKEN2 Paper TOTP Token Generator and was given a list of time-based OTP values.  Looking at the first entry in the list gave me the six-digit OTP for the present time, in the day and hour of the Sun:  975844.  This was a significantly more manageable output to deal with.

It turns out that in resolving my second problem, I had also eliminated the first:  while the 4×4 magic square is not natively suitable for hexadecimal, the 3×3 magic square traditionally attributed to Saturn fits the character space of the OTP output perfectly.  Note that while this square corresponds to Saturn (and I have my own reasons for finding value in this correspondence with respect to this methodology), the Saturnian connotation is not a necessary part of the method itself.  The key point is that we are utilizing a magic square which is consonant with the format of our output; any other semantic shadings are merely a potential bonus.

All that was left at this point was to draw out the sigil.  This time, I was much more satisfied with the results.

Now this is a sigil I can use.

While I primarily intended this operation as a proof of concept, rather than as a magical operation with full force of intent, I have already observed several synchronicities around the working.  Combined with the results of a divinatory reading, my preliminary expectation is that this method will prove effective.  As with anything in magic, time will tell.

Walkthrough:  Creating Your Own Cryptographic Sigil

For those of you who might want to follow this process to create your own cryptographic sigil, here’s a step by step guide.

First, create your “payload”.  This can be a written petition, as in my case; or it can be an image file, a .zip of multiple files together, or anything else you like.Next, hash the payload.  If you wish to salt the hash with your magical name or motto, as I did, you can do so easily on Mac or Linux platforms.  If you are a Windows user, this is more difficult.  If you have a plain text file, you can simply type in the name/motto at the beginning of the text file and save it (do not insert a space between the name/motto and the beginning of the text in the file).  Otherwise, I recommend skipping this step and simply hashing the file as-is.  To salt and hash the file at the same time, you can do the following:

  • Mac:  cat “MAGICAL_NAME” data.fil | shasum
  • Linux:  cat “MAGICAL NAME” data.fil | sha1sum

If you do not wish to salt the hash with your magical name/motto and want to merely hash the file itself, or if you are on Windows, use these commands:

  • Mac:  shasum data.fil
  • Linux:  sha1sum data.fil
  • Windows:  certutil -hashfile data.fil SHA1

Once you have the hash value, paste it as the “Seed” on the aforementioned TOTP generator website (be sure to click the button to change the seed format from Base32 to hex).  Provide your time zone, and generate the six-digit TOTP value.  As you will only be using a single OTP code, the step increment value does not matter for these purposes.

From there, draw out the sigil on the 3×3 magic square to complete the work.