General > General Technical Chat
Crypto bombshell
<< < (5/14) > >>
peter-h:
The Brits made sure most of the 3rd World used enigma-like machines, enabling Britain to optimise its foreign policy ;)

Yes indeed, you can have strong crypto but get key leakage via variable execution time, etc.
edy:
I was about to ask (and it may have been answersed in the preceding post) that if algorithms are known, what stops someone from programming a higher-bit version of a known encryption algorithm (e.g. If keys only go up to 256 or 512, maybe you implement 1024, 2048, 4096 or even longer), or running the encryption through several algorithms iteratively (so the cypher text is even harder to crack if you don't know which and the order of algorithms applied), or spinning their own solutions (bad idea) even though it may be "illegal" by the government (is this what happened to TrueCrypt)? Surely the NSA and CIA and FBI and whoever else wants to crack these things can do a lot... but they can't do it all... yes they have sophisticated tools and huge mathematical and computational muscle but let's not believe just because they have some secrets that they have all of them. I don't think they can get into everything and that scares them. I also think part of the mass collection of information may be to scan for new "outliers" of stuff that seems to be using a stronger cypher so they flag these and investigate further that communication channel, which can then be hard-surveyed (actually seeing on the ground where it is coming from and who are the actors). There are probably easier screw-ups by the people that do them in than by the algorithms chosen... like using the same Internet cafe which then gets infiltrated with a camera system that lets the state see who is frequenting the place. I watch too many spy movies.  :-DD
daqq:
edy: There is actually an unbreakable encryption: XOR your data against a random data. Problem is the exchange of the random data :) If you exchange a 16TB drive filled with random data with your counterpart you wish to talk with, you are safe to send 16TB. After that it gets tricky :)
iMo:

--- Quote ---though it may be "illegal" by the government (is this what happened to TrueCrypt)?
--- End quote ---
Few months back the German BSI had to publish the report on TrueCrypt analysis they ordered long time back (the analysis was done before its "end"). People say they use it modified. You may download the document, afaik.

Afaik nobody is cracking your very secrets brute force today (it may work such way since 80ties). They do by collecting the additional information about the target who is using the encryption, leveraging entirely the human factor as the major weakness of the system - soon or later you do a mistake when operating the system. Thus in the moment as they get a knowledge you do mess with an encryption of your "secrets" you are basically lost..
edy:
In another thread on this forum (the one about shortwave radio) I recently posted that I "discovered" spy transmissions of data and numbers over the shortwaves from Cuba and other countries. This has been going on for many decades, I am just new to shortwave so it was exciting to hear for the first time. There is a good page and guide here which I found while Googling what I was listening to:

http://priyom.org/number-stations

The specific station I happened to find (at 2am by the way on 9330 kHz) was this one (they have a sample audio clip on that page you can play... a woman's voice saying numbers in Spanish followed by chirpy squeeky modem/fax like digital data sounds known as RDFT):

http://priyom.org/number-stations/digital/hm01

Here's another article on it, and on RDFT mode:

https://shortwavearchive.com/archive/tag/Spy+Numbers+Station

https://www.sigidwiki.com/wiki/Redundant_Digital_File_Transfer_(RDFT)

It was remarkable listening to this stuff... something I thought wouldn't be done anymore with the advent of the internet and satellite. Anyone with a $20 shortwave radio can hear the number codes and data transmission and decode it on their computer into a file of garbled data. What to do with the resultant file is another issue altogether, but certainly the USA has the means to decrypt all this stuff. Or maybe not?

I am puzzled to understand why they broadcast this stuff over the public airwaves... in plain radio (not SSB) and regularly on a schedule and on frequencies that are known for that matter... so that anyone can hear it. I guess it's because they know the numbers and data can easily be intercepted even on the internet, and so there is no secret to hiding the transmission itself. May as well make it as open and easy to intercept by field operatives as possible. The trick is that they must have pre-existing one-time random pads that they know to use. Perhaps the numbers that are being transmitted by a woman's voice PRIOR to the actual file data is the pad to use (it is a 5 or 6 digit number so that is a lot of random pads the field operatives have available to them). It could also be some algorithm or some other "key" to figuring out where they should start (or which direction they should go, or what number of spaces they should jump on each character) in a huge random pad they have shared at one time. There is a lot of stuff you could do that would be extremely difficult to crack.

Fascinating stuff! Cat and mouse game. I agree the mathematical/computer/algorithmic side of things can be made ridiculously strong but ultimately the human social factors may be easier to crack.
Navigation
Message Index
Next page
Previous page
There was an error while thanking
Thanking...

Go to full version
Powered by SMFPacks Advanced Attachments Uploader Mod