General > General Technical Chat
Crypto bombshell
<< < (12/14) > >>
jmelson:

--- Quote from: ebastler on February 12, 2020, 06:11:27 pm ---Well, Crypto AG was the name in the business for decades -- until strong cryptography algorithms became more well-published, and widely available microprocessors became powerful enough to implement them. They go back to Hagelin in the 1930s, and have delivered cryptography equipment to many (many!) governments and commercial customers.

--- End quote ---
These mechanical rotor machines were obsolete during WW-II, and anybody who bought them for anything more sensitive than personal communications was a total idiot.
The British (with some American help to up the speed) were cracking Enigma messages in 4 minutes each toward the end of the war.  GCHQ was breaking SZ-42 messages
in something like 30 minutes with the Colossus machines, also during WW-II.  So, you didn't need an "in" to these machines to break the cipher fairly quickly.  NSA had a system called
Harvest that was likely used to break a lot of this traffic in a massively wide fashion.

NSA developed much more advanced Vernam cipher machines in the mid 1950's using electronic key generators based on linear feedback shift registers.  These would be a lot harder to crack, but still with modern computing gear, are probably no longer secure.

Jon
0culus:

--- Quote from: borjam on February 13, 2020, 02:50:54 pm ---
--- Quote from: edy on February 13, 2020, 02:04:57 pm ---It was remarkable listening to this stuff... something I thought wouldn't be done anymore with the advent of the internet and satellite. Anyone with a $20 shortwave radio can hear the number codes and data transmission and decode it on their computer into a file of garbled data. What to do with the resultant file is another issue altogether, but certainly the USA has the means to decrypt all this stuff. Or maybe not?

--- End quote ---
They don't have the means to decrypt that unless the system is really sloppy or maybe they captured an operative.


--- Quote ---I am puzzled to understand why they broadcast this stuff over the public airwaves... in plain radio (not SSB) and regularly on a schedule and on frequencies that are known for that matter... so that anyone can hear it. I guess it's because they know the numbers and data can easily be intercepted even on the internet, and so there is no secret to hiding the transmission itself.

--- End quote ---
The reason is simple. A professional communications receiver can be a real liability in many countries. An ordinary cheap radio is not. If the message is well protected making the encrypted text public is really harmless.

And periodic, scheduled transmissions make the system actually more secure. I am sure they send a standard length "lorem ipsum" when there's nothing to communicate at all. That way an eavesdropper has no way to correlate transmissions to certain events (or lack of them).

One of the things the British did in WWII was called, if I remember well, "gardening". If they wanted the German Navy to send an encrypted message with known text (message format an content was strictly standardized) they for example dropped mines on a port, so the Germans would send an "ACHTUNG MINES DETECTED AT HAMBURG PORT" or whatever.

--- End quote ---

The German tendency to end telegrams with HEIL HITLER didn't hurt either.
ebastler:

--- Quote from: jmelson on February 14, 2020, 11:47:29 pm ---
--- Quote from: ebastler on February 12, 2020, 06:11:27 pm ---Well, Crypto AG was the name in the business for decades -- until strong cryptography algorithms became more well-published, and widely available microprocessors became powerful enough to implement them. They go back to Hagelin in the 1930s, and have delivered cryptography equipment to many (many!) governments and commercial customers.

--- End quote ---
These mechanical rotor machines were obsolete during WW-II, and anybody who bought them for anything more sensitive than personal communications was a total idiot.
The British (with some American help to up the speed) were cracking Enigma messages in 4 minutes each toward the end of the war.  GCHQ was breaking SZ-42 messages in something like 30 minutes with the Colossus machines, also during WW-II.  So, you didn't need an "in" to these machines to break the cipher fairly quickly. 

--- End quote ---

Obviously it remained unknown for a few more decades that Enigma had been cracked by the British, so mechanical cipher devices remained in wide use throughout the '50s and '60s. Heck, NATO was using the KL-7 into the '80s!

In the 1960s Hagelin/Crypto AG did make the transition to electronic devices -- with technical help from the NSA, apparently, who made sure that non-friendly governments only obtained compromised implementations. There was a period (late '60s to late '80s, I would say) when typical crypto technology was already electronic, but still proprietary, rather than based on generic microprocessor hardware and published algorithms. Crypto AG continued to be a market leader during that period.
Haenk:

--- Quote from: daqq on February 13, 2020, 12:49:37 pm ---edy: There is actually an unbreakable encryption: XOR your data against a random data. Problem is the exchange of the random data :) If you exchange a 16TB drive filled with random data with your counterpart you wish to talk with, you are safe to send 16TB. After that it gets tricky :)

--- End quote ---

That is the good old OTP (= "one time pad" encryption). IMHO the only unbreakable encryption. I would consider all encryption methods (public or not) and most "computer stuff", including all types of operating systems, to be backdoored or easily attackable.
Just think of what 50000 of very clever NSA employees (what little info is known, they reach only out for *very* clever people) could create or break, while working full time on it. Then add the same sort and number of People for Russia, for China and again for the rest of the world...
daqq:

--- Quote from: Haenk on February 15, 2020, 03:43:34 pm ---That is the good old OTP (= "one time pad" encryption). IMHO the only unbreakable encryption.

--- End quote ---
That, and occasionally sending out completely random data, nicely padded to give blocks of 256bits and made to look like a message. Just for fun. If no one's listening nothing happens, if someone is and knows how to decrypt AES256 and similar, they'll be WTFied.
Navigation
Message Index
Next page
Previous page
There was an error while thanking
Thanking...

Go to full version
Powered by SMFPacks Advanced Attachments Uploader Mod