Do you have adblock enabled?
If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(BBC)   "Uncrackable" codes set to step up. In related news, "unsinkable" ship set to launch   (bbc.co.uk ) divider line 53
    More: Interesting, communication systems, quantum cryptography, quantum, multiple users, Stockholm University, telecommunications network, communications security, photons  
•       •       •

1909 clicks; posted to Geek » on 05 Sep 2013 at 9:54 AM (2 years ago)   |   Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



53 Comments   (+0 »)
   
View Voting Results: Smartest and Funniest

Archived thread

First | « | 1 | 2 | » | Last | Show all
 
2013-09-05 08:25:09 AM  
Here is the 'rub':
Once these single photons of light are observed, they change. That is, they cannot be intercepted by an "eavesdropper" without leaving a detectable trace.

So, basically, I as an eavesdropper can prevent you from communicating merely by observing your communications.

Which makes this method about as useful as a couple of tin cans and a string against someone who has scissors.
 
2013-09-05 08:30:19 AM  

dittybopper: So, basically, I as an eavesdropper can prevent you from communicating merely by observing your communications.


I would imagine there are many situations in which "unable to communicate" would be preferable to "communicated while being secretly eavesdropped on"
 
2013-09-05 08:42:35 AM  

dittybopper: Here is the 'rub':
Once these single photons of light are observed, they change. That is, they cannot be intercepted by an "eavesdropper" without leaving a detectable trace.

So, basically, I as an eavesdropper can prevent you from communicating merely by observing your communications.

Which makes this method about as useful as a couple of tin cans and a string against someone who has scissors.


There's also the added "bonus" of man-in-the-middle attacks, which TFA actually mentions.

/well, I guess if you're a man, in the middle, with a pair of scissors....
 
2013-09-05 08:45:06 AM  

DammitIForgotMyLogin: dittybopper: So, basically, I as an eavesdropper can prevent you from communicating merely by observing your communications.

I would imagine there are many situations in which "unable to communicate" would be preferable to "communicated while being secretly eavesdropped on"


Well, I've been in SIGINT business, and yes, there are times when eavesdropping is preferable to preventing your enemy from communicating.

For example, during WWI the British initially cut the undersea telegraph cables of Germany, to prevent them from communicating with the outside World.  The Germans then started using other routes, which led through the UK, but the British reckoned that it was better to listen to what the Germans were saying than to prevent them from saying it.  This is actually how they got the US into the war, by intercepting and decrypting the Zimmermann telegram.

However, if eavesdropping simply isn't an option, then keeping them from communicating via that method is the next best thing, because it will have one of two different effects:

1. It will prevent them from coordinating their actions, or
2. Force them to use a method of communication that can be intercepted stealthily.

Either one is still a win for the eavesdropper, and a lose for the people trying to communicate.
 
2013-09-05 08:51:20 AM  

dittybopper: This is actually how they got the US into the war, by intercepting and decrypting the Zimmermann telegram.


Drink!
 
2013-09-05 09:03:42 AM  

RedPhoenix122: dittybopper: This is actually how they got the US into the war, by intercepting and decrypting the Zimmermann telegram.

Drink!


upload.wikimedia.org

You can tell he was obviously uninjured.
 
2013-09-05 09:07:31 AM  
"The condition of quantum cryptography relies on certain rules that need to be obeyed - only then is it unconditionally safe."  - It's unconditionally safe so long as you meet these conditions.

dittybopper: So, basically, I as an eavesdropper can prevent you from communicating merely by observing your communications.


This would require physical access to the channel. If you have physical access to the channel, you could prevent communication merely by cutting the channel. Quantum crypto prevents the channel from being eavesdropped on, so long as the key exchange wasn't compromised (which is what they're discussing regarding MiM attacks).
 
2013-09-05 09:12:18 AM  

t3knomanser: This would require physical access to the channel. If you have physical access to the channel, you could prevent communication merely by cutting the channel. Quantum crypto prevents the channel from being eavesdropped on, so long as the key exchange wasn't compromised (which is what they're discussing regarding MiM attacks).


Which is what I alluded to before when I said this:

However, if eavesdropping simply isn't an option, then keeping them from communicating via that method is the next best thing, because it will have one of two different effects:

1. It will prevent them from coordinating their actions, or
2. Force them to use a method of communication that can be intercepted stealthily.

Either one is still a win for the eavesdropper, and a lose for the people trying to communicate.
 
2013-09-05 09:14:04 AM  

dittybopper: Which is what I alluded to before when I said this:


What I was objecting to was the "merely observing" bit- to observe, you must have physical control over the channel. If you have physical control over the channel, preventing its operation becomes trivial. There's no substantial difference between disrupting a classical channel or disrupting a quantum channel.
 
2013-09-05 09:17:36 AM  
OK, I just came to this realization:  Quantum cryptography will be illegal in the US, if you attempt to use it in any meaningful fashion over public networks, because of CALEA.  All public means of communication have to be available for monitoring by the government by law, and private companies *MUST* facilitate that.

That means it has to be over a dedicated, point-to-point fiber network.  But if you have a dedicated, point-to-point fiber network, you don't really need quantum cryptography in the first place, because you'll know when someone tries to splice into your fiber.
 
2013-09-05 09:20:42 AM  

t3knomanser: dittybopper: Which is what I alluded to before when I said this:

What I was objecting to was the "merely observing" bit- to observe, you must have physical control over the channel. If you have physical control over the channel, preventing its operation becomes trivial. There's no substantial difference between disrupting a classical channel or disrupting a quantum channel.


Well, that's true, of course.

But it brings up another weakness that I've pointed out:  You need a dedicated point-to-point physical channel, which limits the applications.

Plus, by it's very nature, I believe it would be illegal to implement for public communications carriers in the US, because of US law.
 
2013-09-05 09:32:51 AM  
Isn't the main use of quantum cryptography just to share keys that decrypt info sent over any arbitrary channel?  Shutting it down is less of a big deal if each party has already shared a few weeks worth of one-time-pads.  They can still communicate until they run out, and hopefully the network will be fixed by then.
 
2013-09-05 09:38:01 AM  

serial_crusher: Isn't the main use of quantum cryptography just to share keys that decrypt info sent over any arbitrary channel?  Shutting it down is less of a big deal if each party has already shared a few weeks worth of one-time-pads.  They can still communicate until they run out, and hopefully the network will be fixed by then.


The problem with using one-time pads in an electronic device of any kind is that they are then vulnerable to non-cryptological attacks:

Cuban Agent Communications:  Failure of a Perfect System

The better way to use OTPs is to make them completely manual, paper-and-pencil affairs.  That way, when you burn the pad page and your encryption or decryption worksheet, you know that the only copy of both has been completely destroyed.

It's easier to physically secure some small bits of paper than it is to secure an electronic device, which can be compromised without your knowledge.
 
2013-09-05 10:08:43 AM  
PGP biatches.
 
2013-09-05 10:14:16 AM  

Schroedinger's Glory Hole: PGP biatches.


OTP, biatch.
 
2013-09-05 10:20:16 AM  
dittybopper:

It's easier to physically secure some small bits of paper than it is to secure an electronic device, which can be compromised without your knowledge.

[OT]

Speaking of which, there's a health fitness tracker who's crypto needs cracking (in the interest of "owning your data")... if you're so inclined.  Maybe you'll at least recognise the method used (scroll to near the end of comments for crypto discussion).
 
2013-09-05 10:25:58 AM  
I don't need uncrackable, just difficult enough to be irrelevant by the time it's cracked.
 
2013-09-05 10:48:10 AM  

dittybopper: serial_crusher: Isn't the main use of quantum cryptography just to share keys that decrypt info sent over any arbitrary channel?  Shutting it down is less of a big deal if each party has already shared a few weeks worth of one-time-pads.  They can still communicate until they run out, and hopefully the network will be fixed by then.

The problem with using one-time pads in an electronic device of any kind is that they are then vulnerable to non-cryptological attacks:

Cuban Agent Communications:  Failure of a Perfect System

The better way to use OTPs is to make them completely manual, paper-and-pencil affairs.  That way, when you burn the pad page and your encryption or decryption worksheet, you know that the only copy of both has been completely destroyed.

It's easier to physically secure some small bits of paper than it is to secure an electronic device, which can be compromised without your knowledge.


That's not really a one-time-pad problem, that's just a subset of the larger problem of implementation, which is generally where crypto goes wrong.  An unbreakable algorithm + shoddy implementation = busted crypto every time.
 
2013-09-05 11:08:46 AM  
He may or may not have drank his ovaltine.
 
2013-09-05 11:20:59 AM  

Rent Party: Schroedinger's Glory Hole: PGP biatches.

OTP, biatch.


This.  Numbers stations have been doing this for decades, not only is the code uncrackable (provided the one time pad is not compromised), the recipient is unknown as well.
 
2013-09-05 11:22:58 AM  
I just want some 'unstainable underwear' when WW3 breaks out.
 
2013-09-05 11:32:01 AM  

China White Tea: That's not really a one-time-pad problem, that's just a subset of the larger problem of implementation, which is generally where crypto goes wrong.  An unbreakable algorithm + shoddy implementation = busted crypto every time.


Well, it's a unique problem with one-time pads.

Properly implemented, OTPs are unbreakable both in theory and in practice.  The problem is, when you implement them on electronic devices, you open up a window to side-step the encryption and read the plaintext directly, or grabbing the pads themselves, and this can be done remotely.

Plus, there are data remanence issues with using electronic devices.

For normal, day-to-day communications that you might want to encrypt to keep prying eyes out of, this isn't that much of a problem.  Public key cryptography is good enough, and locking down the machines enough so that you won't have problems is a fools game.  Neither you nor I know if there is an algorithm to break common encryption with even very large keys, nor would we know unless it was discovered by someone who doesn't work for the NSA or the like, and honestly, there just aren't all that many people doing that sort of work outside of government.

Honestly, though, for stuff like banking transactions and other economic stuff, or even communication in relative secrecy with friends and relatives, common encryption methods are generally good enough.

The point being, if you implement an OTP system electronically, you are introducing the same potential  vulnerabilities that all electronic systems have, so you might as well *NOT* use an OTP at that point, because you're going to extra trouble for something that can be side-stepped just as easily as, say, PGP or whatever.

The only real way to avoid those vulnerabilities is to keep the plaintext *AND* the keys (pads) off of any electronic system.   That means paper and pencil.  The ciphertext is OK to transmit via electronic means, of course.

The only reason you would ever use an OTP system is if you never, ever want anyone else to ever have the ability to read what you wrote.  Other than your correspondent, of course.  That's the only reason to ever go to the trouble of using them, and if you need or want that kind of security, then implementing it on an electronic system is foolish.
 
2013-09-05 11:36:03 AM  
nekom:Numbers stations have been doing this for decades.

So have I.  Well, for years, not decades:

img.fark.net
 
2013-09-05 11:42:35 AM  

dittybopper: So, basically, I as an eavesdropper can prevent you from communicating merely by observing your communications.

Which makes this method about as useful as a couple of tin cans and a string against someone who has scissors.


I like you but...

You're shiatting on the idea for irrelevant reasons:

dittybopper: The only real way to avoid those vulnerabilities is to keep the plaintext *AND* the keys (pads) off of any electronic system. That means paper and pencil. The ciphertext is OK to transmit via electronic means, of course.


Except what is being described here is a method to send the OTP electronically and be sure that it was not intercepted.

Of course if the physical connection is cut, that can't happen, but that applies to, well, anything electronic. Something > nothing, and when something fails, you still have what you had before. So, yeah, threadshiatting in this case.
 
2013-09-05 11:45:57 AM  
Let whomever writes the tax code transcribe your plaintext ...

BAM! Perfect encryption through Kafkaesque obfuscation.
 
2013-09-05 11:48:36 AM  
So, what, have the Beale cipher finally been cracked?
 
2013-09-05 12:23:29 PM  
You know who else thought they had an uncrackable code?
 
2013-09-05 12:28:29 PM  

RedPhoenix122: dittybopper: This is actually how they got the US into the war, by intercepting and decrypting the Zimmermann telegram.

Drink!


I giggled a bit.
 
2013-09-05 12:39:44 PM  

jonny_q: Except what is being described here is a method to send the OTP electronically and be sure that it was not intercepted.

Of course if the physical connection is cut, that can't happen, but that applies to, well, anything electronic. Something > nothing, and when something fails, you still have what you had before. So, yeah, threadshiatting in this case.


What about indirect attacks on the device it is stored on?

For example, what if you securely transfer the keys, but I manage to get you to download some malware that looks for that sort of thing, and surreptitiously send those keys back to me.

Or what if I simply manage to install a keylogger on that machine?  I don't have to know what the encryption keys are, because I can read the plaintext.

That's what I'm talking about:  implementing an OTP system on any electronic device that might be connected to the larger world* is a fools game because you are introducing vulnerabilities that nullify the security provided by an OTP system.

It's not threadshiatting, it's pointing out that by introducing some secure electronic method to transfer those keys, you are of necessity introducing other vulnerabilities.

*And in some cases, even ones that are ostensibly isolated from it.
 
2013-09-05 12:57:18 PM  

Apik0r0s: You know who else thought they had an uncrackable code?


Not the Nazis.  They knew, or at least some of them knew, that it could be cracked.

Admiral Doenitz was skeptical about the security of Engima, especially right after the Tarafal Bay Incident*.  This is straight from his official war diary:

The fear therefore, that one of the German boats had been torpedoed by the English submarine, proved groundless.  It is more likely that our cypher material is compromised or that there has been a breach of security.  It appears improbable that an English submarine would be in such an isolated area by accident.  The Naval War Staff is therefore taking the necessary steps to safeguard cypher material.

The resulting investigation by his underlings was actually slip-shod, probably because the new, more secure 4 rotor Naval Engima was due to be introduced in just a few short months.

That's not the only time they were twitchy about the security of the Enigma, though.

*Which, btw, is a good reason to always wear a condom!
 
2013-09-05 01:10:01 PM  
Still doesn't beat the good old spy job of using a Kate Upton look alike to acquire information from old perverts that are in every gov't and private entities.

/I have said too much.
//The chair is against the wall. I repeat, the chair is against the wall.
 
2013-09-05 01:37:06 PM  

Fano: So, what, have the Beale cipher finally been cracked?


Nope. Beale, Kryptos, and the final Zodiac cipher still stand uncracked. Beale may never be solved- if it's a book cipher like Beale 1 and 2, you'd need the book to break it. None has been found. Kryptos 1-3 have been broken as well as part of 4 but the rest of 4 has yet to fall despite the efforts of myself and about 2000 other people in the Yahoo Kryptos group. Zodiac remains unbroken- the last one has resisted Vignere, various substitutions, you name it.
 
2013-09-05 01:49:46 PM  

dittybopper: Apik0r0s: You know who else thought they had an uncrackable code?

Not the Nazis.  They knew, or at least some of them knew, that it could be cracked.

Admiral Doenitz was skeptical about the security of Engima, especially right after the Tarafal Bay Incident*.  This is straight from his official war diary:

The fear therefore, that one of the German boats had been torpedoed by the English submarine, proved groundless.  It is more likely that our cypher material is compromised or that there has been a breach of security.  It appears improbable that an English submarine would be in such an isolated area by accident.  The Naval War Staff is therefore taking the necessary steps to safeguard cypher material.

The resulting investigation by his underlings was actually slip-shod, probably because the new, more secure 4 rotor Naval Engima was due to be introduced in just a few short months.

That's not the only time they were twitchy about the security of the Enigma, though.

*Which, btw, is a good reason to always wear a condom!


Mmmmmmm, Doenitz.

Off to read Crytponomicon yet again. Fascinated by the lengths they went to, including letting friendlies die, to keep their decrypt capabilities a secret.
 
2013-09-05 02:06:10 PM  
Total n00b here (and bailed TFA after the initial discussion of what QKD is), but:

1. Couldn't you replicate and split the original signal? You get to keep a copy, they get an untouched version of it, and no one's the wiser, right? Or is that the MiM problem mentioned above (apparently later in TFA as well)? (Side questions - since my understanding of "quantum" connotes speed and position, does the tech depend on the length of connection? Could it? Would that even make sense?)
2. This isn't for data transmissions themselves, it's only for the encryption keys? Is the transfer rate too low for it to be feasible just to transmit encrypted data, or does that just lead to "Well, how then do you know what the DEcryption key is, smartass?" So why not, if the connection is so secure anyway, transmit raw data? (Though that sets off my data security radar...)
3. This sounds like nothing the US government would let people get their hands on, Unless, I guess, they keep a copy of all our shiat like they're already doing.
 
2013-09-05 03:07:43 PM  

Dr Dreidel: 1. Couldn't you replicate and split the original signal? You get to keep a copy, they get an untouched version of it, and no one's the wiser, right? Or is that the MiM problem mentioned above (apparently later in TFA as well)? (Side questions - since my understanding of "quantum" connotes speed and position, does the tech depend on the length of connection? Could it? Would that even make sense?)


No. Now, I should note my knoweldge of quantum cryptography is based on the photon-polarization version, but you can't duplicate it.

I could try to post an explanation of it, as I remember it,if you'd like.

2) Correct. This is a secure method of sending a one-time pad. Once you've securly transmitted a one-time pad, you don't really NEED to use any other form of encryption.

3) I have no clue.
 
2013-09-05 03:26:09 PM  

Dr Dreidel: 2. This isn't for data transmissions themselves, it's only for the encryption keys? Is the transfer rate too low for it to be feasible just to transmit encrypted data, or does that just lead to "Well, how then do you know what the DEcryption key is, smartass?" So why not, if the connection is so secure anyway, transmit raw data? (Though that sets off my data security radar...)


Yeah, I'm not sure I fully understand the use case.  If data transfer is slow, using it to transmit one time pads doesn't work.  A one time pad has to be the same size as the plaintext or greater; otherwise it's a multiple time pad....

Using this to transmit shorter keys would work though.  i.e. you're doing something that uses a lot of bandwidth like a video conference.  Transmit encrypted data over the high bandwidth but unsecure connection, transmit a key over the quantum connection, rotate keys every so often but re-use them between rotation.
So, an eavesdropper might eventually crack the encrypted conversation, but hopefully it takes him so long to do so that it's no longer relevant.
 
2013-09-05 03:32:33 PM  

dittybopper: Properly implemented, OTPs are unbreakable both in theory and in practice. The problem is, when you implement them on electronic devices, you open up a window to side-step the encryption and read the plaintext directly, or grabbing the pads themselves, and this can be done remotely.

Plus, there are data remanence issues with using electronic devices.


Data remanence issues are mostly an artifact of general purpose computing platforms though.  Those cuban agents got caught because of swap files and failure to securely delete data.
A single purpose device that just decrypts messages and displays them on the screen would knock out a lot of those concerns.  Sure, it's suspicious if you're caught with that device, but a stack of OTPs is going to be pretty suspicious too.
 
2013-09-05 03:42:08 PM  

Apik0r0s: dittybopper: Apik0r0s: You know who else thought they had an uncrackable code?

Not the Nazis.  They knew, or at least some of them knew, that it could be cracked.

Admiral Doenitz was skeptical about the security of Engima, especially right after the Tarafal Bay Incident*.  This is straight from his official war diary:

The fear therefore, that one of the German boats had been torpedoed by the English submarine, proved groundless.  It is more likely that our cypher material is compromised or that there has been a breach of security.  It appears improbable that an English submarine would be in such an isolated area by accident.  The Naval War Staff is therefore taking the necessary steps to safeguard cypher material.

The resulting investigation by his underlings was actually slip-shod, probably because the new, more secure 4 rotor Naval Engima was due to be introduced in just a few short months.

That's not the only time they were twitchy about the security of the Enigma, though.

*Which, btw, is a good reason to always wear a condom!

Mmmmmmm, Doenitz.

Off to read Crytponomicon yet again. Fascinated by the lengths they went to, including letting friendlies die, to keep their decrypt capabilities a secret.


Yup. Time to break out that special deck of cards.
 
2013-09-05 03:43:10 PM  

dittybopper: OK, I just came to this realization:  Quantum cryptography will be illegal in the US, if you attempt to use it in any meaningful fashion over public networks, because of CALEA.  All public means of communication have to be available for monitoring by the government by law, and private companies *MUST* facilitate that.

That means it has to be over a dedicated, point-to-point fiber network.  But if you have a dedicated, point-to-point fiber network, you don't really need quantum cryptography in the first place, because you'll know when someone tries to splice into your fiber.


So I take it this means PGP is flawed or has an NSA backdoor?
 
2013-09-05 03:46:23 PM  

Apik0r0s: Off to read Crytponomicon yet again. Fascinated by the lengths they went to, including letting friendlies die, to keep their decrypt capabilities a secret.


Don't.

Read "Hitler's U-boat War", volumes I and II by Clay Blair instead, or perhaps "The Codebreakers" by David Kahn, or "Seizing the Enigma", also by Kahn.

A good overview of WWII from a cryptological standpoint, but without getting into the the nitty-gritty technical stuff is "Codebreaker's Victory" by Hervie Haufler.

Hell, just go rent the movie "Enigma".  It's 10 times more true to life than the Craptonomicon, and it has Mick Jagger as a Royal Navy officer in it.

/Also, Saffron Burrows is teh sexy
 
2013-09-05 03:49:07 PM  
www.chud.com

So it's a code breaker.
No, it's THE code breaker.

/Yes, I know Whistler didn't say either of those lines, but I liked this picture.
 
2013-09-05 03:59:22 PM  

BgJonson79: dittybopper: OK, I just came to this realization:  Quantum cryptography will be illegal in the US, if you attempt to use it in any meaningful fashion over public networks, because of CALEA.  All public means of communication have to be available for monitoring by the government by law, and private companies *MUST* facilitate that.

That means it has to be over a dedicated, point-to-point fiber network.  But if you have a dedicated, point-to-point fiber network, you don't really need quantum cryptography in the first place, because you'll know when someone tries to splice into your fiber.

So I take it this means PGP is flawed or has an NSA backdoor?


No.

CALEA says that the companies must provide access to the data stream.  If you've encrypted it, well, the carriers can't do anything about that.  It's out of their control.

But if you try to do any sort of key exchange over a public network using quantum cryptography, well, they have to let law enforcement monitor it under certain conditions.  The act of monitoring the datastream will change it, however.

Honestly, the only real way quantum key exchange can work is over a dedicated, point-to-point link.  Anything other than that, and you lose the security.  Why?

Lets take a simple example of Alice sending keys to Bob via this method, but they don't have a dedicated link.  That means the datastream is going to have to be routed through at least one intervening device between Alice's machine and Bob's machine.  That "quantum router" is going to have to read the incoming stream from Alice, and then retransmit an identical stream to Bob.  That's certainly technically feasible.

The problem is that your router is now a weak point.  It has to be secured so that *NO ONE* has access to it other than Alice and Bob, and the law in the US forbids this if it's owned by a public carrier.

In fact, that opens up the possibility for Eve (an eavesdropper) to monitor the stream by having that routing device report back to her what it received from Alice, just like it does for Bob.

So it has to be a dedicated, point-to-point link with no intervening hardware, or you lose really the only reason for using it:  Preventing unnoticed eavesdropping.
 
2013-09-05 04:02:26 PM  

BgJonson79: So I take it this means PGP is flawed or has an NSA backdoor?


Also, there may well be an attack against PGP that we aren't aware of, but the NSA is.  And brute force attack statistics don't really impress me.  Nobody uses brute force attacks.

But if they can stick a keylogger on your machine, they don't have to break the encryption anyway.
 
2013-09-05 04:06:26 PM  

dittybopper: BgJonson79: So I take it this means PGP is flawed or has an NSA backdoor?

Also, there may well be an attack against PGP that we aren't aware of, but the NSA is.  And brute force attack statistics don't really impress me.  Nobody uses brute force attacks.

But if they can stick a keylogger on your machine, they don't have to break the encryption anyway.


Or the ol' "lead pipe" codebreaker ;-)

Thanks for your reply.  I always enjoy reading your posts!
 
2013-09-05 04:16:14 PM  

dittybopper: The only reason you would ever use an OTP system is if you never, ever want anyone else to ever have the ability to read what you wrote. Other than your correspondent, of course. That's the only reason to ever go to the trouble of using them, and if you need or want that kind of security, then implementing it on an electronic system is foolish.


What do you think about the current crop of secure boots, which basically embed a write-only OTP generated key into the device?  Do those techniques have any merit besides making it a PITA to make and support devices?
 
2013-09-05 04:33:38 PM  

dittybopper: Read "Hitler's U-boat War", volumes I and II by Clay Blair instead, or perhaps "The Codebreakers" by David Kahn, or "Seizing the Enigma", also by Kahn.

A good overview of WWII from a cryptological standpoint, but without getting into the the nitty-gritty technical stuff is "Codebreaker's Victory" by Hervie Haufler.

Hell, just go rent the movie "Enigma". It's 10 times more true to life than the Craptonomicon, and it has Mick Jagger as a Royal Navy officer in it.


I have read The Codebreakers, Seizing the Enigma, and Codebreaker's Victory all of which were good - but Crypto is still far more fun.

Then again I like Anathem best, so my recommendations should be taken with a salt grain or two.
 
2013-09-05 05:38:01 PM  

BgJonson79: dittybopper: BgJonson79: So I take it this means PGP is flawed or has an NSA backdoor?

Also, there may well be an attack against PGP that we aren't aware of, but the NSA is.  And brute force attack statistics don't really impress me.  Nobody uses brute force attacks.

But if they can stick a keylogger on your machine, they don't have to break the encryption anyway.

Or the ol' "lead pipe" codebreaker ;-)

Thanks for your reply.  I always enjoy reading your posts!


Thanks.

It turns out that things are worse than I imagined:

http://www.propublica.org/article/the-nsas-secret-campaign-to-crack- un dermine-internet-encryption
 
2013-09-05 06:12:01 PM  
How about we work on deciphering the codes that still haven't been broken before moving on to making new ones?
upload.wikimedia.org
www.fbi.gov28.media.tumblr.com
 
2013-09-05 10:01:09 PM  
dittybopper: jonny_q: 

What about indirect attacks on the device it is stored on?

That isn't an attack on the cypher.   What if someone breaks into your house and steals all your little slips of paper?

For example, what if you securely transfer the keys, but I manage to get you to download some malware that looks for that sort of thing, and surreptitiously send those keys back to me.

Then you haven't securely transferred the keys.

Or what if I simply manage to install a keylogger on that machine?  I don't have to know what the encryption keys are, because I can read the plaintext.

Then you don't have a secure machine.  That is also not an attack on the cypher.


That's what I'm talking about:  implementing an OTP system on any electronic device that might be connected to the larger world* is a fools game because you are introducing vulnerabilities that nullify the security provided by an OTP system.

You're a moron, dude.  OTPs have been used for secured electronic communication for decades.  You know that red phone that used to keep the White House in touch with the Kremlin, going way back to the 50s?   I'll give you three guesses as to how that was secured.

It's not threadshiatting, it's pointing out that by introducing some secure electronic method to transfer those keys, you are of necessity introducing other vulnerabilities.

It is threadshiatting to point out a bunch of vulnerabilities not even remotely tied to a cypher scheme, and then declare the cypher scheme insecure.   It's also highlighting how little you know about the subject.
 
2013-09-05 10:11:37 PM  

serial_crusher: Dr Dreidel: 2. This isn't for data transmissions themselves, it's only for the encryption keys? Is the transfer rate too low for it to be feasible just to transmit encrypted data, or does that just lead to "Well, how then do you know what the DEcryption key is, smartass?" So why not, if the connection is so secure anyway, transmit raw data? (Though that sets off my data security radar...)

Yeah, I'm not sure I fully understand the use case.  If data transfer is slow, using it to transmit one time pads doesn't work.  A one time pad has to be the same size as the plaintext or greater; otherwise it's a multiple time pad....

Using this to transmit shorter keys would work though.  i.e. you're doing something that uses a lot of bandwidth like a video conference.  Transmit encrypted data over the high bandwidth but unsecure connection, transmit a key over the quantum connection, rotate keys every so often but re-use them between rotation.


Not everyone is Skyping over their secure channel.  Lots and lots of messages can contain highly classified information in a very short amount of space.

Here's an exercise.   Describe the location of a submarine in as few bits as possible.

I think I can do that in......
 
Displayed 50 of 53 comments

First | « | 1 | 2 | » | Last | Show all

View Voting Results: Smartest and Funniest


This thread is archived, and closed to new comments.

Continue Farking
Submit a Link »
Advertisement
On Twitter






In Other Media


  1. Links are submitted by members of the Fark community.

  2. When community members submit a link, they also write a custom headline for the story.

  3. Other Farkers comment on the links. This is the number of comments. Click here to read them.

  4. Click here to submit a link.

Report