Re: Hey old people

[Roland Dobbins <rdobbins () cisco com>]

Also, this preso talks more about the design and procedural  
operational problems with Engima as it was implemented and used on a  
daily basis:

http://frode.home.cern.ch/frode/crypto/tuma2003.pdf


On Dec 27, 2005, at 9:53 AM, Roland Dobbins wrote:

> Dr. Solly is correct - it was a combination of several design  
> flaws, one of which was an unintended consequence of a 'security'  
> feature (things never change, heh):
>
> -----
>
> . . . it was possible to change the sequence of ciphering drums and  
> due to that the number of possible combinations increased six  
> times. However, this last complication gave an effect not foreseen  
> by the designers. It caused that each of the three ciphering drums  
> was placed from time to time at the right side of the set of drums.  
> So the method described for the reconstruction of the drum N could  
> sequentially be applied for each of the drums, and in this way the  
> entire reconstruction of the inner structure of the Enigma  
> ciphering machine was possible.
>
> -----
>
> More at http://frode.home.cern.ch/frode/crypto/rew80.pdf
>
> What's interesting to note is that the U.S. encouraged other  
> countries to buy copies of the Enigma machine for several years  
> after WWII had ended; as we had a pretty good handle on deciphering  
> messages encrypted with these machines, the implications are obvious.
>
>
>
> On Dec 27, 2005, at 7:18 AM, Drsolly wrote:
>
> > On Tue, 27 Dec 2005, Aviram Jenik wrote:
> >
> > > On Sunday, 25 December 2005 21:04, Drsolly wrote:
> > > > > Can crypto weaknesses be considered 'vulnerabilities'? In most  
> > > > > cases
> > > > > (e.g. cracking the Enigma code and deciphering the Zimmerman  
> > > > > telegram)
> > > > > they are done by humintly retrieving the key or brute-forcing  
> > > > > the cipher
> > > > > in one way or another.
> > >
> > > AFAIR breaking the Enigma consisted of:
> > > A. Getting the actual hardware (without which the allies were  
> > > completely
> > > clueless)
> >
> > Actually, the Poles managed to crack Enigma before they got hold  
> > of the
> > hardware.
> >
> > > B. Performing a brute-force attack every morning to get that  
> > > day's key
> >
> > The whole point of Enigma (and devices like it) was that you couldn't
> > brute-force it. Also, remember that at that time a "computer" was  
> > a person
> > with a pencil and paper.
> >
> > > I believe the weakness in the design Roland mentioned allowed the  
> > > brute force
> > > attack to succeed in a relatively short time - but it did not  
> > > generate the
> > > key right away (Roland - am I right?)
> >
> > No.
> >
> >
> > _______________________________________________
> > Fun and Misc security discussion for OT posts.
> > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> > Note: funsec is a public and open mailing list.
>
> ----------------------------------------------------------------------
> Roland Dobbins <rdobbins () cisco com> // 408.527.6376 voice
>
>      Everything has been said.  But nobody listens.
>
>                    -- Roger Shattuck

----------------------------------------------------------------------
Roland Dobbins <rdobbins () cisco com> // 408.527.6376 voice

     Everything has been said.  But nobody listens.

                   -- Roger Shattuck

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.