funsec mailing list archives
Re: Hey old people
From: Roland Dobbins <rdobbins () cisco com>
Date: Tue, 27 Dec 2005 10:08:55 -0800
Also, this preso talks more about the design and procedural operational problems with Engima as it was implemented and used on a daily basis:
http://frode.home.cern.ch/frode/crypto/tuma2003.pdf On Dec 27, 2005, at 9:53 AM, Roland Dobbins wrote:
Dr. Solly is correct - it was a combination of several design flaws, one of which was an unintended consequence of a 'security' feature (things never change, heh):-----. . . it was possible to change the sequence of ciphering drums and due to that the number of possible combinations increased six times. However, this last complication gave an effect not foreseen by the designers. It caused that each of the three ciphering drums was placed from time to time at the right side of the set of drums. So the method described for the reconstruction of the drum N could sequentially be applied for each of the drums, and in this way the entire reconstruction of the inner structure of the Enigma ciphering machine was possible.----- More at http://frode.home.cern.ch/frode/crypto/rew80.pdfWhat's interesting to note is that the U.S. encouraged other countries to buy copies of the Enigma machine for several years after WWII had ended; as we had a pretty good handle on deciphering messages encrypted with these machines, the implications are obvious.On Dec 27, 2005, at 7:18 AM, Drsolly wrote:On Tue, 27 Dec 2005, Aviram Jenik wrote:On Sunday, 25 December 2005 21:04, Drsolly wrote:Can crypto weaknesses be considered 'vulnerabilities'? In most cases (e.g. cracking the Enigma code and deciphering the Zimmerman telegram) they are done by humintly retrieving the key or brute-forcing the cipherin one way or another.AFAIR breaking the Enigma consisted of:A. Getting the actual hardware (without which the allies were completelyclueless)Actually, the Poles managed to crack Enigma before they got hold of thehardware.B. Performing a brute-force attack every morning to get that day's keyThe whole point of Enigma (and devices like it) was that you couldn'tbrute-force it. Also, remember that at that time a "computer" was a personwith a pencil and paper.I believe the weakness in the design Roland mentioned allowed the brute force attack to succeed in a relatively short time - but it did not generate thekey right away (Roland - am I right?)No. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.---------------------------------------------------------------------- Roland Dobbins <rdobbins () cisco com> // 408.527.6376 voice Everything has been said. But nobody listens. -- Roger Shattuck
---------------------------------------------------------------------- Roland Dobbins <rdobbins () cisco com> // 408.527.6376 voice Everything has been said. But nobody listens. -- Roger Shattuck _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- RE: Hey old people, (continued)
- RE: Hey old people D'Aloisio, Marc (Dec 22)
- RE: Hey old people Larry Seltzer (Dec 22)
- Re: Hey old people Sullo (Dec 23)
- Re: Hey old people Drsolly (Dec 23)
- Re: Hey old people Aviram Jenik (Dec 25)
- Re: Hey old people Roland Dobbins (Dec 25)
- Re: Hey old people Drsolly (Dec 25)
- Re: Hey old people Aviram Jenik (Dec 27)
- Re: Hey old people Drsolly (Dec 27)
- Re: Hey old people Roland Dobbins (Dec 27)
- Re: Hey old people Roland Dobbins (Dec 27)
- Re: Hey old people Drsolly (Dec 27)
- Re: Hey old people Blue Boar (Dec 27)
- Re: Hey old people Drsolly (Dec 27)
- Re: Hey old people Drsolly (Dec 23)
- RE: Hey old people D'Aloisio, Marc (Dec 22)
- Re: Hey old people Blue Boar (Dec 27)
- Re: Hey old people Roland Dobbins (Dec 27)
- Re: Hey old people Drsolly (Dec 27)
- Re: Hey old people Blue Boar (Dec 27)
- Re: Hey old people Drsolly (Dec 27)