Re: Hey old people

[Drsolly <drsollyp () drsolly com>]

I visited Bletchly recently. They're rebuildnig a Colossus, the first ever 
electronic programmable computer.

On Tue, 27 Dec 2005, Roland Dobbins wrote:

> Dr. Solly is correct - it was a combination of several design flaws,  
> one of which was an unintended consequence of a 'security' feature  
> (things never change, heh):
>
> -----
>
> . . . it was possible to change the sequence of ciphering drums and  
> due to that the number of possible combinations increased six times.  
> However, this last complication gave an effect not foreseen by the  
> designers. It caused that each of the three ciphering drums was  
> placed from time to time at the right side of the set of drums. So  
> the method described for the reconstruction of the drum N could  
> sequentially be applied for each of the drums, and in this way the  
> entire reconstruction of the inner structure of the Enigma ciphering  
> machine was possible.
>
> -----
>
> More at http://frode.home.cern.ch/frode/crypto/rew80.pdf
>
> What's interesting to note is that the U.S. encouraged other  
> countries to buy copies of the Enigma machine for several years after  
> WWII had ended; as we had a pretty good handle on deciphering  
> messages encrypted with these machines, the implications are obvious.
>
>
>
> On Dec 27, 2005, at 7:18 AM, Drsolly wrote:
>
> > On Tue, 27 Dec 2005, Aviram Jenik wrote:
> >
> > > On Sunday, 25 December 2005 21:04, Drsolly wrote:
> > > > > Can crypto weaknesses be considered 'vulnerabilities'? In most  
> > > > > cases
> > > > > (e.g. cracking the Enigma code and deciphering the Zimmerman  
> > > > > telegram)
> > > > > they are done by humintly retrieving the key or brute-forcing  
> > > > > the cipher
> > > > > in one way or another.
> > >
> > > AFAIR breaking the Enigma consisted of:
> > > A. Getting the actual hardware (without which the allies were  
> > > completely
> > > clueless)
> >
> > Actually, the Poles managed to crack Enigma before they got hold of  
> > the
> > hardware.
> >
> > > B. Performing a brute-force attack every morning to get that day's  
> > > key
> >
> > The whole point of Enigma (and devices like it) was that you couldn't
> > brute-force it. Also, remember that at that time a "computer" was a  
> > person
> > with a pencil and paper.
> >
> > > I believe the weakness in the design Roland mentioned allowed the  
> > > brute force
> > > attack to succeed in a relatively short time - but it did not  
> > > generate the
> > > key right away (Roland - am I right?)
> >
> > No.
> >
> >
> > _______________________________________________
> > Fun and Misc security discussion for OT posts.
> > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> > Note: funsec is a public and open mailing list.
>
> ----------------------------------------------------------------------
> Roland Dobbins <rdobbins () cisco com> // 408.527.6376 voice
>
>       Everything has been said.  But nobody listens.
>
>                     -- Roger Shattuck
>
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.