Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2020/07/enigma_machine_1.html
A four-rotor Enigma machine — with rotors — is up for auction.
Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2020/07/enigma_machine_1.html
A four-rotor Enigma machine — with rotors — is up for auction.
Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2020/05/ann_mitchell_bl.html
Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2020/04/another_story_o.html
This one is from the Netherlands. It seems to be clever cryptanalysis rather than a backdoor.
The Dutch intelligence service has been able to read encrypted communications from dozens of countries since the late 1970s thanks to a microchip, according to research by de Volkskrant on Thursday. The Netherlands could eavesdrop on confidential communication from countries such as Iran, Egypt and Saudi Arabia.
Philips, together with Siemens, built an encryption machine in the late 1970s. The device, the Aroflex, was used for secret communication between NATO allies. In addition, the companies also wanted to market the T1000CA, a commercial variant of the Aroflex with less strong cryptography.
The Volkskrant investigation shows that the Ministry of Foreign Affairs and the Marine Intelligence Service (MARID) cracked the cryptography of this device before it was launched. Philips helped the ministry and the intelligence service.
Normally it would take at least a month and a half to crack the T1000CA encryption. “Too long to get useful information from intercepted communication,” the newspaper writes. But MARID employees, together with Philips, succeeded in accelerating this 2.500 times by developing a special microchip.
The T1000CA was then sold to numerous non-NATO countries, including the Middle East and Asia. These countries could then be overheard by the Dutch intelligence services for years.
The 1970s was a decade of really bad commercial cryptography. DES, in 1975, was an improvement with its 56-bit key. I’m sure there are lots of these stories.
Here’s more about the Aroflex. And here’s what I think is the original Dutch story.
Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2019/10/calculating_the.html
NIST has completed a study — it was published last year, but I just saw it recently — calculating the costs and benefits of the Advanced Encryption Standard.
From the conclusion:
The result of performing that operation on the series of cumulated benefits extrapolated for the 169 survey respondents finds that present value of benefits from today’s perspective is approximately $8.9 billion. On the other hand, the present value of NIST’s costs from today’s perspective is $127 million. Thus, the NPV from today’s perspective is $8,772,000,000; the B/C ratio is therefore 70.2/1; and a measure (explained in detail in Section 6.1) of the IRR for the alternative investment perspective is 31%; all are indicators of a substantial economic impact.
Extending the approach of looking back from 2017 to the larger national economy required the selection of economic sectors best represented by the 169 survey respondents. The economic sectors represented by ten or more survey respondents include the following: agriculture; construction; manufacturing; retail trade; transportation and warehousing; information; real estate rental and leasing; professional, scientific, and technical services; management services; waste management; educational services; and arts and entertainment. Looking at the present value of benefits and costs from 2017’s perspective for these economic sectors finds that the present value of benefits rises to approximately $251 billion while the present value of NIST’s costs from today’s perspective remains the same at $127 million. Therefore, the NPV of the benefits of the AES program to the national economy from today’s perspective is $250,473,200,000; the B/C ratio is roughly 1976/1; and the appropriate, alternative (explained in Section 6.1) IRR and investing proceeds at the social rate of return is 53.6%.
The report contains lots of facts and figures relevant to crypto policy debates, including the chaotic nature of crypto markets in the mid-1990s, the number of approved devices and libraries of various kinds since then, other standards that invoke AES, and so on.
There’s a lot to argue with about the methodology and the assumptions. I don’t know if I buy that the benefits of AES to the economy are in the billions of dollars, mostly because we in the cryptographic community would have come up with alternative algorithms to triple-DES that would have been accepted and used. Still, I like seeing this kind of analysis about security infrastructure. Security is an enabling technology; it doesn’t do anything by itself, but instead allows all sorts of things to be done. And I certainly agree that the benefits of a standardized encryption algorithm that we all trust and use outweigh the cost by orders of magnitude.
And this isn’t the first time NIST has conducted economic impact studies. It released a study of the economic impact of DES in 2001.
Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2019/07/john_paul_steve.html
I didn’t know that Supreme Court Justice John Paul Stevens “was also a cryptographer for the Navy during World War II.” He was a proponent of individual privacy.
Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2019/05/german_sg-41_en.html
A German auction house is selling an SG-41. It looks beautiful. Starting price is 75,000 euros. My guess is that it will sell for around 100K euros.
Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2019/03/enigma_typex_an.html
GCHQ has put simulators for the Enigma, Typex, and Bombe on the Internet.
News article.
Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2019/02/reconstructing_.html
Lessons learned in reconstructing the World War II-era SIGSALY voice encryption system.
Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2018/12/back_issues_of_.html
Five years ago, the NSA published 23 years of its internal magazine, Cryptolog. There were lots of redactions, of course.
What’s new is a nice user interface for the issues, noting highlights and levels of redaction.
Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2018/04/musical_ciphers.html
Interesting history.
Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2018/01/student_cracks_.html
Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2017/06/the_women_of_bl.html
Really good article about the women who worked at Bletchley Park during World War II, breaking German Enigma-encrypted messages.
Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2017/03/nsa_documents_f_1.html
Here is a listing of all the documents that the NSA has in its archives that are dated earlier than 1930.
Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2017/03/friedman_commen.html
This is William Friedman’s highly annotated copy of Herbert Yardley’s book, The American Black Chamber.
Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2016/12/enigma_machine_.html
A fully functional four-rotor Enigma machine sold for $463,500.
Wow.
Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2016/12/voynich_manuscr.html
Yale University Press has published a facsimile of the Voynich Manuscript.
The manuscript is also available online.
By continuing to use the site, you agree to the use of cookies. more information
The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.