JT > This is uncrackable.
formatting link
krw > In theory, reality and theory are krw > the same. In reality, they are not. G > While that axiom is generally true, it's G > not true in the case of this cypher, krw. krw > Wrong. OTPs have been broken throughout history. Cites? krw > The reality is that nothing around the OTP is krw > secure, Are you talking about a weakness of the crypto or a human and physical security problem? It is actually possible for people to act unlike the usual governmental bureaucratic idiocy. krw > primarily because humans are involved. But that's not a fault of the crypto. Sure they are interdependent but let's not blame the crypto for human and physical security problems. G > No amount of supercomputing can decrypt this. G > Such efforts would be in vain for this cypher. krw > Irrelevant. G > The pre-arranged OTP key for each message G > (and in Vernam by extension each character) G > is not so much an exercise in cryptography G > as in keeping the keys secure. krw > ...and there, reality sets in. I think I did my "due diligence" by pointing out the distinction between the pure crypto and human/physical security issues. G > The Vernam One Time cypher looks to be more G > vulnerable to theft of the pre-arranged G > "OTP" keys than to cryptographic decoding. G > The means of delivering the pre-arranged G > OTP keys to the recipient would be the G > most obvious vulnerability. Transmitting G > the keys to the recipient across the G > insecure network would be foolish. G > Theft of keys or tampering with the random G > number generator would both involve more G > "hands on" efforts than pure decryption. G > If a determined eavesdropper were going G > to use that much "hands on" physical G > intrusion then perhaps video surveillance G > /wire tapping would be easier as well. G > This cypher certainly makes use of the G > old axiom about making decryption too G > difficult to be worth doing. G > Jim was right, this one is uncrackable. G > Watch him go off on me for saying that. krw > No, he's certainly
*NOT* right. Has the Vernam OTP cipher ever actually been broken cryptographically? I'd love to read about any historical examples where it was! Leaked or stolen keys or rigged random number generators don't invalidate the crypto method itself. While most government bureaucrats fail at human and physical security, there are probably a few who can actually manage to keep it secure. If you were sending a series of keys to a future recipient of messages, how would you send them? Flashdrive VIA UPS/Fedex with a tamper evident seal? Personal courier? In person handed out at a monthly or quarterly meeting? The point is that if you CARED you could manage to keep the human and physical security under control.
formatting link
The Vernam Cipher The Vernam Cipher is based on the principle that the plain text of a messag e is 'mixed' with random text from a One Time Pad (OTP). Because the result ing cipher text is still truely random, it can safely be sent over the air, without the risk of being deciphered by an interceptor. At the receiving e nd, the same OTP is used to 'unmix' the random text from the cipher text, w hich results in the original plain text. One only has to guarantee that the OTP is safe, that there are only two copies of it, and that both copies ar e destroyed immediately after use (see below).
The above became possible after the introduction of digital telegraphy, als o known as Teletype, or Telex. With teletype, each character is substituted by a digital 5-bit code, often represented by the 5 holes in a punched pap er tape that was commonly used with telex machines. Digital codes can also be represented by a series of '1's and '0's, where 1 represents the presenc e of a hole and 0 represents the absense of a hole. This is commonly known as the Baudot code. The OTP was recorded onto a punched paper tape, which was called the key, o r One Time Tape (OTT). The cipher text was generated by applying the logica l XOR operation (Exclusive-OR, or Modulo-2 addition) to the plain text and the key. The advantage of using the XOR operation is that it can be undone with the same operation. In other words: XOR-ing the cipher text with the k ey, would reveal the plain text again.
In mathematics, the XOR operation is called modulo-2 addition. In this case , the individual bits of the plain text are XOR-ed with the key. The result ing bit will only be '1' if the two input bits are different; if they are e qual, the result will be '0'. Let's asume that the letter A is represented by (11000) and that B is represented by: (10011). A bit-wise XOR operation would then yield (01011) which, in the Baudot table, is the letter 'G'. In fact, each bit from the key tells us whether or not the corresponding bit f rom the plaintext should be inverted. Example The principle of the Vernam Cipher is perhaps easier explained by looking a t a message stored on a punched paper tape. In the example below, we want t o transmit the word HELLO which is stored on the plain text tape. We also h ave a pre-recorded key tape, with a series of random characters; in this ca se the sequence AXHJB. The contents of the plain text tape are now XOR-ed w ith the contents of the key tape. The result (KMIVE) is a truely random ser ies of characters which we've stored on the cipher tape. Mixing of the plain text and the key
Now let us see what happens if we repeat this operation on the resulting ci pher tape. In the illustration below, the cipher tape is on the left. It is XOR-ed with a copy of the original key tape. The result is the original pl ain text. Mixing of the cipher text and the key
The process of XOR-ing text and key is often called mixing, and the cipher machines that use the Vernam principle, are therefore often called mixers o r mixer machines. Cipher Security The above procedure is 100% safe if, and only if, the following conditions are met:
There are only two copies of the key-tape, Both sides of the communication path have the same tape, The key-tape is used only once, The key-tape is destroyed immediately after use, The key-tape contains truely random characters.
If any of the above criteria is not met, the cipher will become less secure . This means, for example, that in a battlefield, sufficient supply of key- tapes have to be prepaired well in advance of a transmission. If you are co mmunicating with a station several thousands of kilometers away, it will be very difficult to supply new key-tapes on a regular basis.
In practice, distribution of key tapes always was a big problem, resulting in many violations of the above rules. In some cases a key tape was used mo re than once, or was inserted the other way around (i.e. starting at the en d). There were even cases where an operator would take a piece of key tape and use it as an endless loop, by joining both ends with a piece of cellota pe. Pseudo-random versus OTP Although the OTP was, and still is, the only cipher that is totally secure, many systems based on the Vernam Cipher were replaced by cipher systems th at used a pseudo-random key generator with a very long cipher period. If bo th ends of the communication link configure their pseudo-random key generat ors identically, the Vernam principle can still be applied.
With this method, the configuration of the pseudo-random generator has beco me the key or seed, or initialization vector, which is potentially much sho rter than the message itself. Such a short key produces far less distributi on problems, but also results in a reduced security of the cipher. It all d epends on the secrecy and the strength of the key. Generating OTP key tapes (OTT) It is also very important to consider how key tapes were made. The cipher i s only 100% safe, if the key tape contains evenly-spread truely random char acters. That would be the case if the tape was filled with white noise from , say, a diode or an empty radio channel.
In practice, however, military organisations often used pseudo-random numbe r generators for the creation of the key tape. The simple fact that such a generator is pseudo-random, makes the cipher less secure. There is always t he danger that a potential enemy finds out what algorithm is used to genera te the pseudo-random sequence; either by mathematical methods or by espiona ge. An example of a key tape generator is the EROLET. Mixer machines Cipher machines, intended for operation with teletype signals, that use the Vernam Cipher, are generally called mixers or mixer machines. In most case s, they are equipped with two paper-tape readers. Several such mixer machin es are described on this website. More... Click here for an overview of mixer machines on this website
Invention The Vernam Cipher is named after Gilbert Sandford Vernam (1890-1960) who, i n 1917, invented the stream cipher and later co-invented the OTP. His paten t US1310719 [1] was filed in 1918 and is, according to the NSA, perhaps one of the most important in the history of cryptography.
Snapshot from Gilbert Vernam's Patent US1310719. Click to read the complete document.
Over the years, many have claimed the invention of the mixer machine. In 19
21, the German manufacturer Siemens filed patent DE371087 in which a nearly identical principle is claimed. The patent drawing even shows two puched p aper readers side-by-side. One of Siemens' claims is that it could be used as an online cipher system by driving the telegraph relay directly [2].
Snapshot from German Patent DE371087. Click to read the complete document.
During WWII, the German Army relied on hand ciphers and rotor-based cipher machines, such as the Enigma, the Siemens T-52 Geheimschreiber and the Lore nz SZ-40/42. In 1943, Siemens developed their first online mixer machine ba sed on the above principle. It was named T-43 and less than 50 of them were built. At the end of WWII, the Germans destroyed most of these T-43 machin es. The ones that survived were captured by the Americans and later the Bri tish.
K in Norway [3]. The collaboration of the two engineers eventually resulted in the release of the ETCRRM, a mixer machine that used valves (tubes) rat her than electric relays. The machine was soon adopted by the Americans for communication at the highest level and later also by the newly established NATO. At height of the Cold War, the ETCRRM was used at the heart of the W ashington-Moscow Hotline.
In the late 1950s, the Dutch PTT developed their own range of mixer machine s, again based on the same principle. As the PTT didn't have sufficient pro duction capacity, the machines were manufactured by Philips Usfa in Eindhov en (Netherlands). The first machine to be released in 1656 was the Ecolex I . Like the ETCRRM, it was valve-based. It was followed in 1960 by the fully transistorized Ecolex II. After that, Philips Usfa took over the developme nt of cipher machines, resulting in 1963 in the Ecolex IV. According to a f ormer company director, Philips had to pay royalties to the principal inven tor at the Dutch PTT for many years, for the use of his patents [4]. Modern use of the Vernam Cipher The Vernam Cipher can also be applied to modern computer systems. Instead o f the 5-bit word of a teletype system, computers use 8-bit or even longer w ords. The principle, however, remains the same as the XOR-operation is appl ied to the individual bits of the data word. The use of the XOR-operation i s still at the heart of many cryptographic algorithms today. References
Gilbert S. Vernam, US Patent 1310719 Filed 13 September 1918.
Siemens und Halske, German Patent DE371087 Filed 10 July 1921.
NSM Annual Report 2008 (Norwegian). Noen kryptosuksesser. p. 15.
Anonymous former company director of Philips Usfa Interview at Crypto Museum. April 2013.
Further information
The Vernam Cipher on Wikipedia One-Time Pad (OTP) and One-Time Tape (OTT) The Baudot code Mixer machines on this website
Any links shown in red are currently unavailable. If you like this website, why not make a donation?
07 May 2013 - 10:01 CET Reposted under the FAIR USE exceptions to the US copyright law. Non-profit and for the purpose of discussion.