Slashdot Mirror
60 Years of Cryptography, 1949-2009
Dan Jones writes "2009 marks 60 years since the advent of modern cryptography. It was back in October 1949 when mathematician Claude Shannon published a paper on Communication Theory of Secrecy Systems. According to his employer at the time, Bell Labs, the work transformed cryptography from an art to a science and is generally considered the foundation of modern cryptography. Since then significant developments in secure communications have continued, particularly with the advent of the Internet and Web. CIO has a pictorial representation of the past six decades of research and development in encryption technology. Highlights include the design of the first quantum cryptography protocol by Charles Bennett and Gilles Brassard in 1984, and the EFF's 'Deep Crack' DES code breaker of 1998."
Ubbenl gb rapbqvat!
Well, all slashdot readers have probably read The Code Book by Simon Singh years ago. No article is needed at this point, nothing new here.
But none of Alan Turing.
Though that might had happened earlier than the summary suggests...from http://en.wikipedia.org/wiki/Biuro_Szyfrow#Enigma_solved :
Rejewski made in December 1932, according to historian David Kahn, one of the greatest advances in cryptologic history by applying pure mathematics group theory to breaking the German armed forces' Enigma machine ciphers.
BTW, since most of you are unlikely to read the whole wiki article, there's one very amusing part... ;p
On September 17, as the Soviet Army invaded Poland, Cipher Bureau personnel crossed the southeastern border with other Polish military and government personnel, into Romania. They eventually made their way to France where, at "PC Bruno", outside Paris, they continued breaking German Enigma traffic in collaboration with Bletchley Park, fifty miles northwest of London, England. In the interest of security, the allied cryptological services, before sending their messages over a teletype line, encrypted them using Enigma doubles. Henri Braquenié often closed messages with a "Heil Hitler!"
One that hath name thou can not otter
How come history is written so that "Modern Cryptography" starts when an American writes a paper, some seven years after the British have developed computers to automatically crack Germany's enigma codes? Modern cryptography isn't just the creation of the cipher, but the appreciation of modern techniques to crack it.
If this article can make such an arbitrary assumption about what is modern, I give little credit to how misinformed the rest of the article may be. It's how Americans steal history, so they can define it in their own favor.
I do not mean to flame. I am just skeptical of assumptions, when such a basic assumption is so inherently wrong.
Er... Bletchley Park anyone? Shhhhh - don't mention the war!
Several years ago I visited the National Cryptologic Museum at Ft Meade MD. http://www.nsa.gov/about/cryptologic_heritage/museum/
At the time you had to go through a gate with armed military types then make your way around to the museum parking lot. Once inside, I remembered that I had forgotten to lock my car doors, and mentioned to the guard that I was going to go back out to the parking lot to do this. He looked at me and said, "Don't worry about it, your car is being watched".
In any case, I highly recommend visiting this museum if you are a geek type. from a real Enigma that you can touch, to a Cray II that you can sit on, this place is cryptogeek heaven. A truly interesting experience.
* Carthago Delenda Est *
> Unfortunately this machine ended up on the losing side of the war, so a lot of the
> knowledge will have been lost thanks to that.
Er, the German guy who invented the Enigma was killed in a horse carriage accident in 1929. So, no, the war had no direct effect on cryptographic knowledge in the way you imply. Considering the enormous number of casualties on both sides, however, I'm sure it affected it in a general way.
I have developed my own uncrackable form of encryption, the only downside being that it takes a long time. The process basically involves saving my data to a Linux filesystem, and then waiting until the OS inevitably corrupts itself beyond compare. Hey presto, encrypted data!
In fact, as is well known, A M Turing worked at Bell for a short time during WW2. He also learnt at Princeton the electronics that made the Bombes possible.
Modern cryptanalysis was a US/UK cooperation with information and development coming from both sides The Poles obtained an Enigma and started the mathematical theory of decrypting Enigma messages: the analysts at Bletchley, of whom Turing was only one (remember I J Good, anybody?) too it forward, and then post-Pearl Harbor it became (at least in part) a joint venture. It isn't necessary for the US to pretend that they did it all by themselves; we associate that kind of insecurity with the Soviet Union.
The (US) guy who recently wrote a history of D-Day (sorry, forget his name) writes somewhere that while the perception that in WW2 the British had the ideas and the US provided the productive capacity is not really correct as it stands, there is some truth in it. That should really be good enough for everybody.
From scarped cliff or quarried stone she cries "A thousand types are gone, I care for nothing, no not one."
A stupid question you might think , but unless you know what the output should be , how do you know when you've found it? Unless a computer knows every language on the planet and "reads" ever version of the potential output and decides if it makes sense how can it ever know when the decryption is finished? And what if its not plain text its decrypting but something else entirely such as a binary file? Perhaps I'm just dumb but this is something I've never understodd.
Not shaministic - its called requirements analysis.
Take customer/manager, listen to their random and usually contradictory utterances and rearrange into something approaching a set of system requirements.
--- Users are like bacteria -> Each one causing a thousand tiny crises until the host finally gives up and dies.
"While the British worked on code breaking, and some of what was discovered there applies to modern code breaking, they didn't work on modern coding techniques. Their concern was breaking the codes of the day, understandably."
Oh right, so conveniently the 1940s don't count as "modern" , but the 1950s do? What a crock of shit. Talk about modifiying meanings to suit your own ends. The german codes were created using a machine and on the british side were partly decoded using electronic computers. If that doesn't count as modern then I don't know what does.
You don't know - and neither does the computer.
Decryption is a mathematical operation. You are given a blob of yunk. You can be fairly certain it is encrypted with a given cipher because it meets certain characteristics - either length, or hash-depth, or there is a header or footer of a given length, or some revealing information about the cipher may have been sent prior to or alongside the encrypted blob.
Then, if you're smart enough, or you have enough money, or time, or computing power, or a lot of luck, the decryption operation might occur. You can check as to whether or not you've successfully decrypted the data mathematically - e.g. does the result set fit with the function I've just run and give me the source data I started with? If so, yes, you've decrypted the data.
It's your responsibility as a researcher to decide what to do with whatever came out the other side. You may have to decrypt it again before proceeding. You may find out that what you just decrypted was nothing more sinister than ICMP_FRAGMENTATION_REQUIRED (Frak!).
The holy grail of cryptography may infact be steganographical encryption - or binary / machine language that reads as Grandmother's Cookie Recipe, but when run as an executable it actually glasses the machine. Who knows?
Informatus Technologicus
Fair enough , but what if something has been encrypted twice? You've successfully decrypted the 2nd stage but the output is still statistically noise because its still encrypted by the 1st encryption stage. How would you solve this problem?
I've recently become rather fascinated by the Enigma machine and the operation of the device. The Wikipedia article is worth a read.
Couple of cool things to know about the Enigma:
I believe it was the first machine to have symmetrical encoding and decoding. Because it had a this property (as a letter was coded through the rotors, there was a rotor that reflected the encoding back through the rotor stages again), an operator could code and decode messages without reconfiguring the device.
Due to the fact above, the Enigma could never encode a letter onto itself. This greatly decreased the permutations allowed and made the device less effective.
The way the Germans used the machine also made the device easy to crack. Operators would encode the rotor setup in the message. This allowed verifying that the right settings were being used. Also, the Germans would include many standard phrases like praise for the Fuhrer.
Though the Enigma machine is the most well known device, there were many rotor based encoders during the WWII and post era.
There are many simulators of the Enigma machine (see the Wikipedia article). Very cool to play with to really understand the operation of the device.
I love the sound of distortion in the morning -- webcommando
"Encrypted twice" doesn't mean anything. A composed encryption scheme is a single function, same as y = (2x + 1)^2 - 4.
As stated below, steganography is the stopping problem here. Is the secret meaning hidden in typos and word order, or do the words have a second meaning?
ID: the nose did not occur naturally, how would we wear glasses otherwise? (apologies to Voltaire)
And every, single, image in that slide show is ripped directly from Wikipedia. In fact, the entire presentation is little more that a digest of someones Wikitrip.
As Paul Graham(I think) said, "Pay to view content on the internet may as well not exist". Given that information not on the internet is becoming increasingly obsolete, this maxim can be extended to the conclusion that; the only content that will matter is that which is freely available online. People such as journalists or even reviewing researchers are not going to go to the hassle of chasing down sources closeted in dusty libraries or the like, when low hanging fruit such as Wikipedia pages are so easily accessible.
There was a story a few weeks ago about how a copyright black hole is swallowing our culture. Well, it's swallowing more than that. It's swallowing cold hard facts, data, progress and information too. Compound this easily accessible and digestible, though lower quality, alternatives available online at places like Wikipedia, and you are seeing the beginning of a major shift in how our society comes by its information and the truth itself.
For over 5 months Wikipedia had an incorrect start date for World War 2. In the new information regime that is emerging, for a great many (mostly younger) people, for those 5 months, that became the start date for World War 2. The (old) correct date was cloistered away in libraries and pay per view papers or books. The new date was the first hit on a Google search. Which is more likely to become the dominant interpretation?
We have seen it time and again. Cheaper and easier will win out over expensive and difficult. The same is now happening for information. This doesn't necessarily mean that cheap and easy has to be worse, but in the case of finding cold hard facts online, it is. There is no quality control on the internet hive mind. The online or Wikipedia version of the truth is becoming the dominant one, and with the black hole swallowing all the hard facts, how will we ever find the real truth again?
Orwell was right about the outcome, but wrong about the method. You don't need to hide the truth. You just need to make the alternatives easier to find.
May the Maths Be with you!
You could encrypt with one algorithm, then take the output from that and encrypt again with a completely different one.
"Encrypted twice" doesn't mean anything. A composed encryption scheme is a single function, same as y = (2x + 1)^2 - 4.
Technically true, but depending on the cipher(s) you use, you may have no idea at all what the resulting function is, and it is therefore often easier to decrypt in the same steps you used for the encryption.
Some cryptographic functions, RSA for instance, are mathematical groups. In other words, RSA(RSA(plaintext, key1), key2) === RSA(plaintext, key3) for some key3 that you probably don't know. In such cases, if you were trying to break the cipher and had no means to recover keys 1 and 2, it would be easier to discover key3 and decrypt in one step.
That's not true for all ciphers, however. DES is one example of a cipher that is not a mathematical group, which is why "TripleDES" is regarded as being more secure than a single pass of DES -- I believe the assumption is that 3 passes of 56-bit DES are about equivalent to a 112 bit key.
All of that theory, of course, breaks down if you can get at the original keys. Rubber-hose cryptanalysis has the obvious advantages of being fast and computationally cheap.
Where is the wisdom we have lost in knowledge?
Where is the knowledge we have lost in information?
While f3(x) may well be stronger than f1(x) or f2(x), this is not necessarily the case.
If I seem short sighted, it is because I stand on the shoulders of midgets