Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!watmath!clyde!burl!ulysses!mhuxr!mhuxn!ihnp4!qantel!intelca!oliveb!hplabs!hao!noao!terak!anasazi!john From: john@anasazi.UUCP (John Moore) Newsgroups: net.crypt Subject: Re: Code Breaking Message-ID: <217@anasazi.UUCP> Date: Sun, 27-Apr-86 12:26:58 EDT Article-I.D.: anasazi.217 Posted: Sun Apr 27 12:26:58 1986 Date-Received: Fri, 2-May-86 22:25:50 EDT References: <113@radha.UUCP> Reply-To: john@anasazi.UUCP (John Moore) Organization: Anasazi, Phoenix Az. Lines: 73 In article <113@radha.UUCP> sanand@radha.UUCP (Sanand Patel) writes: >Forgive my naivette, but someone mentioned that the U.S. Somebody or Other, >has essentially no problems in breaking codes (grossly paraphrased) ... >he mentioned the 'KAL' vs. Russia case. That was a mistaken reference. In the KAL case, the transmissions were in plaintext. The important point there was that the US in fact was monitoring the transmissions at all. The US maintains an extensive network of listening stations, and essentially records the entire useful electromagnetic spectrum at each of these points. It is then an easy matter to play back the tapes after an incident and extract the suitable intelligence. > >[naive mode] > >Does this apply to the simple scheme of "exclusive or" against a large >key (I know almost nothing about cryptology ...) >e.g. > >plaintext--> Some very important text that must be kept secret >My Key ----> ThisIsMySecretKeyThisIsMySecretKeyThisIsMySecretK > >Coded-------> Exclusive-Or of S+T, o+h, m+i etc. > >plaintext--> Exclusive-Or of c1+T, c2+h , c3+i etc. >on other side > >Now, not withstanding how the key is passed, is the above scheme breakable, >especially with very large keys (say 100 or 200 letters) ? > This is a classic and well studied cryptosystem. In modern cryptology, your examples would be considered small keys and, given enough ciphertext, they are trivially breakable by examining the letter frequency statistics: once the key length has been determined (by simply assuming each possible length and then gathering letter f requency statistics, and chosing the least random length, the letter frequency plus a good knowledge of the plaintext language and a talent for crypography (or... a big computer) then solves the cryptogram. Most modern crypto schemes attempt to do the equivalent of generating a very large (millions of bits) key from a small one via a concealed algorithm. Part of this key can be thought of as exclusive OR'ed against the plaintext, and part of this can be thought of as a permutation matrix to scramble the order of bits in the plaintext (although lots of schemes don't bother with the permuting of the bits). Even these schemes can be broken for surprisingly long sequences (and who knows how long... those are extremely well guarded secrets). For a nice overview book on the subject, with lots of history, read "The Codebreakers" by Kahn (available in paperback). There are also a number of higher level texts available through your local university bookstore. The DES algorithm, which is a US Government standard ,although not considered secure enough for classified information, is used for high-value electronic funds transfer. This algorithm is PUBLIC and in fact you can read the exact algorithm in modern texts or buy a copy of the algorithm from the National Bureau of Standards. All that is necessary to break this algorithm is to guess a 56 bit key, but whether that can be done in real time without gigantic special purpose computers is under debate. Take a look at it if you want to see a tough (to laymen) modern cryptosystem. -- John Moore (NJ7E/XE1HDO) {decvax|ihnp4|hao}!noao!terak!anasazi!john {hao!noao|decvax|ihnp4|seismo}!terak!anasazi!john terak!anasazi!john@SEISMO.CSS.GOV (602) 861-7607 (day or evening) 7525 Clearwater Pkwy, Paradise Valley, AZ, 85253 (Home Address) The opinions expressed here are obviously not mine, so they must be someone else's.