"If there is any lesson for today, it’s that modern cryptanalysis is possible primarily because people make mistakes"
Here's a toy one-time pad implementation I did (years ago) in C++. I just recently implemented it in Go too. These are pretty simple to write, but I wonder if I've made mistakes.
That’s one advantage that a military crypto system has over a civilian one in that they already have well established physical identity and authentication. They can take advantage of that to deliver the one time pad. For example, before a ship goes on deployment, it can be loaded up with the one time pad. Similarly for a division being deployed.
I don't have any knowledge about this, but an 8 TB SSD would probably last quite a while, especially for a ship with limited bandwidth out at see. (Of course there are probably multiple disks, not least for redundancy, since the space/weight concern is completely negligible)
Uneducated guess - the ability to quickly completely and utterly obliterating the pad would probably be a much more significant concern than space or weight.
After all, you don't want your cipher desk, OTP and all to be overrun by opfor just as you are encoding "we are being boarded!"
The nice thing about a OTP is that it's only used once, unlike a typical cipher. If pads are lost, well that's fine because they weren't going to be used with anyone else.
Sure, but it's also easy to have a system where the pad is destroyed after it is used. This would help insure that nobody messes up and uses the same bits twice as well.
You can also have a separate set of pads that decrypt the messages to something entirely different from the real messages. I'm not aware of another crypto system that allows for this. Here's an example:
In World War II, navy code books were bound with lead covers to make it easy to safely jettison the books overboard if necessary.
Such code books where a bit like dictionaries containing random alphanumeric sequences for each useful plaintext word. This was then subjected to an additional layer of encipherment. Such a code was generally beyond the ability of foes to break.
Many years past the battle of Midway, it was finally revealed that the US had broken the Japanese Navy code known as “Purple”, explaining the United States lucky outcome in that important battle. I believe it was through a combination of obtaining one of the code books and cryptanalysis.
Military crypto systems have rarely been based around one-time pads. One time pads are difficult to use and extremely slow in practice because you have to work by hand to decrypt a message. A cipher machine is hard to make mistakes with and can disseminate information quickly in both directions. That's why you don't load up ships with hundreds of pages of OTPs, you put an Enigma (or modern equivalent ;)) on board.
One time pads are useful for espionage, and you can see examples of how they are used here[1]. They took advantage of how most espionage worked (and who knows, may still work!): different channels for sending and receiving. The numbers station read you a short message, and if you needed to send a message back you signaled your handler to meet in person at a prearranged place.
The same thing that makes OTPs suck on ships make them excellent for sending short messages to spies. You can't hide an Enigma in a walnut, after all!
Also worth noting that most military communications are only sensitive if broken quickly, secret messages sent in espionage might need to stay secret for decades against potentially new mathematical attacks and hardware developments.
One time pads don't necessarily have to be pen and paper. You can distribute a MicroSD card with 128GB of random bits that is used to encode/decode messages. An additional advantage of a system like this is the OTP can be encrypted so if it is captured it can't be used to decrypt old messages without further getting key material from the end user (possibly with a pipe wrench).
The biggest problem is that no matter what, the OTP ends up being some sort of physical medium that requires shipping to the end user. But really it's a scaled up version of the key distribution problem.
> An additional advantage of a system like this is the OTP can be encrypted so if it is captured it can't be used to decrypt old messages without further getting key material from the end user (possibly with a pipe wrench).
That problem has already been solved and the websites you visit today (should!) be working the same way:
Erasing the parts of the pad that have already been used, overwriting them with new hardware generated random numbers would seem to help out forward secrecy. Or am I missing something?
One time pads are difficult to use in Military settings because rarely is communication going on between just two participants. With the number of units needing to communicate some foolproof means for not using overlapping sequences of the one time pads between different parties is essential. Otherwise, a technique known as multiple anagramming can be used to reveal the plaintext.
Generating a secure paper and pencil one time pad is very easy on a computer and can be expected to be completely secure if used properly. Of course, distributing, coordinating, and updating the pads is a weakness of such a system.
In the electronic era, messages can still be encrypted with digital one-time pads and this was the case years ago when the secure “hot-line” between the Soviet Leadership and the US president used such a system to communicate. (The hot line wasn’t a phone but a teletype.) This was a perfect use case, a single pair of end points resulting in an unbreakable use of the digital one time pad.
One of the fun things about using the Army one time pads is that depending on how much leeway one had with the words in the message, you could adjust things to spell out stuff in the encrypted string.
Ships receiving key material for a deployment is how you get a John Walker spy ring situation. You are right that the military has some advantages regarding key distribution, but it’s still not a trivial task.
Fascinating to see the highest state of the art of pre-digital cryptography, right before it was rendered obsolete. Very evocative that volumes 4-6 were planned but never completed, presumably because the first crop of modern encryption schemes were already outdating theses volumes as they were being written.
I wish the NSA would declassify more records of what it managed to break in the pre-digital era, now that the methods are out of date and the people involved are mostly dead. It would be great for historians to see both what the agency was capable of in that period, and how its methods, together with its successes and failures, shaped history in the early Cold War.
23 comments
[ 5.8 ms ] story [ 66.8 ms ] threadHere's a toy one-time pad implementation I did (years ago) in C++. I just recently implemented it in Go too. These are pretty simple to write, but I wonder if I've made mistakes.
code: https://github.com/62726164/padder
blog: https://www.go350.com/posts/padder-a-one-time-pad-implementa...
That’s one advantage that a military crypto system has over a civilian one in that they already have well established physical identity and authentication. They can take advantage of that to deliver the one time pad. For example, before a ship goes on deployment, it can be loaded up with the one time pad. Similarly for a division being deployed.
After all, you don't want your cipher desk, OTP and all to be overrun by opfor just as you are encoding "we are being boarded!"
(Provided you intercepted those, that is.)
Such code books where a bit like dictionaries containing random alphanumeric sequences for each useful plaintext word. This was then subjected to an additional layer of encipherment. Such a code was generally beyond the ability of foes to break.
Many years past the battle of Midway, it was finally revealed that the US had broken the Japanese Navy code known as “Purple”, explaining the United States lucky outcome in that important battle. I believe it was through a combination of obtaining one of the code books and cryptanalysis.
One time pads are useful for espionage, and you can see examples of how they are used here[1]. They took advantage of how most espionage worked (and who knows, may still work!): different channels for sending and receiving. The numbers station read you a short message, and if you needed to send a message back you signaled your handler to meet in person at a prearranged place.
The same thing that makes OTPs suck on ships make them excellent for sending short messages to spies. You can't hide an Enigma in a walnut, after all!
[1]: https://www.cryptomuseum.com/crypto/otp/index.htm
The biggest problem is that no matter what, the OTP ends up being some sort of physical medium that requires shipping to the end user. But really it's a scaled up version of the key distribution problem.
That problem has already been solved and the websites you visit today (should!) be working the same way:
https://en.wikipedia.org/wiki/Forward_secrecy
> the key distribution problem
That is the hardest problem, especially in a system where you've got military units in unfriendly areas.
Generating a secure paper and pencil one time pad is very easy on a computer and can be expected to be completely secure if used properly. Of course, distributing, coordinating, and updating the pads is a weakness of such a system.
In the electronic era, messages can still be encrypted with digital one-time pads and this was the case years ago when the secure “hot-line” between the Soviet Leadership and the US president used such a system to communicate. (The hot line wasn’t a phone but a teletype.) This was a perfect use case, a single pair of end points resulting in an unbreakable use of the digital one time pad.
I wish the NSA would declassify more records of what it managed to break in the pre-digital era, now that the methods are out of date and the people involved are mostly dead. It would be great for historians to see both what the agency was capable of in that period, and how its methods, together with its successes and failures, shaped history in the early Cold War.