[147512] in cryptography@c2.net mail archive
Re: [Cryptography] check-summed keys in secret ciphers?
daemon@ATHENA.MIT.EDU (Phillip Hallam-Baker)
Sat Oct 5 10:44:22 2013
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <524A0CEE.6000507@arx.li>
Date: Fri, 4 Oct 2013 13:36:47 -0400
From: Phillip Hallam-Baker <hallam@gmail.com>
To: arxlight <arxlight@arx.li>
Cc: Jerry Leichter <leichter@lrw.com>,
"cryptography@metzdowd.com" <cryptography@metzdowd.com>,
ianG <iang@iang.org>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============3421151572640635536==
Content-Type: multipart/alternative; boundary=001a11c3fba22ff28104e7edbff2
--001a11c3fba22ff28104e7edbff2
Content-Type: text/plain; charset=ISO-8859-1
On Mon, Sep 30, 2013 at 7:44 PM, arxlight <arxlight@arx.li> wrote:
>
>
> Just to close the circle on this:
>
> The Iranians used hundreds of carpet weavers (mostly women) to
> reconstruct a good portion of the shredded documents which they
> published (and I think continue to publish) eventually reaching 77
> volumes of printed material in a series wonderfully named "Documents
> from the U.S. Espionage Den."
>
> They did a remarkably good job, considering:
>
> http://upload.wikimedia.org/wikipedia/commons/6/68/Espionage_den03_14.png
There is a back story to that. One of the reasons that Ayatolah Kohmenhi
knew about the CIA and embassy involvement in the 53 coup was that he was
one of the hired thugs who raised the demonstrations that toppled Mossadegh.
So the invasion of the embassy was in part motivated by a desire to burn
any evidence of that perfidy on the regimes part. It was also used to
obtain and likely forge evidence against opponents inside the regime. The
files were used as a pretext for the murder of many of the leftists who
were more moderate and western in their outlook.
On the cipher checksum operation, the construction that would immediately
occur to me would be the following:
k1 = R(s)
kv = k1 + E(k1, kd) // the visible key sent over the wire, kd is a
device key
This approach allows the device to verify that the key is intended for that
device. A captured device cannot be used to decrypt arbitrary traffic even
if the visible key is known. The attacker has to reverse engineer the
device to make use of it, a task that is likely to take months if not
years.
NATO likely does an audit of every cryptographic device every few months
and destroys the entire set if a single one ever goes missing.
--
Website: http://hallambaker.com/
--001a11c3fba22ff28104e7edbff2
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><br><div class=3D"gmail_extra"><br><br><div class=3D"gmail=
_quote">On Mon, Sep 30, 2013 at 7:44 PM, arxlight <span dir=3D"ltr"><<a =
href=3D"mailto:arxlight@arx.li" target=3D"_blank">arxlight@arx.li</a>></=
span> wrote:<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;bo=
rder-left:1px #ccc solid;padding-left:1ex">
<div class=3D"im">
<br>
</div>Just to close the circle on this:<br>
<br>
The Iranians used hundreds of carpet weavers (mostly women) to<br>
reconstruct a good portion of the shredded documents which they<br>
published (and I think continue to publish) eventually reaching 77<br>
volumes of printed material in a series wonderfully named "Documents<b=
r>
from the U.S. Espionage Den."<br>
<br>
They did a remarkably good job, considering:<br>
<br>
<a href=3D"http://upload.wikimedia.org/wikipedia/commons/6/68/Espionage_den=
03_14.png" target=3D"_blank">http://upload.wikimedia.org/wikipedia/commons/=
6/68/Espionage_den03_14.png</a></blockquote><div><br></div><div>There is a =
back story to that. One of the reasons that Ayatolah Kohmenhi knew about th=
e CIA and embassy involvement in the 53 coup was that he was one of the hir=
ed thugs who raised the demonstrations that toppled Mossadegh.</div>
<div><br></div><div>So the invasion of the embassy was in part motivated by=
a desire to burn any evidence of that perfidy on the regimes part. It was =
also used to obtain and likely forge evidence against opponents inside the =
regime. The files were used as a pretext for the murder of many of the left=
ists who were more moderate and western in their outlook.=A0</div>
<div><br></div><div><br></div><div>On the cipher checksum operation, the co=
nstruction that would immediately occur to me would be the following:</div>=
<div><br></div><div>k1 =3D R(s)</div><div><br></div><div>kv =3D k1 + E(k1, =
kd) =A0 =A0// the visible key sent over the wire, kd is a device key</div>
<div><br></div><div>This approach allows the device to verify that the key =
is intended for that device. A captured device cannot be used to decrypt ar=
bitrary traffic even if the visible key is known. The attacker has to rever=
se engineer the device to make use of it, a task that is likely to take mon=
ths if not years.=A0<br>
</div><div><br></div><div>NATO likely does an audit of every cryptographic =
device every few months and destroys the entire set if a single one ever go=
es missing.</div></div><div><br></div>-- <br>Website: <a href=3D"http://hal=
lambaker.com/">http://hallambaker.com/</a><br>
</div></div>
--001a11c3fba22ff28104e7edbff2--
--===============3421151572640635536==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============3421151572640635536==--
