|
 |
In the 1940s, the German high command began sending teleprinter
communications by radio (rather than by cable). Unlike the Morse code
transmissions which were famously encrypted using the Enigma machine,
these teleprinter communications were encrypted using the lesser-known
Lorenz machine.
Unlike Enigma, the British had no idea how Lorenz worked.
Enigma is a poly-alphabetic substitution cipher. It uses 3 (or sometimes
4) rotating wheels, each of which scramble the message in a slightly
different way depending on their orientation. On its own, that would be
laughably trivial to break. But each time a key is pressed, the wheels
*move*, meaning that no two letters are ever encrypted the same way.
This makes the cryptanalysis problem *drastically* harder.
Lorenz also uses rotating wheels. 12 of them. But unlike Enigma, Lorenz
is a stream cipher. The machine generates a psuedo-random bit stream and
then XORs it with the message. The machine at the other end generates
the exact same bit stream and XORs the ciphertext with it, yielding the
original plaintext.
On the 30th day of August, 1941, some idiot did the thing that you must
never, ever do with a stream cipher: He used the same encryption key
twice for two different messages. Two very large messages, in fact. (The
first was 4,500 characters, the second was nearly identical but heavily
abbreviated, coming in at 4,000 characters.)
Directly as a result of this, the brilliant cryptographers just down the
road from my house were able to figure out exactly how Lorenz works.
They subsequently managed to decrypt almost every single Lorenz message
ever transmitted, usually within a matter of hours of intercept.
Almost exactly 59 years later, in September 1999, IEEE 802.11 was
standardised. This document includes the infamous "Wired Equivilent
Privacy" protocol, fundamentally based around the RC4 cipher.
Like Lorenz, RC4 is a stream cipher. And like any such cipher, you
absolutely *must not* use the same key twice. Unfortunately, the WEP
protocol causes keys to be reused alarmingly frequently. Since RC4 is
also vulnerable to related-key attacks, and WEP encrypts every single
packet with related keys, the resulting system is hopelessly insecure.
Common open-source software and an ordinary WiFi card are all that is
required to crack *any* WEP link within less than 60 seconds.
This weakness lead directly to the widely-publicised T. J. Maxx computer
break-in.
In summary: Reusing a stream cipher key probably cost Germany victory in
WW2. Reusing stream cipher keys in WEP cost T. J. Maxx a crapload of
money. Those who do not study history are doomed to repeat it...
Post a reply to this message
|
|
null> wrote: