With Apologies to David Kahn

I love The Codebreakers so far, but there’s one point where David Kahn and I disagree. Here’s the quote in question:

Now cryptanalysis has a potential that cryptography does not. Cryptanalysis can alter the status quo. Cryptography can at best conserve it. Cryptanalysis can bring countries into war, engender naval battles and win them, compel besieged cities to yield, condemn queens to death and prove innocent the unjustly accused. Cryptanalysis hammers upon the real world. Cryptography does not.

I couldn’t disagree more. This may have been true in the age where cryptography was only used by governments and military, but cryptography is shaping the world around us right now in the hands of regular folks. It allows people to communicate in private, as they would in their own homes; offers a path to secure, and with the advent of cryptocurrency, anonymous, online payments; keeps our browsing history out of the hands of those who would use it against us; and in some cases, can even aid in peaceful revolution.

Cryptography protects our most sacred rights: our right to free speech, our right to assemble peaceably, and our right to privacy. As the companies most of us depend on for communication collect and disseminate our data to advertisers and governments, cryptography offers a way out. There’s a reason the NSA fought to keep public-key cryptography out of the hands of the general public — ostensibly, it would make their signal intelligence activities more difficult, but after the Snowden revelations I don’t buy that excuse for a second.

With any freedom comes the possibility that someone will use that freedom to do evil. If people have freedom of speech, they might say something reprehensible. If they have the right to assemble, they might riot. If they have the right to privacy, they might do heinous things behind closed doors. But like Benjamin Franklin said:

Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety.

Today I Learned, Part 2

Some of this I didn’t technically learn today, but here goes:

  • Bazeries was a bit stubborn, to put it politely. His last book was filled with contempt and vitriol, although on the plus side, Kahn said that made it among the most interesting reads in an otherwise dry field. Even so, he denied a perfectly valid breaking of his wheel cipher.
  • Speaking of wheel ciphers, I had no idea that Jefferson’s system was in use by the Army into the 20th century!
  • French cryptanalysis was leaps and bounds ahead of any other European country at that time, perhaps with the exception of Austria-Hungary.
  • The English, on the other hand, relied on pure dumb luck to decipher enemy messages during WWI. They happened to capture German code books — no cryptanalysis required.
  • The English were not exactly helpful towards the French, either. Insisting that the French share their cryptanalytic findings, the French replied with something to the effect of “one of our ships was torpedoed by the Germans not long ago — why didn’t you warn us?” The English replied with something like “well, it would be dangerous to our intelligence efforts if that information fell into the wrong hands”, to which the French said “would you feel the same if it were an English ship?” That pretty much killed the conversation about cooperation on intelligence operations.
  • England wasn’t totally incompetent, though: by the end of the war, they used what David Kahn called the best cipher of that era, “Cypher SA”.
  • This cipher included polyphones, or code groups that have multiple meanings. The method for deciphering the messages essentially uses the character from the last code group as part of the “key” to decipher the current code group, giving you the proper meaning while confounding cryptanalysis. It’s remarkably similar to cipher block chaining (CBC) mode in modern block ciphers, where the previous block “feeds” into the next, and if one gets scrambled, the remainder of the message is scrambled as well.
  • England wasn’t alone in their cryptographic floundering — Germany flat-out refused to use ciphers that weren’t Teutonic in origin, and their cryptanalysis division was nonexistent for most of the war.
  • England’s first offensive move of the war? Cutting Germany’s transatlantic cables!

I’ve been sick the past week, and haven’t devoted any time to the Cryptopals challenges, but I have a goal of at least looking at the current problem at least once a day. This, combined with reading Codebreakers, will make up my daily routine (after work, that is). As for blogging, I’ll write at least one post per week. Any less and I’ll lose steam — any more and the quality is likely to suffer, unless I have something I absolutely have to write about. With that, I’m signing off. More to come!

Today I Learned

I was reading The Codebreakers by David Kahn, and today I learned:

  • Étienne Bazeries was among the most badass cryptologists who ever lived (at least, as far as I’ve read). Noted as “the great pragmatist of cryptology” by David Kahn (a tremendous understatement), he tore through ciphers like tissue paper. I cannot understate how deftly this man manipulated ciphers and unlocked their secrets.
  • Sometimes this had hilarious results: someone sent a message to a duke in France, with many errors in its encipherment, yet Bazeries was able to solve it. The duke’s frustrated, contemptuous one-word response: “Merde.”
  • On a related note: I will never design my own cipher. Repeat after me: I will never design my own cipher. Write this on a chalkboard 50 times if you have to. Just don’t do it.
  • If you don’t trust me on the last point, consider this: Bazeries was able to solve the ciphers used by the French military, which at that point, was the largest military in Europe. If he could solve their ciphers, a modern cryptanalyst will be able to crack yours. Granted, they were wimpy ciphers compared to the systems Bazeries suggested, but still.
  • I didn’t technically learn this today, but: the Vigenère cipher was not created by Blaise de Vigenère himself, and was misattributed to him. It was actually invented by Giovan Battista Bellaso. However, Vigenère did create an even more powerful “autokey” cipher.

Over the past few week or so, as I’ve read Codebreakers, I’ve gained an immense respect for French cryptography in general. The “black chambers” were a fertile source of cryptanalysis, for one. On top of that, some of the greatest books on cryptography have come from the French. Most of all, France produced the great Étienne Bazeries, one of my new heroes.

More to come, folks…

Shadowplay

Secret communication has recently come into vogue, with apps like WhatsApp and Signal (I’d highly recommend the latter, by the way). However, this is best for person-to-person communication. What if someone wants to communicate en masse? What if someone wants to publish something anonymously, or pseudonymously?

Current offerings are piss-poor. Sure, you can register on a site under a pseudonym and start posting, sometimes even posting anonymously, but what security does this offer you? The answer is none. Your ISP can rat you out. Your unencrypted traffic can be sniffed. You could fall prey to a man-in-the-middle attack. And that’s just off the top of my head. I know, I know, VPNs and HTTPS will solve these problems, for the most part, but how many people do you know who are well-versed in these technologies and understand their use? Are these people technically inclined?

Pseudonyms are possible with public-key cryptography, but the reality is far off from the dream. Generating a key pair alone requires mastery of the command line, something that’s esoteric to others at best, and intractable at worst. Then you have to convince your friends and colleagues to use the public-key system, a losing battle from the start. Modern crypto implementations are like a sheer cliff, and using crypto as it exists today is like trying to climb that cliff.

So what is the answer? How can we assure anonymous or pseudonymous communications?

The answer seems to lie in the dining cryptographers protocol. With this protocol, you can anonymously publish a message. However, that doesn’t solve the problem of pseudonymous communication, which is far preferable for people like journalists who want to build a following, yet in some cases, fear for their lives.

How can we ensure a pseudonym is secure? How can we allow for pseudonymous publication without fear of being exposed?

I don’t quite have an answer yet — I’ve been pondering this problem for months now, years if you count my high school days. I don’t believe there’s an easy answer, but in future posts, I’ll attempt to explore solutions.

Dark Entries

Hey there! My name’s Austin Pocus, and I’ve been studying cryptography on and off for the past 10 years. In this first post, I’d like to lay out what this blog will be (or not).

This blog is going to be about crypto, but usually not cryptocurrencies. I have no interest in speculating on which currencies are going “to the moon”, although I am interested in the blockchain as a technology, and anonymous payments in general. Unless I have a specific application in mind, you won’t find too much talk about cryptocurrencies here.

That said, this blog will be about traditional cryptography, the study and implementation of secret communication systems. It will also be about security: how to design secure systems (or not), how to break flawed systems, and trying to measure just how fucked we are in our current state of affairs. Bruce Schneier is a constant source of inspiration, and I highly recommend his blog.

More specifically, this blog will cover my adventures in learning more about cryptography, as I work my way through the Cryptopals challenges, and try to design a cryptosystem of my own (more on that in future posts).

What do you want to read about here? Tell me in the comments!