DOCSLIB.ORG

The SIGABA / ECM II Cipher Machine : “A Beautiful Idea”

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Center for Cryptologic History The SIGABA / ECM II Cipher Machine : “A Beautiful Idea” This publication presents a historical perspective for informational and educational purposes, is the result of independent research, and does not necessarily reflect a position of NSA/CSS or any other U.S. government entity. This publication is distributed free by the National Security Agency. If you would like additional copies, please e-mail [email protected] or write to: Center for Cryptologic History National Security Agency 9800 Savage Road, Suite 6886 Fort George G. Meade, MD 20755 Timothy Mucklow was a senior historian on the staff of the Center for Cryptologic History fol- lowing a long career in information assurance at NSA and with the Air Force. After a decade in aca- demia, he served as a military historian at the wing, division, and major command levels and produced a series of monographs and articles on such topics as information assurance, telecommunications and computers, and national defense issues, and has offered IA seminars at military facilities around the world. He received his Ph.D. in 1982. He retired from the CCH in 2013. Acknowledgments. The Center for Cryptologic History is grateful to Dr. Craig Bauer, professor of mathematics at York College of Pennsylvania and editor-in-chief of the journal Cryptologia, for his assistance with this project, and to LeeAnn Tallman for earlier research. The SIGABA / ECM II Cipher Machine: “A Beautiful Idea” Timothy J. Mucklow National Security Agency Center for Cryptologic History 2015 Contents Introduction ....................................................................................... 1 And Hebern Saw the Wheel .................................................................... 2 Deus ex Machine ................................................................................. 5 Rowlett’s Epiphany .............................................................................. 7 Iacta Alea Est. [The Die Is Cast.] ........................................................... 10 Enter the Navy ..................................................................................12 A Disagreeable but Rewarding Surprise ....................................................14 SIGABA Is Built ...................................................................................16 An Impenetrable Machine .....................................................................22 The Big Machine That Did .....................................................................25 Appendix A: Technical Analysis of SIGABA’s Key Space ..................................29 Appendix B: The Mechanics of SIGABA ......................................................32 Notes ..............................................................................................38 Selected Bibliography ..........................................................................42 SIGABA / ECM II Cipher Machine Introduction During World War I, both the Americans and the the “design of the system should not require secrecy, Europeans had used manual code and cipher systems and compromise of the system should not inconve- to secure their critical information. With the advent nience the correspondents.”1 His argument was that of the machine age, however, it was only a matter of neither the elements of an encryption algorithm nor time before cryptography became mechanized. Two the workings of an encryption machine should con- decades later, as the world embroiled itself in another stitute the basis of a cipher’s security. Instead, an eas- major conflict, the use of cipher machines became ily changeable key should be the critical component. commonplace, and the old craft of cryptology at long In the 1930s, the U.S. Army cryptologist Wil- last became mathematically based. With the dawn of liam Friedman and his assistant Frank Rowlett drew this new cryptologic age, a worldwide scramble for on this simple precept to conceive a cipher machine even stronger encryption began. that was easy to use, simple to rekey, and ostensibly Well before the First World War, much work had impossible to break. Then, in a fit of collaboration been done to formalize the cryptographic discipline. with the Navy, as unprecedented as it was peculiar, One of those who made a major contribution to the two services went on to perfect and jointly field this process was the 19th-century polyglot Auguste their device. To the Army it was known as SIGABA, Kerckhoffs, who, besides teaching languages, dabbled to the Navy, ECM (Electric Cipher Machine) II. in cryptography. In 1883 he penned a two-essay series, (The technical aspects of SIGABA’s operation can La Cryptographie Militaire, for the Journal des Sciences be found in Appendixes A and B.) Not only was Militaire, which earned him a niche in cryptographic SIGABA the most secure cipher machine of World history. Kerckhoffs in his writings had articulated six War II, but it went on to provide yeoman service for basic principles of cryptography, but he is most com- decades thereafter. The story of its development is monly remembered for his second, which states that improbable. Its impact was incalculable. 1 1 And Hebern Saw the Wheel Mr. Edward Hebern of Madera, California, is posed, but using a set of cipher wheels whose generally credited with inventing the first American wiring was to be unknown to Friedman … electromechanical rotor cipher machine.2 Accord- Friedman was successful in his attack on the ing to lore, he came up with the idea around 1912 system.4 while serving a term in the state penitentiary for With little effort, Friedman was able to decipher horse thievery. If there were any connection between every Hebern-enciphered message sent his way. To breaking rocks and his cryptographic epiphany, do this, Friedman, who had already married crypt- Hebern never offered one. By the end of 1915 he analysis and mathematics, used a statistical approach had built a working model, filed a patent, and was along with a “divide-and-conquer” strategy to break knocking on the doors of potential buyers.3 It was the Hebern machine. As Friedman saw it, there were not long before the U.S. Navy began showing inter- only two unknowns, the cipher wheel (with twenty- est in Hebern’s device, and in the years that followed six characters) and the rest of the machine. Since the the Navy would buy and test a number of his suc- cipher wheel stepped regularly and predictably, the cessive machines. As something of a historical twist, rest of the machine could be considered a constant. one of Hebern’s early employees, Agnes (Meyer) It was then a simple matter of sequentially analyzing Driscoll, went on to become a luminary of American the individual components. cryptology in her own right. Friedman realized from experience that the regu- Half a century after Hebern set out to peddle lar advancement of the Hebern cipher rotors, like all his original device, the Army cryptologist Frank machines of that era, posed an intrinsic cryptologic Rowlett acknowledged in his memoirs that the vulnerability that was mathematically exploitable. He Hebern cipher machine was an important inven- conjectured that to make a cryptographically sound tion in pre-World War II American cryptography. machine, one would need a countermeasure to address Rowlett, nevertheless, went on to add, predictable rotor movements. But just how such pseu- Navy cryptographers asked [William] dorandom movement could be achieved consumed Friedman for his assessment of the security Friedman’s thoughts for years. Friedman’s solution, it afforded … [T]he Navy [supplied] a set when it finally came to him around 1926, was concep- of messages prepared exactly in accordance tually simple and the technology proven.5 It occurred to with the procedures which they had pro- him that paper tape similar to that used by telegraphers 2 And Hebern Saw the Wheel Edward Hebern and his electromechanical rotor cipher machine (courtesy of Ralph Simpson, CipherMachines.com) could also be used to dictate the move- ments of the cipher wheels. Friedman reasoned that it would be relatively easy to generate long sequences of random five- unit keys and that the tape itself was eas- ily replaceable and relatively inexpensive. Holes punched in a tape would permit feeler contacts to turn an electrical cur- rent on or off, causing a cipher machine’s rotors to step. Thus, with each key stroke, randomly placed holes in a five-group tape would produce an apparent random step- ping for one or more of the cipher rotors. The cipher text is printed on a small tape. The decryption process simply works in reverse. Key tape could be manufactured in secure facilities, distributed to the appropriate recipients, and inserted into the machine according to rigidly imposed, William Friedman with AT&T printing telegraph, 1920 (courtesy 6 pre-established schedules. of the George C. Marshall Foundation, Lexington, Virginia) 3 SIGABA / ECM II Cipher Machine The crypto rotor wheels William Friedman envisioned for his device were flattened cylinders with an alphabet around the circumference. One face of the cylinder had twenty-six spring-loaded copper pins protruding from it; the other face had twenty-six flush copper contacts. Inside each cylinder was a wire maze connecting the electrical contacts on one side to the pins on the other. Thus, an electrical impulse beginning with, say, the letter A on one side might connect to H on the other side and so on around the wheel in random fashion. Several cylinders serially juxtaposed
Recommended publications
  • CODEBREAKING Suggested Reading List (Can Also Be Viewed Online at Good Reads)

    CODEBREAKING Suggested Reading List (Can Also Be Viewed Online at Good Reads)

    MARSHALL LEGACY SERIES: CODEBREAKING Suggested Reading List (Can also be viewed online at Good Reads) NON-FICTION • Aldrich, Richard. Intelligence and the War against Japan. Cambridge: Cambridge University Press, 2000. • Allen, Robert. The Cryptogram Challenge: Over 150 Codes to Crack and Ciphers to Break. Philadelphia: Running Press, 2005 • Briggs, Asa. Secret Days Code-breaking in Bletchley Park. Barnsley: Frontline Books, 2011 • Budiansky, Stephen. Battle of Wits: The Complete Story of Codebreaking in World War Two. New York: Free Press, 2000. • Churchhouse, Robert. Codes and Ciphers: Julius Caesar, the Enigma, and the Internet. Cambridge: Cambridge University Press, 2001. • Clark, Ronald W. The Man Who Broke Purple. London: Weidenfeld and Nicholson, 1977. • Drea, Edward J. MacArthur's Ultra: Codebreaking and the War Against Japan, 1942-1945. Kansas: University of Kansas Press, 1992. • Fisher-Alaniz, Karen. Breaking the Code: A Father's Secret, a Daughter's Journey, and the Question That Changed Everything. Naperville, IL: Sourcebooks, 2011. • Friedman, William and Elizebeth Friedman. The Shakespearian Ciphers Examined. Cambridge: Cambridge University Press, 1957. • Gannon, James. Stealing Secrets, Telling Lies: How Spies and Codebreakers Helped Shape the Twentieth century. Washington, D.C.: Potomac Books, 2001. • Garrett, Paul. Making, Breaking Codes: Introduction to Cryptology. London: Pearson, 2000. • Hinsley, F. H. and Alan Stripp. Codebreakers: the inside story of Bletchley Park. Oxford: Oxford University Press, 1993. • Hodges, Andrew. Alan Turing: The Enigma. New York: Walker and Company, 2000. • Kahn, David. Seizing The Enigma: The Race to Break the German U-boat Codes, 1939-1943. New York: Barnes and Noble Books, 2001. • Kahn, David. The Codebreakers: The Comprehensive History of Secret Communication from Ancient Times to the Internet.
  • “Why So Serious?” Comics, Film and Politics, Or the Comic Book Film As the Answer to the Question of Identity and Narrative in a Post-9/11 World

    “Why So Serious?” Comics, Film and Politics, Or the Comic Book Film As the Answer to the Question of Identity and Narrative in a Post-9/11 World

    ABSTRACT “WHY SO SERIOUS?” COMICS, FILM AND POLITICS, OR THE COMIC BOOK FILM AS THE ANSWER TO THE QUESTION OF IDENTITY AND NARRATIVE IN A POST-9/11 WORLD by Kyle Andrew Moody This thesis analyzes a trend in a subgenre of motion pictures that are designed to not only entertain, but also provide a message for the modern world after the terrorist attacks of September 11, 2001. The analysis provides a critical look at three different films as artifacts of post-9/11 culture, showing how the integration of certain elements made them allegorical works regarding the status of the United States in the aftermath of the attacks. Jean Baudrillard‟s postmodern theory of simulation and simulacra was utilized to provide a context for the films that tap into themes reflecting post-9/11 reality. The results were analyzed by critically examining the source material, with a cultural criticism emerging regarding the progression of this subgenre of motion pictures as meaningful work. “WHY SO SERIOUS?” COMICS, FILM AND POLITICS, OR THE COMIC BOOK FILM AS THE ANSWER TO THE QUESTION OF IDENTITY AND NARRATIVE IN A POST-9/11 WORLD A Thesis Submitted to the Faculty of Miami University in partial fulfillment of the requirements for the degree of Master of Arts Department of Communications Mass Communications Area by Kyle Andrew Moody Miami University Oxford, Ohio 2009 Advisor ___________________ Dr. Bruce Drushel Reader ___________________ Dr. Ronald Scott Reader ___________________ Dr. David Sholle TABLE OF CONTENTS ACKNOWLEDGMENTS .......................................................................................................................... III CHAPTER ONE: COMIC BOOK MOVIES AND THE REAL WORLD ............................................. 1 PURPOSE OF STUDY ...................................................................................................................................
  • Historical Ciphers • A

    Historical Ciphers • A

    ECE 646 - Lecture 6 Required Reading • W. Stallings, Cryptography and Network Security, Chapter 2, Classical Encryption Techniques Historical Ciphers • A. Menezes et al., Handbook of Applied Cryptography, Chapter 7.3 Classical ciphers and historical development Why (not) to study historical ciphers? Secret Writing AGAINST FOR Steganography Cryptography (hidden messages) (encrypted messages) Not similar to Basic components became modern ciphers a part of modern ciphers Under special circumstances modern ciphers can be Substitution Transposition Long abandoned Ciphers reduced to historical ciphers Transformations (change the order Influence on world events of letters) Codes Substitution The only ciphers you Ciphers can break! (replace words) (replace letters) Selected world events affected by cryptology Mary, Queen of Scots 1586 - trial of Mary Queen of Scots - substitution cipher • Scottish Queen, a cousin of Elisabeth I of England • Forced to flee Scotland by uprising against 1917 - Zimmermann telegram, America enters World War I her and her husband • Treated as a candidate to the throne of England by many British Catholics unhappy about 1939-1945 Battle of England, Battle of Atlantic, D-day - a reign of Elisabeth I, a Protestant ENIGMA machine cipher • Imprisoned by Elisabeth for 19 years • Involved in several plots to assassinate Elisabeth 1944 – world’s first computer, Colossus - • Put on trial for treason by a court of about German Lorenz machine cipher 40 noblemen, including Catholics, after being implicated in the Babington Plot by her own 1950s – operation Venona – breaking ciphers of soviet spies letters sent from prison to her co-conspirators stealing secrets of the U.S. atomic bomb in the encrypted form – one-time pad 1 Mary, Queen of Scots – cont.
  • The Mathemathics of Secrets.Pdf

    The Mathemathics of Secrets.Pdf

    THE MATHEMATICS OF SECRETS THE MATHEMATICS OF SECRETS CRYPTOGRAPHY FROM CAESAR CIPHERS TO DIGITAL ENCRYPTION JOSHUA HOLDEN PRINCETON UNIVERSITY PRESS PRINCETON AND OXFORD Copyright c 2017 by Princeton University Press Published by Princeton University Press, 41 William Street, Princeton, New Jersey 08540 In the United Kingdom: Princeton University Press, 6 Oxford Street, Woodstock, Oxfordshire OX20 1TR press.princeton.edu Jacket image courtesy of Shutterstock; design by Lorraine Betz Doneker All Rights Reserved Library of Congress Cataloging-in-Publication Data Names: Holden, Joshua, 1970– author. Title: The mathematics of secrets : cryptography from Caesar ciphers to digital encryption / Joshua Holden. Description: Princeton : Princeton University Press, [2017] | Includes bibliographical references and index. Identifiers: LCCN 2016014840 | ISBN 9780691141756 (hardcover : alk. paper) Subjects: LCSH: Cryptography—Mathematics. | Ciphers. | Computer security. Classification: LCC Z103 .H664 2017 | DDC 005.8/2—dc23 LC record available at https://lccn.loc.gov/2016014840 British Library Cataloging-in-Publication Data is available This book has been composed in Linux Libertine Printed on acid-free paper. ∞ Printed in the United States of America 13579108642 To Lana and Richard for their love and support CONTENTS Preface xi Acknowledgments xiii Introduction to Ciphers and Substitution 1 1.1 Alice and Bob and Carl and Julius: Terminology and Caesar Cipher 1 1.2 The Key to the Matter: Generalizing the Caesar Cipher 4 1.3 Multiplicative Ciphers 6
  • Passwords, Hashes, and Cracks, Oh My! How Mac OS X Implements Password Authentication Dave Dribin “Why Should I Care?”

    Passwords, Hashes, and Cracks, Oh My! How Mac OS X Implements Password Authentication Dave Dribin “Why Should I Care?”

    Passwords, Hashes, and Cracks, Oh My! How Mac OS X Implements Password Authentication Dave Dribin “Why Should I Care?” • Application Developer • System Administrator • End User Authentication • Authentication is the process of attempting to verify a user’s identity • Passwords authenticate using a “shared secret” History • Mac OS X based on NeXTSTEP • NeXTSTEP Unix on top of Mach • Unix developed by AT&T Bell Labs on DEC PDP-11 • Unix based on mainframe time-sharing systems UNIX Time-Sharing System Version 1 • Released in 1971 • First release of Unix as we know it • Plaintext passwords Plaintext Problems “Perhaps the most memorable [example] occurred in the early 60’s when a system administrator on the CTSS system at MIT was editing the password file and another system administrator was editing the daily message that is printed on everyone’s terminal on login. Due to a software design error, the temporary editor files of the two users were interchanged and thus, for a time, the password file was printed on every terminal when it was logged in.” -- Robert Morris and Ken Thompson, April 3,1978 Unix Versions 3, 4, 5, 6 • Released 1973 through 1975 • Encrypted Password • Password file is readable by all NAME passwd -- password file DESCRIPTION passwd contains for each user the following in- formation: name (login name, contains no upper case) encrypted password numerical user ID GCOS job number and box number initial working directory program to use as Shell This is an ASCII file. Each field within each user's entry is separated from the next by a colon.
  • An Archeology of Cryptography: Rewriting Plaintext, Encryption, and Ciphertext

    An Archeology of Cryptography: Rewriting Plaintext, Encryption, and Ciphertext

    An Archeology of Cryptography: Rewriting Plaintext, Encryption, and Ciphertext By Isaac Quinn DuPont A thesis submitted in conformity with the requirements for the degree of Doctor of Philosophy Faculty of Information University of Toronto © Copyright by Isaac Quinn DuPont 2017 ii An Archeology of Cryptography: Rewriting Plaintext, Encryption, and Ciphertext Isaac Quinn DuPont Doctor of Philosophy Faculty of Information University of Toronto 2017 Abstract Tis dissertation is an archeological study of cryptography. It questions the validity of thinking about cryptography in familiar, instrumentalist terms, and instead reveals the ways that cryptography can been understood as writing, media, and computation. In this dissertation, I ofer a critique of the prevailing views of cryptography by tracing a number of long overlooked themes in its history, including the development of artifcial languages, machine translation, media, code, notation, silence, and order. Using an archeological method, I detail historical conditions of possibility and the technical a priori of cryptography. Te conditions of possibility are explored in three parts, where I rhetorically rewrite the conventional terms of art, namely, plaintext, encryption, and ciphertext. I argue that plaintext has historically been understood as kind of inscription or form of writing, and has been associated with the development of artifcial languages, and used to analyze and investigate the natural world. I argue that the technical a priori of plaintext, encryption, and ciphertext is constitutive of the syntactic iii and semantic properties detailed in Nelson Goodman’s theory of notation, as described in his Languages of Art. I argue that encryption (and its reverse, decryption) are deterministic modes of transcription, which have historically been thought of as the medium between plaintext and ciphertext.
  • Polish Mathematicians Finding Patterns in Enigma Messages

    Polish Mathematicians Finding Patterns in Enigma Messages

    Fall 2006 Chris Christensen MAT/CSC 483 Machine Ciphers Polyalphabetic ciphers are good ways to destroy the usefulness of frequency analysis. Implementation can be a problem, however. The key to a polyalphabetic cipher specifies the order of the ciphers that will be used during encryption. Ideally there would be as many ciphers as there are letters in the plaintext message and the ordering of the ciphers would be random – an one-time pad. More commonly, some rotation among a small number of ciphers is prescribed. But, rotating among a small number of ciphers leads to a period, which a cryptanalyst can exploit. Rotating among a “large” number of ciphers might work, but that is hard to do by hand – there is a high probability of encryption errors. Maybe, a machine. During World War II, all the Allied and Axis countries used machine ciphers. The United States had SIGABA, Britain had TypeX, Japan had “Purple,” and Germany (and Italy) had Enigma. SIGABA http://en.wikipedia.org/wiki/SIGABA 1 A TypeX machine at Bletchley Park. 2 From the 1920s until the 1970s, cryptology was dominated by machine ciphers. What the machine ciphers typically did was provide a mechanical way to rotate among a large number of ciphers. The rotation was not random, but the large number of ciphers that were available could prevent depth from occurring within messages and (if the machines were used properly) among messages. We will examine Enigma, which was broken by Polish mathematicians in the 1930s and by the British during World War II. The Japanese Purple machine, which was used to transmit diplomatic messages, was broken by William Friedman’s cryptanalysts.
  • Taschenchiffriergerat CD-57 Seite 1

    Taschenchiffriergerat CD-57 Seite 1

    s Taschenchiffriergerat CD-57 Seite 1 Ubung zu Angewandter Systemtheorie Kryptog raph ie SS 1997 - Ubungsleiter^ Dr. Josef Scharinger Taschenchiffriergerat CD-57 Michael Topf, Matr.Nr. 9155665, Kennz. 880 <?- Cm Johannes Kepler Universitat Linz Institut fur Systemwissenschaften Abteilung fur Systemtheorie und Informationstechnik Michael Topf Ubung zu Angewandter Systemtheorie: Kryptographic Seite 2 Taschenchiffriergerat CD-57 I n ha I ts verzei c h n i s I n h a l t s v e r z e i c h n i s 2 Einleitung 3 B o r i s H a g e l i n 3 Die Hagelin M-209 Rotormaschine 3 Das Taschenchiffriergerat CD-57 4 Die Crypto AG 5 Funktionsweise 6 Kryptographisches Prinzip 6 Mechanische Realisierung 7 Black-Box-Betrachtung 7 S c h i e b e r e g i s t e r 8 Ausgangsgewichtung und Summierung. 8 Daten 9 Anfangszustand der Schieberegister (Stiftposition) 9 Gewichtung der Schieberegister-Ausgange (Position der Anschlage) 9 Softwaremodell \\ Quelltext «CD-57.C » \\ Beispiel 12 Schliisseleinstellungen « Schluessel.txt » 12 Primartext « Klartext.txt » 13 Programmaufruf 13 Sekundartext « Geheimtext.txt » 13 Abbildungsverzeichnis 14 Tabellenverzeichnis 14 Quellenverzeichnis , 14 Ubung zu Angewandter Systemtheorie: Kryptographie Michael Topf Taschenchiffriergerat CD-57 Seite 3 Ei nleitu ng Der geistige Vater des betrachtelen Chiffriergerats sowie einer Reihe verwandter Gerate ist der Schwede Boris Hagelin. Daher sollen einleitend er, die Familie der Rotor-Kryptographierer sowie die von ihm gegriindete Schweizer Firma Crypto AG, vorgestellt werden. B o r i s H a g e l i n Boris Hagelin war ein Visionar, der bereits zu seiner Zeit die Probleme der Informationstechnologie erkannte.
  • The the Enigma Enigma Machinemachine

    The the Enigma Enigma Machinemachine

    TheThe EnigmaEnigma MachineMachine History of Computing December 6, 2006 Mike Koss Invention of Enigma ! Invented by Arthur Scherbius, 1918 ! Adopted by German Navy, 1926 ! Modified military version, 1930 ! Two Additional rotors added, 1938 How Enigma Works Scrambling Letters ! Each letter on the keyboard is connected to a lamp letter that depends on the wiring and position of the rotors in the machine. ! Right rotor turns before each letter. How to Use an Enigma ! Daily Setup – Secret settings distributed in code books. ! Encoding/Decoding a Message Setup: Select (3) Rotors ! We’ll use I-II-III Setup: Rotor Ring Settings ! We’ll use A-A-A (or 1-1-1). Rotor Construction Setup: Plugboard Settings ! We won’t use any for our example (6 to 10 plugs were typical). Setup: Initial Rotor Position ! We’ll use “M-I-T” (or 13-9-20). Encoding: Pick a “Message Key” ! Select a 3-letter key (or indicator) “at random” (left to the operator) for this message only. ! Say, I choose “M-C-K” (or 13-3-11 if wheels are printed with numbers rather than letters). Encoding: Transmit the Indicator ! Germans would transmit the indicator by encoding it using the initial (daily) rotor position…and they sent it TWICE to make sure it was received properly. ! E.g., I would begin my message with “MCK MCK”. ! Encoded with the daily setting, this becomes: “NWD SHE”. Encoding: Reset Rotors ! Now set our rotors do our chosen message key “M-C-K” (13-3-11). ! Type body of message: “ENIGMA REVEALED” encodes to “QMJIDO MZWZJFJR”.
  • CMSC 426/626 - Computer Security Fall 2014

    CMSC 426/626 - Computer Security Fall 2014

    Authentication and Passwords CMSC 426/626 - Computer Security Fall 2014 Outline • Types of authentication • Vulnerabilities of password authentication • Linux password authentication • Windows Password authentication • Cracking techniques Goals of Authentication • Identification - provide a claimed identity to the system. • Verification - establish validity of the provided identity. We’re not talking about message authentication, e.g. the use of digital signatures. Means of Authentication • Something you know, e.g. password • Something you have, e.g. USB dongle or Common Access Card (CAC) • Something you are, e.g. fingerprint • Something you do, e.g. hand writing Password-Based Authentication • User provides identity and password; system verifies that the password is correct for the given identity. • Identity determines access and privileges. • Identity can be used for Discretionary Access Control, e.g. to give another user access to a file. Password Hashing Password • System stores hash of the user password, not the plain text password. Hash Algorithm • Commonly used technique, e.g. UNIX password hashing. Password Hash Password Vulnerabilities Assume the authentication system stores hashed passwords. There are eight attack strategies. • Off-line Dictionary Attack - get hold of the password file, test a collection (dictionary) of possible passwords. ‣ Most systems protect the password file, but attackers sometimes get hold of one. • Specific Account Attack - given a specific user account, try popular passwords. ‣ Most systems use lockout mechanisms to make these attacks difficult. • Popular Password Attack - given a popular password, try it on multiple accounts. ‣ Harder to defend against - have to look for patterns in failed access attempts. • Targeted Password Guessing - use what you know about a user to intelligently guess their password.
  • The First Americans the 1941 US Codebreaking Mission to Bletchley Park

    The First Americans the 1941 US Codebreaking Mission to Bletchley Park

    United States Cryptologic History The First Americans The 1941 US Codebreaking Mission to Bletchley Park Special series | Volume 12 | 2016 Center for Cryptologic History David J. Sherman is Associate Director for Policy and Records at the National Security Agency. A graduate of Duke University, he holds a doctorate in Slavic Studies from Cornell University, where he taught for three years. He also is a graduate of the CAPSTONE General/Flag Officer Course at the National Defense University, the Intelligence Community Senior Leadership Program, and the Alexander S. Pushkin Institute of the Russian Language in Moscow. He has served as Associate Dean for Academic Programs at the National War College and while there taught courses on strategy, inter- national relations, and intelligence. Among his other government assignments include ones as NSA’s representative to the Office of the Secretary of Defense, as Director for Intelligence Programs at the National Security Council, and on the staff of the National Economic Council. This publication presents a historical perspective for informational and educational purposes, is the result of independent research, and does not necessarily reflect a position of NSA/CSS or any other US government entity. This publication is distributed free by the National Security Agency. If you would like additional copies, please email [email protected] or write to: Center for Cryptologic History National Security Agency 9800 Savage Road, Suite 6886 Fort George G. Meade, MD 20755 Cover: (Top) Navy Department building, with Washington Monument in center distance, 1918 or 1919; (bottom) Bletchley Park mansion, headquarters of UK codebreaking, 1939 UNITED STATES CRYPTOLOGIC HISTORY The First Americans The 1941 US Codebreaking Mission to Bletchley Park David Sherman National Security Agency Center for Cryptologic History 2016 Second Printing Contents Foreword ................................................................................
  • Cryptography As an Operating System Service: a Case Study

    Cryptography As an Operating System Service: a Case Study

    Cryptography As An Operating System Service: A Case Study ANGELOS D. KEROMYTIS Columbia University JASON L. WRIGHT and THEO DE RAADT OpenBSD Project and MATTHEW BURNSIDE Columbia University Cryptographic transformations are a fundamental building block in many security applications and protocols. To improve performance, several vendors market hardware accelerator cards. However, until now no operating system provided a mechanism that allowed both uniform and efficient use of this new type of resource. We present the OpenBSD Cryptographic Framework (OCF), a service virtualization layer im- plemented inside the operating system kernel, that provides uniform access to accelerator function- ality by hiding card-specific details behind a carefully designed API. We evaluate the impact of the OCF in a variety of benchmarks, measuring overall system performance, application throughput and latency, and aggregate throughput when multiple applications make use of it. We conclude that the OCF is extremely efficient in utilizing cryptographic accelerator func- tionality, attaining 95% of the theoretical peak device performance and over 800 Mbps aggregate throughput using 3DES. We believe that this validates our decision to opt for ease of use by applica- tions and kernel components through a uniform API and for seamless support for new accelerators. We are grateful to Global Technologies Group, Inc. for providing us with two XL-Crypt (Hifn 7811) boards, one Hifn 6500 reference board, and one Hifn 7814 reference board. We are also grateful to Network Security Technologies, Inc. for providing us with two Hifn 7751 boards, one Broadcom 5820 board, and two Broadcom 5805 boards. In addition, Network Security Technologies funded part of the original development of the device-support software.