Interesting People mailing list archives
IP: Re: Fault-induced crypto attacks a
From: Dave Farber <farber () cis upenn edu>
Date: Wed, 06 Nov 1996 07:20:17 -0500
Date: Wed, 6 Nov 1996 09:43:43 +0000 To: Dave Farber <farber () central cis upenn edu> Dave:
I've been watching the recent announcements about fault-induced cryptanalysis with interest [e.g., RISKS-18.50,52,54,55,56]. Whereas the attacks are extremely powerful tools, they aren't at all new to the crypto community -- there has been widespread discussion for years about these, they've been implemented by criminals and security system evaluators, and they are reasonably well documented.
A different sort of fault perhaps, but Tony Sale's lecture here a few weeks ago revealed that Bletchley Park's initial breaking of the Lorenz teleprinter (aka "Fish") ciphers in the early years of WW2, which led subsequently to the building of the Colossus computers, was entirely due to *one* fault on the part of one German teleprinter operator. They found that he had resent one lengthy message, but by re-keying it (somwhat inaccurately) rather than using the punched teleprinter tape. From this one pair of messages they managed to discover the full detailed logical operation of the cipher machine unseen, and create a means of breaking the messages that were being sent using it to and from the German High Command. As Tony said, for the rest of the war, the cryptanalysts prayed that no over-eager Allied soldier captured a Fish machine! Cheers Brian PS Years ago, after a lecture here by Donald Davies on DES, and emboldened merely by my reading of David Kahn and the like, I brought a typically-academic discussion of its security to a screeching halt by suggesting that perhaps sometime in the future I would be the proud possessor of a DES-based cipher machine - which, (like the Enigma cipher machine that I already own) was historically famous for the importance of the messages that machines like it had failed to protect :-) Dept. of Computing Science, University of Newcastle, Newcastle upon Tyne, NE1 7RU, UK EMAIL = Brian.Randell () newcastle ac uk PHONE = +44 191 222 7923 FAX = +44 191 222 8232 URL = http://www.cs.ncl.ac.uk/~brian.randell/
Current thread:
- IP: Re: Fault-induced crypto attacks a Dave Farber (Nov 06)