SoylentNews is people
SoylentNews
from the put-all-your-secrets-in-one-basket dept.
'The intelligence coup of the century'
In case of paywall...
CIA Secretly Owned Crypto, the Swiss Company That Ruled Global Spy Comms for Decades, Says Report
For more than half a century, governments all over the world trusted a single company to keep the communications of their spies, soldiers and diplomats secret.
The company, Crypto AG, got its first break with a contract to build code-making machines for U.S. troops during World War II. Flush with cash, it became a dominant maker of encryption devices for decades, navigating waves of technology from mechanical gears to electronic circuits and, finally, silicon chips and software.
The Swiss firm made millions of dollars selling equipment to more than 120 countries well into the 21st century. Its clients included Iran, military juntas in Latin America, nuclear rivals India and Pakistan, and even the Vatican.
But what none of its customers ever knew was that Crypto AG was secretly owned by the CIA in a highly classified partnership with West German intelligence. These spy agencies rigged the company's devices so they could easily break the codes that countries used to send encrypted messages.
For the most goodest security, use only one commercial crypto system. Trust it with all your secrets.
(Score: 1, Funny) by Anonymous Coward on Wednesday February 12 2020, @01:00PM (6 children)
CIA don't own ROT13
(Score: 2) by ikanreed on Wednesday February 12 2020, @02:30PM (2 children)
I often wonder if ROT13ing a message before encrypting it would fuck up the validation step of decrypt methods.
(Score: 3, Interesting) by DannyB on Wednesday February 12 2020, @05:16PM (1 child)
Is there a reason you suspect it would mess up the validation step?
You ROT13, then apply, say, AES. To decrypt, you AES with same key, then ROT13 again.
It's been since the 1990s that I read Applied Cryptography. One thing I remember is that all crypto is basically combinations of two types of operations.
Break message down into 'symbols', which are part of some 'alphabet', and then either:
1. re-arrange the order of the symbols, in a way that they can be un-rearranged during decryption
2. substitute each symbol for a different symbol, in a way that they can be un-substituted during decryption
At a big picture level, one could look at a block cipher that takes, say, a 256 bit input, as simply taking 'symbols' from a 2^256 alphabet (a huge alphabet!) and substituting them for other symbols that are output. Decrypting is the mirror substitution.
Code books of old, where words were substituted for other words, are again just using words as the 'symbols', and the code book is the substitution key. So 'red' becomes 'read', 'peek' becomes 'peak', etc, sew that knowbody wood under stand you're techst.
All the S-boxes and P-boxes of modern ciphers are merely these two operations.
To transfer files: right-click on file, pick Copy. Unplug mouse, plug mouse into other computer. Right-click, paste.
(Score: 3, Interesting) by DannyB on Wednesday February 12 2020, @05:17PM
I should have mentioned pads, and one-time pads.
To transfer files: right-click on file, pick Copy. Unplug mouse, plug mouse into other computer. Right-click, paste.
(Score: 3, Funny) by DannyB on Wednesday February 12 2020, @05:05PM (2 children)
We need government mandated ROT17.
"The government selected ROT17 because two applications of it will not revert the ciphertext back to plain text.", the senator explained.
"...and furthermore", the senator added, "we chose ROT17 because 17 is a prime number unlike 13."
To transfer files: right-click on file, pick Copy. Unplug mouse, plug mouse into other computer. Right-click, paste.
(Score: 2) by maxwell demon on Wednesday February 12 2020, @06:54PM (1 child)
But of course the real reason why ROT13 is insecure is that 13 is an unlucky number. Therefore if you encrypt with ROT13, the attacker is likely to guess your cleartext just by chance.
On the other hand, if the attacker already suspects ROT13 encryption, the bad luck will struck him instead, and he'll not be able to decrypt. That's why if you ROT13 encrypt, you should always add that information in clear.
The Tao of math: The numbers you can count are not the real numbers.
(Score: 3, Funny) by DannyB on Wednesday February 12 2020, @07:18PM
More experienced users will find that ROT13 is not as secure an encryption scheme as EBCDIC.
To transfer files: right-click on file, pick Copy. Unplug mouse, plug mouse into other computer. Right-click, paste.