Hacker News new | past | comments | ask | show | jobs | submit login

This is always the part of the anti-Snowden case that baffled me. Those who seem to think that he alerted terrorists to the most secure means of communication seem to assume that, prior to the Snowden leaks, they were communicating by yelling really loudly across the NSA buildings. It's like they simply forgot about the biggest reason it took so long to find Osama bin Laden: he was so security-concerned that he used couriers and relays (which, counter to the broad narrative about the terrorist shift to security, actually cannot be decrypted)



The most dangerous terrorists have probably already reverted to couriers with one-time pads. One-time pads are uncrackable, yet they were used extensively before modern cryptography was even invented. They're cumbersome and constrained but very effective. No amount of mass surveillance will alter their efficacy.

https://en.wikipedia.org/wiki/One-time_pad


So I read the wiki on the One-time pad and there's something I'm a little stuck on. There's a statement (paraphrasing) that the OTP is immune to cryptanalysis (brute force) because any given key translates to all possible plain-text, and the viable words all have a-priori the same likelihood.

The thing I'm stuck on though, isn't it still possible to do semantic analysis on the various permutations. Basically reading permutations for cogent statements? So do some sort of a-posteriori analysis

Infeasible for a human to do, but assuming one could construct a significantly advanced parser (non-trivial of course), wouldn't it be possible to brute force still? What am I missing?


No. What you described will work for a simple substitution cypher, but not for a one time pad. A one time pad is the same length as the message, and permutates every letter independently. Trying all keys will yield every possible plaintext. For example the phrase:

"The swallow flies at midnight"

May (with a one time pad) be encrypted into

"WD4oXOl8yO0QtD4sOf7ip0P7ScIia"

(which, incidentally, is indistinguishable from random noise)

If you just bruteforced that by xor'ing every character with every other possible character you could derive every possible message of that length, such as:

"garfield hate lasagna someday"

"men are cats why even bother?"

"pocket knives go to space yay"

etc ad infinitum

No measure of semantic analysis will help you here!


Well-known caveat for people who are familiar with encryption, but it's worth calling out explicitly here:

If you use the same one time pad to encode two or more different messages, then all the sorts of attack proposed here become plausible again.

The security provided by a one time pad relies entirely on the fact that it is only ever used once.


I'd like to add this scenario actually happened during the Cold War. Soviets were reusing one time pads and the US army decrypted some of the messages, among other things this lead to discovery of Soviet spies targeting the US nuclear weapon program https://en.wikipedia.org/wiki/Venona_project


https://www.youtube.com/watch?v=yxx3Bkmv3ck

Computerphile recently showed how this was done.


Is it really still a "one time pad" if you used it multiple times?


Easy to tell the right sentence because it's the only one capitalized correctly! /s


Ahh yep, got it.


I am out of my element here, but my understanding is that since the key is equal in length to the message, there is no way for you to know whether you are simply seeing a pattern in the key or a pattern in the message.

Imagine a one time pad made for encoding numbers that used a "MOD 10" operation on each digit.

Then imagine the key is:

    6926560279774
And the message is:

    0000000000000
The output is:

    6926560279774
Alternative messages:

    1234567890123 -> 7150027069897
    1111111111111 -> 7037671370885
In all cases, the patterns that you can discern may be from my message and may be from the key. As an analyst, you can't tell.

If this were English letters rather than numbers, and you know 'e' is very common, you still can't get anywhere because each 'e' is encoded with a unique character from the key.


This is a good description, but to add on to it: If there is a pattern in the plaintext, it does not increase the probability that there is a pattern in the ciphertext. It is true that there may be patterns in the ciphertext, but they give you no information about if there is a pattern in the plaintext.


The key is the same size as the message. Each letter translates the corresponding letter and no others. You could make a key to translate the message to anything with the same number of letters.


Well no. What you are describing is basically searchig through all permissible permutations in a given search space, i.e. a thousand monkeys with typewriters. Fron time to time the system will produce something that is not gibberish, but there is no way of knowing if it is related to the true message at all.


The message has an equally probably of decoding to ANY message. You essentially have no information to work with.


It doesn't seem very likely that anyone has broken a modern symmetric cipher like AES or ChaCha. If not, a small random key is just as good as a one time pad, and you can reuse it for as many messages as you want. The bigger risks are that you reveal the key or that your hardware is evil, but OTPs don't save you from either of those.

With public key crypto it's a lot more likely that something might be broken. But then again if you somehow solve the problem of swapping secret keys/OTPs with everyone you want to talk to, you don't need public key crypto.


I understand what you're saying, and I agree. But I think it might be a little disingenuous to use Osama Bin Laden's crypto practices as an example. I believe this is the more interesting story of what really happened with Bin Laden?

>Pakistan secretly captures Bin Laden by bribing tribesmen. The US finds out by bribing Pakistani officials. Further bribes with foreign aid money get other Pakistani officials to issue a stand down order. The SEALS swoop in unopposed but somehow still lose a helicopter. They kill a captive Bin Laden as part of a deal to avoid exposing Saudi support for Al Qaeda. The media gets fed a cover story about the compound being a command center. Some doctor guy becomes a scapegoat and vaccination programs are derailed in all of Pakistan. The CIA fabricates documents from the compound and flirts with claiming credit for "enhanced interrogation" technique in the matter.

If you don't like that story then sure by all means stick with Story A: The CIA does brilliant investigative work. The commander-in-chief makes a gutsy call. The SEALs storm in and kill the bad guy in a firefight. He is buried at sea with full rituals. The 2012 presidential campaign starts a few days afterwards.

If you support Story A, then this would certainly make sense:

>It's like they simply forgot about the biggest reason it took so long to find Osama bin Laden: he was so security-concerned that he used couriers and relays (which, counter to the broad narrative about the terrorist shift to security, actually cannot be decrypted)

##EDIT

Claims comes from a previous HN article about the Killing of Bin Laden: https://news.ycombinator.com/item?id=9520984


Those are some pretty big claims, have any evidence to back them up?


The only thing that lends credibility to the story in the post you're responding to is the person who's claiming it's the truth. Seymour Hersh [1] has enough of a track record that we shouldn't dismiss it out of hand. As far as evidence goes, I'm not sure the official story has been proven any more than Hersh's story has, so it's hard to know what to believe.

[1] https://en.wikipedia.org/wiki/Seymour_Hersh


This IIRC is essentially the story reported by investigative journalist Sy Hersh, relying on unnamed sources. See here for the full read: http://www.lrb.co.uk/v37/n10/seymour-m-hersh/the-killing-of-...


Thank you! Ok I remember when that story broke but I didn't read the details. Seymour Hersh is such a respected and renowned journalist who has a track record for revealing exactly this stuff. But the lack of openness in the sources is disquieting. But the story is so odious and so serious, I suspect there are no sources that could weather the storm regardless.


The less evidence and the more faith involved, the more captivating the conspiracy theory. That's how they work.


I fail to see how story b contradicts the parent post. If Osama was easily traceable there was no need to bribe everyone.


I was just using it as an example of it long being on the mind of terrorists that they need to take extreme precautions to avoid their electronics being compromised. Snowden didn't alert them to the concept of decryption. Sorry if I implied anything more.


The other 'wild' claim I heard was that his compound was actually a prison, built especially to house him. Again no proof, but an interesting idea none the less.


To be fair, an ultra-secure compound that the owner/resident of doesn't ever leave for fear of his own safety can be indistinguishable from a luxury prison in terms of outcome, even if it wasn't intended that way.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: