| Welcome to Crypto. We hope you enjoy your visit. You're currently viewing our forum as a guest. This means you are limited to certain areas of the board and there are some features you can't use. If you join our community, you'll be able to access member-only sections, and use many member-only features such as customizing your profile, sending personal messages, and voting in polls. Registration is simple, fast, and completely free. Join our community! If you're already a member please log in to your account to access all of our features: |
| Overview | |
|---|---|
| Topic Started: Jun 13 2009, 03:05 PM (131 Views) | |
| osric | Jun 13 2009, 03:05 PM Post #1 |
|
Advanced Member
  ![]](http://209.85.122.85/static/1/pip_r.png)
|
After spending some time on the Byrne challenge I have made little progress towards the solution and believe that we don't have enough information to solve it. While Byrne has provided plenty of plain and ciphertext, we lack knowledge of the machine construction and the algorithm, which in real life would be available (Kerckhoff principle). Neither do we have any depth of messages. That reason alone led Friedman to reject Byrne's challenge and to demand messages in depth, which was the 'real life' test he applied to a new cipher. Another unrealistic aspect is that the machine appears to be impractical to use. The enciphering process on the machine is so tedious, as is reported in Kruh and Deavours article, that it is difficult to imagine it would have found application in the real world. However I must admit the challenge stimulates investigation of the principles of enciphering machines, which as an intellectual exercise is highly interesting, not to say semi-addictive. I had a look at a series of known and invented machines. First on each machine I made ciphertext from the first 5500 letters of Byrne's plaintext. Then I analized the ciphertext to see how closely it resembled Byrne's, using three tests I developed plus Jeff Hills 'hit' test described in his excellent paper 'CHAOCIPHER: ANALYSIS AND MODELS' at the Chaocipher Clearing House. My idea was not to replicate exactly the letters of Byrne's ciphertext – that would be impossible without knowing all the keys. But rather to replicate the 'shape' in terms for example of ic – and the other 4 tests I used. None of the outputs was near Byrne's. My conclusion after this exploration is that his machine used more than one disk for enciphering and relied on a textual key to obtain the randomness observed in his ciphertext. In this situation the sort of analytical approach I followed has no chance of success. The parameters of the ciphertext change with every different textual key tried. There are so many possibilities for such a key that it is not surprising that neither I, nor anyone else over all the years, have found the correct one. In contrast to Byrne’s challenge I find the Kruh and Deavours challenge offers a chance of solution, taking it at face-value. They have given us three ciphertext messages in depth and asked that we find the plaintext and describe how we did it. This is more in line with Friedman’s practice for assessing a new cipher, to which unfortunately Byrne did not respond. As some help, they have given us the book from which the plaintexts were taken. I guess that Kruh and Deavours, both experienced in Cryptology, would not have made this challenge if they did not have a method for solving it – at least I hope so! Moshe Rubin has posted some very useful ideas at the CCH on how to take up this challenge, and indeed has identified the plaintext of one of the messages. It would be interesting to hear any other views and ideas. For my own part, I am taking the connotation of ‘depth’ to mean that all three plaintexts were enciphered with the same keys. If this is correct, then in those positions where the ciphertext letters are the same the plaintext letters will be the same also. |
 |
 
|
| mosher | Jun 14 2009, 06:43 AM Post #2 |
|
Member
|
Hi osric, Kudos for the post. I agree with you fully that it is high time to turn to Deavours & Kruh's Exhibit 5. This does not rule out the other exhibits' being useful for analysis. Rather, when you see low hanging fruit, it may be time to pluck them. :-) Even a relatively insecure cipher system with an erratic keying sequence can defy analysis if only one message is given. Given two in-depth messages, even a one-time pad can be solved! D&K's messages give a hope of leveraging one message against the others. As I mention on the Chaocipher Clearing House (TCCH), I understand the term "messages in depth" to mean "the messages can all be aligned such that at least one column is enciphered with the exact same machine settings". Based on observed coincidences ("hits") between the messages, I believe all three messages began with the same machine settings, and hence the same 'key letter' for the first character of the messages. Because the underlying plaintext letters, and the resulting ciphertext letters in these three messages are different, the keying sequences differ beginning from the second letters onwards. The machine settings and keying sequence could conceivably converge somewhere within the messages, possibly produce indetical pt/ct pairs, to immediately diverge again because of following plaintext/ciphertext letters differ. Your theory that identical ciphertext letters signal identical plaintext letters is an assumption that will hopefully lead somewhere. We know, however, that in a standard Vigenere tableau any ciphertext letter has 26 different pt/key pairs that will lead to it. Identical ciphertext letters in Exhibit 5 may have come about from different pt/key pairs. If the keying sequences of the three messages are the same, your assumption of identical plaintexts has a strong basis. If, however, the keying sequences change from letter to letter (possibly because the plaintext and ciphertext may both influence the next key letter) then this assumption will need strong testing. I, too, want to believe the Deavours and Kruh were actually trying to help fellow cryptanalysts, and not trying to obfuscate and muddy the waters. The repeated 5-gram in Exhibit 5 message #3 is truly astonishing and may hold a means for breaking into the system. Regarding having identified the plaintext to message #3: this has not been proven conclusively. It was the only plaintext in chapters 1 and 2 (the only scanned chapters I had at the time) that fit the 5-gram repetition. It would be good to have more proof that the match is correct. Good luck! |
|
|
|
| 1 user reading this topic (1 Guest and 0 Anonymous) | |
| « Previous Topic · Chaocipher · Next Topic » |
4:29 AM Nov 26
