One-time pads on paper tape in 2005!
While browsing Dirk Rijmenants blog, I came across a link to Austrian company Mils Electronic. This company sells encryption products that implement one-time pads and proprietary ciphers; ring any warning bells? Well, rather than making any judgments on the company or their products, I thought I'd mention a few facts that distinguish this company from a stereotypical OTP snake-oil vendor.
First, they were founded in 1946, and have been doing one-time pads ever since. Second, they seem to be pitching their products at governments. Third, amongst other things, their random number generator can output to a...wait for it...5-channel paper tape puncher (pictured above left).
5-channel paper tape -- as in, pretty much the same one-time pad implementation Gilbert Vernam patented in 1919. I'm flabbergasted. Who's still using this stuff? I reckon you'd need a little over 4 meters for each kilobyte of information you encrypt.
First, they were founded in 1946, and have been doing one-time pads ever since. Second, they seem to be pitching their products at governments. Third, amongst other things, their random number generator can output to a...wait for it...5-channel paper tape puncher (pictured above left).
5-channel paper tape -- as in, pretty much the same one-time pad implementation Gilbert Vernam patented in 1919. I'm flabbergasted. Who's still using this stuff? I reckon you'd need a little over 4 meters for each kilobyte of information you encrypt.
12 Comments:
I was also surprised to see the paper tapes. Last used on the T37's until about '83. Tapes from hell! Lots of synchro problems. Never heard of them since. The introduction of electronic teletype like Siemens T1000 could not support those any more and online systems like KW7 had already taken over some time.
I wounder for which systems they still make the tapes?
Paper tape is a mess, but it is very secure. It is easy to destroy and if your one-time-tape machine punches holes in all channels after use you are sure you never will reuse the key.
It also is difficult to tamper with. The tapes I have seen were packed in clear plastic bags thoroughly sealed. The reels were nice and tightly wound with smooth surfaces on which there was printed a diagonal line on each side. It was virtually impossible to read a tape like that and manage to get it back in its original state.
So for small countries who do not have any serious cryptological competence and who do not want to trust their secrets to commercial equipment, one-time-tape machines and paper tape is low-tech but highly secure.
Frode's tamper issue makes sense. OTP's kan be transported on USB sticks, flash card, floppys or whatever, but those can be read (without been noticed!) or even worse, copied. Ok, there's encryption on sticks ao, but if you use OTP's because you need for absolute security, why thrust a USB stick encryption to hold the OTP. There's a point in keeping things simple. Simple use, simple (solid) security, and simple management and destruction. As they say in the field, keep it "idioten-sicher"
I also agree with using one time pads on paper tape. I wouldn't worry about the low bit rate, because you can move it in a diplomatic pouch and only encrypt messages over the cable that need to be encrypted. The rest you can trust to other encryption methods.
I'm reluctant to disagree with all you fine people, but I have to admit I still struggle with the idea of this being a good choice for anyone. I can appreciate the argument for simplicity. It's not difficult to see that a one-time pad provides unbreakable privacy, even for groups without cryptographic expertise. And I can understand the argument that it might not be desireable to trust a third-party company (especially after all the NSA/Crypto AG backdoor rumours).
But still, there's been a lot of solid, open academic research into cryptography in the last three decades, and several implementations are freely available to the public. You'd think that, at the very least, a small country's embassy would be able to set up a couple of hardened, offline PCs running (say) a version of PGP or GPG. That would avoid the need to use slow and clunky tape, as well as the need to deliver pads securely by courier or diplomatic bag. It would also provide integrity and authenticity, something which a one-time pad fails to guarantee by itself.
I don't believe our embassy's trust (nor use) PGP. They use proprietary (governement) ciphers. I absolutely don't wanne break down the splendid PGP, but diplomats with big secrets are to paranoia. Asymetric keys are not adviced for long time storage (defactoring times shrink) and thats not important in all days live. But what if you (finally) decrypt a 15 year old diplomatic message, stating your stupid country is full of jerks...and the one who wrote is, is still president...oeps. Thats why they have a disclosure act only after about 60 years, so that it doesn't matter any more. Do you trust a PGP encryption up to 60 years from now, with advancing technology?
Hello Gentlemen. I am heading back into paper tape systems. Long ago I came to hate these things when working with them in Police Stations. However, at Friedrichshafen 2011, I bought an ETCRRM and now seek a Creed or Siemens paper tape reader to make it good for display. When looking around I found this on Youtube. Maybe I should make one?
http://www.youtube.com/watch?v=uZnuu18FtQk&feature=related
dissertation help
this is a awesome post, love it
this is a awesome post, nice information on your post.
yeezy supply
supreme clothing
bape
supreme clothing
longchamp
kyrie 7 shoes
golden goose
longchamp
birkin bag
hermes belt
moncler
kyrie 7 shoes
jordan shoes
curry 7
bape clothing
kobe sneakers
yeezy boost 350
golden goose shoes
off white nike
yeezy 500
Post a Comment
<< Home