O'Reilly logo

Computer Security and Cryptography by Alan G. Konheim

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

6.14 CRIBBING SZ40 CIPHERTEXT

Much of the cryptanalysis of SZ40 ciphertext described next is included in a Master's Thesis at U.C. Santa Barbara by Nitesh Saxena.

Depth (in ciphertext) occurs when two or more SZ40 ciphertexts yi (i = 1, 2,…) were intercepted in a period

  • During which the pin-wheels are unchanged and
  • Both messages are identified with the same indicator.

The computation of the differences with depth Δ y1,2y1 + y2 = Δx1,2, ≡ x1 + x2 eliminates the key. The differenced plaintext might be searched for probable words (cribs); for example,

  • German cipher-clerks often prefaced their messages with SPRUCHNUMMER (= message number), and
  • Messages might contains references to various organizations such as LUFTWAFFE, WEHRMACHT, OBERKOMMANDO, or GESTAPO.

For example, if the crib SPRUCHNUMMER might be slid across the differenced ciphertext; with the letter S in position j, the XOR of the crib and the difference plaintext produces putative plaintext:

image

The fragment of putative plaintext x2(j), x2(j + 1), x2(j + 2),…, x2(j + 8), x2(j + 9), x2(j + 10) is tested; if it is (grammatically) readable text, a hit has been obtained, which might reveal additional plaintext. With good luck, both plaintexts x1 and x2 may be read and the common key k used to encipher them recovered.

Early in the GCHQ SZ40 cryptanalysis, an interception of the near-repeat of a message of 4000 characters enciphered ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required