Comments

Arclight March 6, 2025 11:49 AM

It’s amazing that they were able to translate “color” and “colour” using 1940s electromechanical cipher machine technology.

Clive Robinson March 6, 2025 1:24 PM

@ Arclight,

With regards,

“It’s amazing that they were able to translate “color” and “colour” using 1940s electromechanical cipher machine technology.”

It was a bad habit of UK cipher machine designers to do such things.

In the 1980’s I had involvement with “British Inter Departmental”(BID) cipher machines with regards repair and maintaining them for a Special Communications(SC) regiment funded not by the UK MoD but UK F&CO.

As part of this I got to know the guts of several cipher machines as they transitioned from electromechanical plus transistor stream generator systems through basic logic chips up into the earliest of specialised chips.

A number of such BID machines had a test mode for the stream cipher unit.

You would do something like the following,

KeyMat = ABCDEFGH
Plaintext = mary had a little lamb
Ciphertext = THE MOUSE RAN UP THE X

All of which was designed to be human memorable for “field testing”.

At the time I was first shown it I thought,

“What the heck how did they do that?”

However I worked out it was a fairly simple trick due to “pre-loading” the stream cipher state array in the Non Linear Feedback Shift Register that the designers had a fondness for as it gave a much lower gate count.

It was significantly helped by the fact that the stream generator did not output cipher text for the nul or higher than ‘z’ characters of the 0..31 “5bit width” in each place in the shift register.

Clive Robinson March 6, 2025 2:13 PM

@ Bruce, ALL,

A couple of things to add.

Firstly, originally the US wanted to keep hidden from the British the fact the SIGBA had reversible rotors[1]…
What the US staff responsible for this decision did not realise was the British already knew about it… Because it was suggested by Gordon Welchmen to the US designers at a secret technical conference some time before. The reason the British had not used “reversible rotors” was because of “mechanical slop” and “increased complexity”… Basically due to wartime constraints the manufacturing the British had was not exactly “precision” so the design took this into account which ment things all had to “fit one way and turn the same way”.

There is history of a post war high security design by Gordon Welchman that defied the US cryptographic designers expectations. They vetoed the design because they thought it could not be reliably constructed (they had “over egged the pudding” on their real manufacturing capabilities). It was later said that Welchman’s design had been a gambit to get the US to make a simpler design as post war UK manufacturing was quite literally “worn down” and there was barely the money to buy food so rebuilding manufacturing was not going to happen[2].

But secondly about two decades ago I actually got to see a CCM in a decrepit state on “public display”. It was used “on loan” on HMS Belfast in central London and not marked up as anything it just had an “on loan” tag. I recognised it and made enquires as to where it was on loan from… I never got told and the next visit I made with my son, it was nolonger there…

The next time I saw one was at a GCHQ sponsored exhibition in London in the Science Museum Basement, tucked away in a corner not far from more prominently displayed Typex machines (that are actually a lot bigger in reality than they look in photographs).

[1] Yes it should be obvious to anyone that you can make clockwork move forward or backward so an odometer style rotor system could step in either direction. And yes likewise if you make the actual electrical rotor like a “hockey puck” as an insert you can turn it over in the rotor frame.

[2] In fact the lack of food post war was worse than during the war, and people in the UK were actually staving to death. This became known to ordinary Americans, who organised “food parcels”. Both my parents even though “professional” “middle class” only survived because they received some of those food parcels… It’s a reality at odds with the “Beer and Fags for the Boys” image the politicians were trying to portray.

Peed March 6, 2025 5:39 PM

@ Bruce
Surveillance material being used to train AI.

Unlike the smaller models already in use, however, the large model currently in development is being trained with Unit 8200’s dataset of millions of conversations between Palestinians. “Spoken Arabic is data that is [hardly] available on the internet,” the source explained. “There are no transcripts of conversations or WhatsApp chats online. It doesn’t exist in the quantity needed to train such a model.”

For training the LLM, everyday conversations between Palestinians that have no immediate intelligence value still serve an essential purpose. “If someone calls another person [on the phone] and tells them to come outside because they’re waiting for them outside the school — that’s just a casual conversation, it’s not interesting,” a security source explained. “But for a model like this, it’s gold, because it provides more and more data to train on.”

https://www.972mag.com/israeli-intelligence-chatgpt-8200-surveillance-ai/

https://www.theguardian.com/world/2025/mar/06/israel-military-ai-surveillance

Clive Robinson March 13, 2025 7:54 AM

@ Bruce, ALL,

Something much more in line with what this blog used to be about 😉

Cryptanalysis of an AES based stream cipher for reverse engineering encrypted microcontroller code using AI.

https://something.fromnothing.blog/posts/something-from-nothing/

The important thing to note is not that AI was used, but that the “plaintext” was machine code, the statistics of which don’t match Human language in ASCII, thus most tools developed over more than a lifetime to ease the breaking of stream cipher encryption just do not work.

Thus in effect the AI was being used to “make new tools”.

I’m also going to make a prediction or two… But first the things to think about,

1, The use of high-level languages especially those like Rust cause programmers to write in certain “styles” that have recognisable patterns.

2, The language tools likewise put recognisable structures into the lower layers thus adding further recognisable statistics.

3, Likewise “optimization” or “speed-up” adds further recognisable statistics.

All of which “layer up” and appear into the compiler output.

At a higher level the use of “code libraries” and “code reuse” add other recognisable statistics.

As does “The coders style/fist”.

All of which is known from those tracking APT malware etc and using them to give attribution.

All of these statistical layers stay recognisable through the tool chain and make it, into the assembler code thus machine code that ends up in the executable file or ROM.

So moving on to predictions…

Firstly as current AI LLM and ML systems are all about “human text prediction” by using the statistical layers in human level communications. They will be of use in making and being used as tools in cryptanalysis (if they are not already being so used behind “closed doors” as I suspect they already are).

Secondly the use by humans of “office applications” and the like will add significant statistics to the application storage and communications files as a form of “known plaintext (I’ve mentioned this in the past about Microsoft File Formats and what they put in at known locations, and raised the notion that it was a favour for the NSA/GCHQ SigInt agencies). This will make current AI LLM and ML based systems quite useful in conventional cryptanalysis.

Thirdly the generation of documents by current AI LLM and ML systems will heap new statistical layers into “user files”. Thus making “known plaintext” for “attacks in depth” a lot easier.

But think on this a little further, this “attacks in depth” due to more recognisable statistics will apply even more to other “AI Assisted” work output.

Fourthly the likes of Co-Pilot and “AI Code Generators” will make the life of cryptanalysts easier.

Fifthly the use of AI to “generate plaintext” and AI to “find plaintext” in ciphertext will like two pendulums hanging on a beam “come into synchronisation” in ways we can not yet realise.

As they say,

“All jolly good fun, till you take someone’s nose off.”

And nobody want’s that Tycho Brahe look, or problems with information thieves and unreliable pendulums,

https://www.mentalfloss.com/article/547438/pee-poison-and-prosthetic-noses-story-astronomer-tycho-brahes-suspicious-death

Leave a comment

Blog moderation policy

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.