Hit & Run

Modern Codebreaking


Interesting piece from the BBC about modern codebreaking in an era of essentially unbreakable codes, hooked to the Chalabi scandal regarding U.S. breaking of Iranian codes. Some excerpts:

Simon Singh, author of "The Code Book", a history of codes, said: "Modern codes are effectively unbreakable, very cheap and widely available. I could send an email today and all the world's secret services using all the computers in the world would not be able to break it. The code maker definitely has a huge advantage over the codebreaker."
Ross Anderson of the Computer Laboratory at Cambridge University [says]: "As the former chief scientist of the NSA once remarked at one of our security workshops, almost all breaks of cipher systems are due to implementation errors, operational failures, burglary, blackmail and bribery. As for cryptanalysis, it happens, but very much less often than most people think."
The three "Bs" - burglary, blackmail and bribery - might have to be employed if there is no other way of getting at the key. We are back to the world of spies.
Simon Singh says that sometimes there is a backdoor way in through deliberately corrupted software: "There is always the chance of human error. Encryption requires a key, and if I get hold of your key then I can read your messages. Or if I plant some software in I get to see the message before you encrypt it." Whether something similar happened in this case involving Iran is simply not known.

Lots of neat details on the distinctions between private-private and public-private keys, the difficulty of factoring the product of multiplied prime numbers, and other such codemaking fun, and worth reading in full if the topic interests you at all.