in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Archives

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Old Encryption Is Still Worth Its Mettle: WWII Pigeon Code Goes Unbroken

Old encryption usually can't hold a candle to modern, strong encryption like the AES-256 algorithm used in AlertBoot Mobile Security suite.  However, sometimes they can be more than effective.  For example, GCHQ has announced that the encrypted World War II message found with the remains of a dead pigeon -- found about a month ago -- will take its secret to the grave.

Cannot Be Decoded - One Time Pads

GCHQ, the UK's signals intelligence arm, has announced that the World War II era message is impossible to crack, at least not "without access to the original cryptographic material," because "much of the vital information that would indicate the context of the message is missing":

During the war, the methods used to encode messages naturally needed to be as secure as possible and various methods were used. The senders would often have specialist codebooks in which each code group of four or five letters had a meaning relevant to a specific operation, allowing much information to be sent in a short message. For added security, the code groups could then themselves be encrypted using, for example, a one-time pad. [gchq.gov.uk]

The use of one-time pads would make decryption not only hard but possibly insurmountable: of all the cryptographic methods, the one-time pads are the only ones that are theoretically unbreakable.  All other methods, given enough time, will fall to deciphering techniques -- although, when that time is measured in eons like AES-256 is, it's almost as good as theoretically unbreakable.

One-time pads, of course, do have an Achilles' heel: whatever the correspondents used to decipher the messages themselves.  Since the message is by a UK officer meant for UK eyes, it only follows that GCHQ would be able to retrieve the message using historical records.

But, as mentioned before, critical information that would help find these records are missing, possibly on purpose: "codebooks and the systems used to encrypt them will normally have been destroyed once no longer in use."  Which makes sense.

Things in storage go missing, and certain information remains classified -- for legitimate reasons -- for a long, long time.  Assuming that past enemies have intercepted certain messages, which are also filed away, having unused codebooks presents a risk.

Clues

GCHQ does have some clues as to where to look:

  • The abbreviation "Sjt" was exclusively used in the army.
  • Two identifiers at the end of in the message could identify the pigeon.
  • The addressee is X02.

It looks like the BBC has the best summary of what's going on, what the challenges are.

Related Articles and Sites:
http://www.gchq.gov.uk/Press/Pages/Pigeon-takes-secret-message-to-the-grave.aspx
http://thenextweb.com/insider/2012/11/23/after-weeks-of-trying-uk-cryptographers-fail-to-crack-world-war-ii-code-found-on-dead-pigeon/

 
<Previous Next>

Anonymised Data In Europe: UK ICO And German ICPP Agree Impossible To Provide 100% Protection

Cost Of A Data Breach: Director Of SC Department Of Revenue Resigns, Breach Costs Over $14M

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.