in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Archives

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Encryption And Security: WWII Encryption Cracked, Shows Strength Of Crypto Algorithms

World War II and encryption is back in the news.  According to the Daily Mail, mathematicians, historians, and geography experts at Plymouth University combined their efforts to crack the messages that were hidden in personal letters, letters sent home by a UK prisoner-of-war held in Germany.  While the algorithm that was cracked is not as dependable as modern mobile encryption and security, it shows us why cryptography is a powerful information security tool.

As I alluded, this is not the first time that old-time cryptography is making waves in modern times.  The world was treated to a bizarre surprise when cleaning out a chimney resulted in the discovery of a 70-year mystery.  The big difference in this case is that we know that happened, unlike the dead-pigeon saga.

Smalltalk about a Garden Turns into Coded Casualty Report

The folks over at dailymail.co.uk put it best when they noted:
Many seeds are left, being saved from several plants which did very well some time ago.
'Our last year's harvest was extremely good. Well worth repeating again for this year.'

But it meant: 'HMS Undine attack failure. Trawler depth-charged, scuttled in 70 feet, three burnt.'
The encryption (and decryption) algorithm is quite a pretty convoluted process.  Among other things, there were:
  • Predetermined indicators that a letter contained a coded message: (1) writing the letter's date in "Continental format" (day/month/year) as opposed to the typical English method (month/day/year), and (2) underlining one's own signature at the end of the letter.
  • Using the first two words of the first line (after the greetings) to indicate what kind of grid/matrix to use.
  • Counting only the fourth or fifth letters to create the message.
  • Using certain keywords as signifiers for the end of a message, the start of a message, and secret requests for items that could be used during an escape.

When you consider how simple the code is, relatively speaking, it's amazing how much information the POWs were able to pack in their letters.  I'm especially impressed by the use of the matrix at the beginning, since it would make it harder to crack the code.

Mobile Devices and BYOD: Modern Encryption Much More Secure

Of course, modern encryption – for example, those used to protect smartphones and tablets like iPhones and Android phones – is much more secure than what was used in WWII.  But, the principles remain the same.

Well, to a degree.  With modern encryption such as AES-256, which is used by AlertBoot to protect hard drives on laptop computers, most estimates show that all the processing power in the world would still take a few centuries before a significant dent can be made in forcefully cracking data.

This is why if your workplace has a "bring your own device" policy, you're probably required to use encryption on your smartphone, tablet, or PC/laptop: even if you lose your device, the chances of the data falling into the wrong hands are infinitesimally small.

Related Articles and Sites:
http://www.dailymail.co.uk/news/article-2317548/Code-letters-sent-home-British-PoW-WWII-help-Allies-revealed-70-years.html

 

 
<Previous Next>

Android Security: Pattern Lock Is Stronger Than You Think

BYOD Security: Complying With Australian Privacy Principle 11

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.