ENIGMA: The Latest NSA Encryption Challenge

21st Century Wire says…


It’s rather disheartening to know that the NSA is illegally spying and stealing all of our private data in order to target various innocent individuals around the world, or to steal commercial secrets in order to fix markets

We’ve searched high and low for solutions that might allow free individuals to retain some personal dignity in the face of totally  immoral global tyranny, and this is by far one of the best put out there. So dust off that old Dell 486 with internal no modem, and rediscover the joys of basic programming…


Mike Rivero

What Really Happened 

Once again I and my fellow “irritists” plan an attack with marshmallows of mass destruction, this time against a famous person. The identity of the target is contained in this SECRET MESSAGE. It’s a zip file because this message is in a binary file.



Now, I don’t have a surplus of cash to offer rewards, but I will send a free WRH coffee mug to the first person who succeeds in breaking this message before the day of the pelting, which is July 20th, the 20th Anniversary of the murder of White House Deputy Council Vincent Foster, the case that inadvertently launched my “career” as an activist.

This one is a bit tougher than the first effort.

“The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.”

- The Fourth Amendment to the Constitution of the United States

The NSA justifies its surveillance of all our computer and phone data with the claim they need it to detect and track terrorists. Obviously the Boston Bombing proves this is an epic fail, even given the admission by the FBI that they did in fact have recorded phone calls for the Tsarnaev brothers to listen to.

I maintain that the NSA spying is wholly about controlling the American people, looting their business secrets for cronies, and has no impact on real terrorists (as opposed to fake acting a theater role to sell us a war) because real terrorists and drug criminals have known all along that public communications are open to monitoring.

This brings us to the issue of encryption to protect our privacy.

The NSA loves to be able to read your encrypted traffic, and they are able to do so because Americans are tricked into using code systems where the NSA knows the method (or has a back door).

To decode a message is a two step process. First, the method of the encryption must be determined. Then the specific key for the message must be found. Of the two, the first step is by far the hardest.


IMAGE: The German ENIGMA machine

For example, the allies did not break the German Enigma code until they succeeded in capturing an actual machine from the German submarine U-559. After the method was known, the British cryptographers at Bletchley Park were able to “brute force” the keys to various German messages using an early mechanical computer nicknamed the “bombe” for its constant ticking sound while working.

Use of this machine, based in part on theoretical work by Alan Turing, allowed the Enigma messages to be read. And here is where the story gets interesting! Following the end of the war, the United States and Britain made presents of captured German Enigma machines to friendly governments … but never mentioned that the messages encoded on those machines were readable by the US and Britain!

In the 1990s, a scandal erupted with a company in Europe called Crypto AG. Numerous information breaches had raised the suspicion that the machines were compromised by intelligence agencies, including the NSA. Although Crypto AG’s management strongly denied the allegations, James Bamford in his book “The Puzzle Palace” confirmed the story that the NSA had paid the head of Crypto AG a sizable sum of money to add a back door to their systems.

So the NSA/CIA/FBI faced a problem. Strong encryption was proving difficult to get around at the level of the law abiding citizens. Because finding the keys to messages was comparatively easy once the method was known, the NSA pressured the US Government to mandate that all citizens use a standard encryption system, one where the method was already known to the NSA, to make it easier to read messages from private US citizens. The first such effort was the DES, the Data Encryption Standard. Mandated into use as a standard in 1976. Critics pointed out several aspects of the standard that seemed intended to weaken the code to make it easier for the NSA to read, in particular the manner in which the NSA pressured IBM, the developer of DES, into limiting the maximum size of encryption keys. Suspicions of a “back door” were heightened with the discovery of a block of code in the header labeled the “work reduction packet” which contained the encryption key, re-encrypted using a key presumably only the NSA had. As personal computers gained in computation power, DES was eventually seen as insecure due to the limited key length and those users not mandated by the government to use it, started to search for other means of securing their messages from prying eyes.

So, in 1993, the NSA announced a new encryption system for the masses, the Clipper Chip. The intention was for all US citizens to be forced to use this form of encryption, which allowed the government to have the encryption keys in an “escrow” system. The public were told that the keys would be split into two halves, and two different agencies would hold the halves, requiring a long process to retrieve the key halves in the event of a legitimate investigation. What the public was not told was that the NSA only needed one half of the key, and could derive the other half using their already vast array of computers. Then, in 1994, Matt Blaze published a paper exposing the fact that the clipper chip included in all messages a packet identified as LEAF, which stood for “Law Enforcement Access Field.” Like the DES “work reduction packet”, LEAF contained the encryption key used to encode the message, to make the message readable by the government. As a result of these exposures, the public rejected Clipper, and by 1996 the government stopped trying to force it on the public.

Then in 1999, Microsoft issued Service Pack 5 for Windows NT 4.0, which had a standard encryption system built in, but neglected to strip out the symbol table information for their standard cryptographic module, ADVAPI.DLL. When software experts examined the symbol table, they discovered than in addition to the Microsoft encryption key, a second key existed that was labeled _NSAKEY. This second key would allow anyone using it full access to the Microsoft encryption system, able to read messages encrypted with the Microsoft encryption system at will, and worse, bypass Windows security to access the machine remotely. Dr. Nicko van Someren later found a similar extra key in Windows 2000. Microsoft denies these keys are for the use of the NSA, but given the NSA/CIA’s long history of solving cryptographic challenges by compromising the encryption itself, there is room to doubt.

None of these government systems to read your private messages have anything to do with crime. Real criminals, whether drug lords or spies, know better than to use any encryption system where the method is known to the enemy, even if there are no back doors, “work reduction packets”, or LEAF. The goal of DES, Clipper, NSAKEY is to reserve to the government the ability to read the messages of ordinary Americans any time they wish to.

However, the NSA is able to read your messages only if they have that method. If you come up with your own method, even if it is not particularly strong, you can keep your messages safe from the NSA, at least for the duration of time your terror or drug operation will last, and here is where my challenge comes in.

Over the weekend I dusted off my C programming skills (rather embarrassing how much I have forgotten) and wrote an encryption system of my own design. I encoded a secret message to my evil co-conspirators using this system. HERE IS THE ENCRYPTED MESSAGE. It took me about 4 hours to come up with this (including time going back and re-reading old C manuals).

On July 4th (the day my evil plan unfolds) I will publish the entire system, code and all, with the original cleartext, and the keyfile. Obviously at that point the code system will be useless, since the NSA will then have the method. But the whole point of this exercise is to prove that those real criminals and real terrorists wishing to evade the NSA will be able to do so, and rather easily.

If between now and July 4th the NSA does not publish the cleartext for this message, than this will prove my theory that real criminals and terrorists are able to evade the NSA and the NSA spy program is actually intended to keep watch on law-abiding citizens.

Unlike the Shakespeare quote I hid in an image at my website, you get no clues about this message. There is no “work reduction packet” or LEAF to help them along! I created this on an old obsolete computer with no net connection which is now back in the closet gathering dust.

Let’s see if the NSA is really as good as they want you to think they are.

UPDATE: HERE IS HOW I DEFEATED THE NSA CODE-BREAKERS.

As I mentioned above, this is a silly little bit of code writing, and now that I am publishing the method, it is useless, since now the NSA knows the method. But judging by the server logs, quite a few people did download the encrypted text to play with.

The code is written using a free standalone C compiler, the Digital Mars C/C++ Compiler that runs under windows. The ZIP file for the compiler is located at http://www.digitalmars.com/ I used an old XP laptop without any net connection to do the development and moved code to my main desktop using a flash drive. If it ain’t plugged in, the NSA can’t see it!

Original cleartext message

encode.c

The basic premise of the encryption is a 256 by 256 array of clear text values located by a paired set of indices. This makes the final encrypted text twice the size of the clear text, but means there are 256 possible pairs of indices for any one character of clear text, making decryption by frequency analysis difficult, especially for short messages. In this test code, I added a purely random third number to each pair just to piss off the decoders. Originally I was going to normalize the random number to the range of 0-255 because leaving it large would give away the length of the clear text message, but then I figured it was probably better to trick them into thinking they were dealing with a three dimensional lookup array just to waste their time.

The key for the code is any binary file, of any size, the larger the better, and I chose for my test key an image from the White House website. Using an image posted to the Internet means not having to transport keys around where one might be caught with them. One need only know which website and which image is used as the key. One could use large online image files as a key for DES (without the built in NSA “work reduction packet”), and with a multi-megabyte key instead of the mandated 64 bit key, brute force decryption becomes impractical.

But I digress.

The key file is used to start swapping around the clear text values in the lookup table. Then random searches into the lookup table find the desired clear text value, the two indices are then generated and saved to the encrypted text (along with the bogus third value) .

Encrypted message

decode.c

The decryptor is pretty self-explanitory. It reads in three values, tosses the last one as junk, and uses a lookup table recreated using the key file from the White House website to decode the message.

Decoded clear text message

ZIP files of the executables. THESE WERE COMPILED UNDER WINDOWS XP AND ONLY RUN IN THE COMMAND PROMPT WINDOW

The decoded message is itself a code phrase, which means even with the code broken, the NSA has no idea what signal is being sent.

Now I will be the first to admit this is not robust code. While I wrote it to encrypt binary files I did not test that function, nor can I guarantee portability. I only spent about 4 hours writing this as a demonstration that real criminals and terrorists can, with little effort, secure their communications from the NSA’s code breakers for enough time to complete their plans simply by using unknown methods.

As a final confirmation I would refer the reader to the famous “Kryptos” sculpture at CIA headquarters in Langley. Created in 1990, one of its encrypted messages remains unsolved to this very day. The three that were solved used standard, known, encryption systems such as Vigenere .

This proves that the NSA spying is not aimed at terrorists or criminals, but at law-abiding citizens!

Radio host and journalist Michael Rivero is the founder of website WhatReallyHappened.com.

READ MORE NSA NEWS AT: 21st Century Wire NSA Files

-



facebooktwittergoogle_plusredditpinterest




Ultimate Nutrition
  • websuspect

    ITS ALL DONE WITH algorythems. Shifting around bits and bytes until the colors start to line up.

  • Jim Richards

    I have both my evil genus children working on this to win a prize…however I have no way to be certain that one has solved it…one claimed that he solved it with this as the answer …

    Twas brillig and the slithy tove,
    did gyre and gimble in the wabe.
    All mimsy were the barogroves,
    and the nome rath outgrabe!

    what is the truth?

  • Rafał Bułaciński

    “For
    example, the allies did not break the German Enigma code until they succeeded
    in capturing an actual machine from the German submarine U-559. After the
    method was known, the British cryptographers at Bletchley Park
    were able to “brute force” the keys to various German messages using an early
    mechanical computer nicknamed the “bombe” for its constant ticking sound while
    working.” Ok – I understand, Poland,
    wasn’t belong to allies community during WW II? I agree, based on what was done
    to support us in September 1939. Literally – nothing. Beside this, there’s something
    and require further notes. German Enigma WAS BROKEN by Polish cryptographers in
    1932 (first) and continued until mid 1939, when German AGAIN changed (improved)
    method of cipher, so build another “cryptologic bomb” /first built in Poland – not Bletchley
    Park, England/ exceeded Polish Cipher Bureau funds. The results was given to our
    French and British “allies”. More at:

    http://en.wikipedia.org/wiki/Cryptanalysis_of_the_Enigma.

    Good luck and have a
    good mood, “wise” and best of all nations, Americans …

Ultimate Nutrition