Cryptography Reference
In-Depth Information
programs enter a wait loop, e.g., 5 seconds, after each wrong password entry.
This prevents the most popular passwords being tried over the network. Rather
than DES encryption, other systems use a one-way hash function, e.g., MD5
(more about it in Chapter 6). All these measures are correct, but cryptologi-
cally insufficient. Really correct is only the stopping of bad passwords by the
password
command itself. On the other hand, admissible passwords should not
be overly complicated, since that would encourage users to write them down.
3.4 Back to Ciphering Cylinders
After this excursion into modern cryptology, let's get back to outdated methods.
We will see that cryptanalyzing these methods is still of interest. We begin with
the ciphering cylinders introduced in Section 2.5. A little reminder: a ciphering
cylinder is a homophone polyalphabetic method with a small period (e.g., 30).
The single substitutions are known, only their selection and sequence are secret.
Negative pattern search is very useful to cryptanalyze them. It can be deciphered
even if the ciphertext is too short for statistical analyses.
3.4.1 Negative Pattern Search
We know that the disks in ciphering cylinders are turned so that the plaintext
appears in one line. The ciphertext is read in another line. One of the properties
of this method is strikingly similar to the Enigma, namely that a character
never transforms onto itself during encryption. While this may seem to increase
the method's security, it is actually a rather strong limitation. We saw at the
beginning of Section 2.5.2 that this may help somebody to find the position
of a piece of plaintext. The following simple (and impractical) example shows
how we can utilize it.
An Example (Caesar Cipher)
The task at hand is to decrypt the following Caesar-ciphered message without
the help of a computer:
GLHVHUWHAWHQWKDHOWHLQZDKUVFKHLQOLFKHVZRUW
We know that the text part
WAHRSCHEINLICHESWORT
