The specification of modern, non-communicating cipher machinery [closed]

General Tech Learning Aids/Tools 2 years ago

0 1 0 0 0 tuteeHUB earn credit +10 pts

5 Star Rating 1 Rating

Posted on 16 Aug 2022, this text provides information on Learning Aids/Tools related to General Tech. Please note that while accuracy is prioritized, the data presented might not be entirely correct or up-to-date. This information is offered for general knowledge and informational purposes only, and should not be considered as a substitute for professional advice.

Take Quiz To Earn Credits!

Turn Your Knowledge into Earnings.

tuteehub_quiz

Answers (1)

Post Answer
profilepic.png
manpreet Tuteehub forum best answer Best Answer 2 years ago

 

I'm looking for references, papers or guidance on a class of system which I have not seen widely discussed.

Consider powerful electronic machinery which remains in the custody of communicating parties, is reasonably insulated from tempest-style attacks, and which is not networked. Between tasks its state is completely reset, and includes no secret material such that the hardware may be considered entirely open.

The machinery is used to convert telegraphically-short plaintext to ciphertext (or back again) by means of a large, symmetric randomly-generated key, and the ciphertext is communicated to the recipient non-electronically and without the aid of electronic communications technology, presumably by laborious means (eg writing, semaphore, Aldis lamp). Similarly, keys are not stored electronically, but by some other painstaking means, so must also be as short as humanly possible (eg memory). Identity is not securely established or managed by the system.

If the act of communication were electronic, a default implementation might be to generate a random IV, encrypt the message with a respected symmetric block-cipher in CBC mode, and append an HMAC generated with a well-respected hash function.

However, for such communication to be successful when transmitted more laboriously, size is of the essence, particularly when also padded with ECCs, and with symbols drawn from a small alphabet. Questions I'd like to be more confident on include: what guidance is there for the length of IVs? What threats would be opened up by failing to include an HMAC? Given the vulnerability to errors, what are good approaches (if any) to resynchronization after corruption? What are the principal vulnerabilities and attack vectors of such a system, to the extent that it has been specified (beyond learning the key)?

Systems such as these must have been considered in the literature, but I can find little written about such a set up? Perhaps I am lacking some vital terminology which is thwarting searches? Is the system so simple that there's nothing to discuss?

No matter what stage you're at in your education or career, TuteeHub will help you reach the next level that you're aiming for. Simply,Choose a subject/topic and get started in self-paced practice sessions to improve your knowledge and scores.