[Spooks] Some more thoughts on One Time Pads

EI0DB ei0db at eircom.net
Wed May 7 10:44:29 EDT 2014 

What I describe (in my previous post) is how one pads (OTPs) were used in the 1960s and during WWII.
  I view a OTP as a physical thing normally a pad of sheets with numbers or letters on. Or extending
the definition to punched tape with groups punched onto it and like the pad used once then destroyed.

The important thing is that one time pads are still the one unbreakable  crypt method that all the
  NSAs GCHQs and GRUs cannot break with all the computer power in the world even when applied for
  years. Only when organizations starts taking short cuts is there a possibility of a "break" by
the opposition.  One of those short-cuts is computerization of the "field" end of the link.
  Various attempts to computerize/automate the process  by the Cubans  compromised their "agents".
where as a OTP is designed to be disposed of quickly by burning. A floppy-disk is fairly difficult
to destroy quickly (say with the FBI or KGB busting the door in!). In Cuban spys case the “old” OTP images
  were recoverable, the “old” messages were recoverable and matched copies of transmissions from Cuba
transcribed by the NSA; - bingo! - your a spy - and your nicked!
     
Computerization of the “field” end is something as far as I am aware  the KGB/GRU were not
stupid enough to try.  But the Soviets did something worse; they issued duplicate OTPs sets
around 1943/44 due to the demand exceeding supply of OTPs. A administrative slip by some
faceless pen-pusher lead to the death of the field agent(s) as usual. In this case the
“Verona” breaks by the ASA/NSA  exposed  the Soviet Atom Spies who were executed, and
  Cambridge Spy Ring, who fled.

The other part of getting a (morse) message away - employing burst transmission both sides
of the cold war put lots of effort into this. The American GRA-71 is a typical gadget that
compresses a 3 minute transmission into a few seconds. Even modern kit unless preset would
have difficulty getting an accurate triple D/F fix required for location. Typical of the
1950s/1960s era sets, is the British A16 set. it  has 45 preset channels spread between
2 and 8 Mcs and is tuned by peaking the receiver on “noise” once the channel has been
selected. Permitting fast frequency changing in mid transmission, a technique in use since
WWII When employed together with burst transmission the Red would  guys have less than 10
seconds to take their fix through the tropical static.

As far as machine cyphers the only secure method is the two tape system with a punched
tape equivalent of the OTP, “only used once” being in effect a running OTP system,
regardless of if the Teletype (Murry Code) is going over line or radio. There are many
pitfalls. The Berlin Tunnel operation (GOLD) in the 1940s/50s detected the "ghost"
signal from the plain text input magnets in the Red Army cypher machine, permitting
the UK/US to read messages without having to decipher them only translate them. From
this came the TEMPEST standards to prevent the Soviets conducting a copycat operation
against our own landlines.

The Achilles's heal of both types of OTP system is creating sufficient volume of truly
"random" numbers. The generation of Random numbers in large volumes  is a big and heavily
mathematical subject as well as the need to “prove” the numbers produced are truly random,
another subject in it's own right. Big Bucks and Rubles have been expending to try to get
  a “/*machine*/*”*  to create truly random
number sets for use on OTPs and One Time Tapes, with varying success since around 1900
when the ideas and requirements for the OTP first surfaced.

In the West with gross interference in the design of commercial crypt devices by GCHQ/NSA
  and other nation's spooks since at least 1945. None of them are to be trusted with long
term (strategic) information. I know the of one large oil company based in London who use
OTPs to super encipher certain commercially sensitive information in the 1960s and 70s.
Long before the Crypto A.G machines they used where known to be insecure. I guess most
large multinationals would have been and probably still are  doing that to confound the
UKUS and other spooks looking for commercial secrets.

Think is about all I can add, I do not claim to be an expert, and the above in just my
opinion working from memory; on the other hand there appears to be a lot of misinformation
about OTP on the Internet and confusion.  No Classified information was used in compiling
the above, and as far as I know nothing in the above is not already in the public domain
and previously published. I simply bolted it all together!


best regards, Dave

More information about the Spooks mailing list