all this talk of australian crypto laws got me thinking. here's a hypothetical (this might get a little complicated):

for the sake of the security facade, the government decides to not ban encryption outright. BUT they decide that all crypto will use the same key. therefore you can not directly read encrypted things, but it's not really encrypted anymore is it?

part two: there's a concept called chicken sexing, named after people who determine the sex of baby chicks. male chicks are pretty useless and expensive to keep alive, so they are eaten. female chicks go on to lay eggs, so ideally, from a financial standpoint, you only raise hens to maturity. this is nearly impossible to discern early on so at first you're just straight up guessing. is this one female? sure? that one? no? really 50/50. BUT if you have a skilled chicken sexer looking over your shoulder, saying right or wrong, then eventually you get better. why? nobody knows. they can't explain it. nobody can. you just sort of "know" when it's female or not. some people can do 1000s of chicks/hr with success up to 98% but nobody can explain how to tell them apart.

part three. final part:

after years, even decades of using this encryption with only one key, I wonder if people (even if only people who are regularly exposed to crypto like NSA analysts or cryptographers) can ever learn to understand it. in the same way as above. you don't know exactly what it says. or how you know it. you didn't run an algorithm in your head or decrypt it. but somehow you get the gist.

28464e294af01d1845bcd21 roughly translates to "just bought a PS5! WOOT!" or even just pick out details. PS5. excited. bought.

but how do you know that? idk. just do.

oh what a creepy future it has become.

  • 1
    No. Chickens have, well, fine details that are hard to grasp, on the other hand crypto messages require tons of math on each symbol, and the math must be done consequently, that's whole different scheme.

    I'll explain this by giving another examples:
    When you look at the picture of RTG you don't know what to look at to diagnose disease. But you can be trained to find those details. Minor disturbance in statistics. This is pretty easily achieved with neural networks. And by training pigeons.
    On the other hand, finding primary numbers is impossible to be learned by neural network, but you, as a human, can draw conslusions by making hypothesis and checking them, and then by creating algorithms. However the amount of algorithm iterations you can use in certain time - is limited. You can use rules like 11, 101, 1001 (and so on) are always primes, but this doesn't allow you to do quick fact checks on larger numbers. Your computation power is not large enough.
  • 0
    So to summarize, no, because chicken sexing is about catching details while message decoding is about pure computation power.
  • 0
    @mt3o maybe my original example required too much to be extrapolated.

    I imagine that with enough time (which would be by no means short, hundreds if not thousands of hours) a skilled surveillance analyst might be able to answer VERY basic questions such as "is that message binary, English, Chinese, etc? does it exibit a certain 'written by humans vs written by machines' quality?" and they might be able to do this without decrypting.

    this could potentially surface because of language properties like the etaoin property of English, the high byte vales required of asian character sets like Chinese or korean, or the very high distribution of null bytes that binary data formats frequently contain. the effects of these causes in the final encrypted form may not be directly observable and explained, but maybe you could get a "gut feeling" that is correct a not insignificant amount more than random guessing.
  • 1
    @deadPix3l ok, basic question, which ciphers do you know? Because what you are talking is a statistical analysis. It's a valid form of attack against plenty of ciphers.

    Also, endianness, different charsets and encodings make it even more difficult to learn what you are talking about, but let's skip that.

    What you want works for replacement cihpers like caesarean or matrix, or the one freemasons is. You shift symbol by some length (fo caesarean is 13 so a gives j, b gives k). If the shifting if variable, learning that becomes harder. For more complicated ciphers, the shift is complex, polynomial, im thinking of Enigma. Its unbreakable for statistical analysis.
    Communication between computers is handled by two-way ciphers, like Diffie-Hellman when both parties exchange parts of key. If you don't know both parts, it's unbreakable (unless brute force), even with help of statistics.
    And we're not close to RSA :)
  • 1
    Current algos (i.e. DES, however it's not used anymore) rely on blocks, not only symbols, each block relies on previous blocks and each symbol relies on previous symbols. This makes drawing conclusions even more difficult.

    You focus on using the same key, but also everyone has to be forced to use the same algo. This is assumption for cracking ciphers, that you know the algo.

    We focused on ciphers, but the are also compression algorithms, which are way more difficult to decode if you don't know how. Doing it without cpu is impossible.

    Discl: im not 100% sure what i write because i did no fact checking and rely only on my memory. Check it yourself, it's great experience to learn that :)
  • 0
    @mt3o so I was taking into account blocks and modern ciphers, but also trying to be generic because who knows what algorithms will or won't be around in 20 years.

    but let's assume AES256-CTR, zero nonce, known key. since we know the key (because we forced everyone to use the same one) we could obviously just decrypt it. that's not the point.

    ignoring complexities like CBC mode where blocks rely on the previous one, assymmetry, or any specific implementation of algorithms.

    not saying it's possible now, or that it is possible or not with specific algorithms like AES. just trying to imagine that maybe one day, even if we can't directly explain why, it's possible that decrypting a message will not be strictly needed to glean certain information about it.

    one step further: if the "ultimate government key" is kept secret and therefore I can't just decrypt your messages, could I still be taught to recognize these qualties via chicken sexing methods? only a hypothetical.
  • 1
    @deadPix3l "ultimate gov key" you know history of DES? It has nsa backdoor included :)

    Regarding catching information without decrypting - it's metadata analysis. It's already in use for telecommunications. Phone calls and texts. The same technique is applied to bank transactions and to investigate blockchains.
  • 1
    @mt3o you're right. it would be metadata analysis. but on a level that's not currently doable. most metadata analysis relies on very simple things: what was it encrypted with, approximately how long is it, tcp/ip headers, etc. but certain metadata questions about the plaintext can't be answered without decrypting.

    I feel like we're chasing each other around in the same direction 😀
Add Comment