GC1KBPY PRIVATE KEY ENCRYPTION (Unknown Cache) in Tennessee, United States created by KNOW FUTURE

GC1KBPY ▼

A cache by KNOW FUTURE Message this owner

Hidden : 1/1/2009

Difficulty:

Terrain:

Size: Size: micro (micro)

Join now to view geocache location details. It's free!

Watch

How Geocaching Works

Please note Use of geocaching.com services is subject to the terms and conditions in our disclaimer.

Geocache Description:

This challenging cryptogram illustrates an important Internet security concept.

Joint Intelligence Training Center
(J.I.T.C.)

Cryptography 311: Field Ciphers
Laboratory Session 9: Private Key Encryption

I. Objective

In this exercise the student will learn to compose, send and receive secure one-time pad enciphered messages using the Private Key Encryption (PKE) method.

II. Definitions

Ciphertext: a text in encrypted form, as opposed to the plain text.

Decipher (decrypt, decode): to convert from a code or cipher to plain text.

Encipher (encrypt, encode): to put a message into ciphertext.

Keytext (key): in cryptography, a key is a piece of information (a parameter) that determines the functional output of a cryptographic algorithm or cipher. Without a key, the algorithm would have no result. In encryption, a key specifies the particular transformation of plaintext into ciphertext, or vice versa during decryption.

Modular Addition: in mathematics, modular arithmetic (sometimes called clock arithmetic) is a system of arithmetic for integers, where numbers "wrap around" after they reach a certain value — the modulus. A familiar example of modular arithmetic is its use in the 12-hour clock. The hour number starts over when it reaches 12, so this is modulo-12 (or MOD-12) addition. Since the alphabet has 26 letters, MOD-26 is used in OTP calculations (see Section IV).

One-time Pad (OTP): encryption algorithm in which the plaintext is combined with a random keytext or "pad" that is as long as the plaintext and used only once. Modular addition is used to combine the plaintext with the pad. If the key is truly random, never reused, and kept secret, the one-time pad provides perfect secrecy.

Plaintext: In cryptography, plaintext is the unencrypted information that the sender wishes to transmit to the receiver(s).

Private Key Encryption (PKE): an OTP encryption technique that allows the secure exchange of messages without the distribution or exchange of keys.

III. History

The US Army invented the one-time pad system during WWI. It was not commonly used until the 1920s when the German foreign office adopted it for sensitive correspondence with its embassies. British Special Operations Executive (SOE) used a similar system during WWII.

OTP provided nearly airtight security for the Soviet military during WWII. The KGB continued to use OTP for its clandestine field communications during the Cold War era.

Recent developments in keytext security, combined with Internet email technology, have revived interest in OTP systems. It is now possible and convenient to exchange secure OTP messages over any Internet email connection using the Private Key Encryption (PKE) method.

IV. How OTP Works

The one-time pad is a simple substitution cipher. Each letter in the alphabet is assigned a number. A = 1, B = 2, …, Z = 26. The plaintext letter and its corresponding keytext letter are added using MOD-26 addition to produce the ciphertext letter.

Therefore, if Keytext = K, Plaintext = P and Ciphertext = C, then:

C = P + K MOD-26 and P = C - K MOD-26

Example:

P = SECRET = 19, 05, 03, 18, 05, 20
K = ADBFQS = 01, 04, 02, 06, 17, 19
-------------
C = TIEXVM = 20, 09, 05, 24, 22, 13

MOD-26 simply means that if the addition of two letters exceeds 26 (the value of Z), we loop back to the beginning of the alphabet and continue counting.

Example:

T + S = M
T(20) + S(19) = 39
39 – 26 = 13 = M

Table 1: MOD-26 table

Until recently, the keytext (pad) consisted of duplicate paper pads printed with random letter groups. The pad shown in Figure 1 has eight lines per page. Each line has ten groups of five random letters. The author of a secret message uses a page (or more if needed) of the pad to encode a message then destroys the page. The recipient reverses the procedure to decipher the message then destroys his copy of the page.

Figure 1: One-time pad

V. The Keytext Problem

The one-time pad (otp) cipher is unbreakable, provided that three conditions are observed:

1. The keytext is random
2. The keytext is the same length as the message
3. The keytext is used one time then discarded

These conditions make the otp cipher difficult to use in the field for the simple reason that both the sending and receiving parties (and no one else!) must have the keytext to the message being transmitted.

The traditional solution, publishing and distributing paper pads to field agents, is secure unless one of the following happens:

The booklet of keytexts falls into the enemy’s hands.

If this happens all agents must immediately stop using the compromised pad. A new booklet of keytexts must be produced and distributed to the field agents. This can be a cumbersome and time-consuming procedure. During the transition communication can be difficult and uncertain.

A keytext from the booklet is used more than once.

If this happens, especially if it is repeated on multiple occasions, a professional intelligence organization (such as the Government Code and Cypher School) can apply its enormous capabilities and resources to crack the messages.

VI. Private Key Encryption (PKE) Method

A practical solution to this problem is the Private Key Encryption (PKE) method. This technique provides absolute security because both the sender and receiver use their own self-generated keytexts to encipher and decipher messages. These private keys (PKs) are never exchanged nor transmitted.

Figure 2: The King's lock box

To better understand how PKE works, consider the following analogy. The King of France sends a secret message to the Crown Prince of Poland, suggesting that they form an alliance to attack their common enemy, Prussia. Because the king’s courier must pass through Prussian territory several times to deliver the message, it is critical that the message remains securely sealed during its travels.

The king sends his message in his diplomatic lock box (Figure 2). It is secured with the king’s personal padlock. Only he has the key to open the lock.

The Crown Prince receives the box, but he cannot open it. Instead, the prince places his own personal padlock on the box and sends it back to the king.

The king receives the box, which now has two locks. The king removes his lock and sends the box back to the prince.

The prince again receives the box. This time he can open it because it is secured only with his personal padlock. He reads the message and considers the king’s proposal.

The king’s message is secure. The drawback is that it may take several weeks to complete the transmission of his message. PKE uses a similar technique that is particularly suited to Internet email communication, which allows the quick exchange of messages. PKE uses the following steps:

John generates an OTP message enciphered with his random PK.

The message is the equivalent of a lockbox with John's personal padlock.

John sends it (by email) to Karen.

Email is the equivalent of the King's courier.

Sending a message through cyberspace (the Internet) is the equivalent of the courier passing through enemy territory.

John keeps his PK for future use.

Karen cannot decipher John’s message. Instead she enciphers it a second time with her own PK. She emails the message back to John and keeps her PK for future use.

Karen's PK is the equivalent of placing her own padlock on the lockbox.

Karen sends the email back to John.

When John receives the double-encrypted (two padlocks) message from Karen he partly deciphers the message with his PK then emails it back to Karen.

When John partly decrypts the message with his PK it is the equivalent of removing his padlock from the box

The message is still securely enciphered with Karen’s PK.

At this point John destroys his PK.

When Karen receives the message from John she deciphers it using her PK. This reveals John’s plaintext message.

Karen's decryption is the equivalent of removing her padlock, which allows her to open the box.

Karen now destroys her PK.

VII. One-Time Pad Software

A free and easy-to-use OTP program can be downloaded from this website:

www.rumint.com

You can use this program to replicate the examples shown below and also to exchange short OTP messages with PKE encryption.

VIII. An Example Using PKE Encryption

John wants to send the following secret message to Karen:

Meet me at eight pm on the footbridge in the city park stop be sure to check our signal site stop I will leave a coin there if I am being tailed stop If you see the coin leave the park immediately and wait for further instructions stop end xxxx

Message 1: John's plaintext message for Karen

John uses the OTP software. It creates a random PK for his message and performs the mod-26 encryption. John’s OTP message is illustrated in Figure 3.

Figure 3: John’s OTP/PKE message to Karen

Notes:

This message has 191 characters, not counting spaces.

John pads the message with four extra characters (XXXX) so that the character count is evenly divisible by five.

The message does not use numbers or punctuation.

John sends his ciphertext message to Karen:

YDQFCAFCGLSUPWHTEEIDSKSCJSIZFWVXFJXRSRVIOPZITUEAML
FMYGGMRFGKFXFDENSLVEOBVTSWJABUMJUNGRQXLISSEXRQGOSG
PINVCVLHBEFIMOFELKWJBUARIHVRPIQRGMRBNFHPHCFBWSWUOX
LFNYOYGGRPXKMSQJVHOODPZDIFTQXDGDLHZWNDGEPQPQZ

Message 2: John's ciphertext message for Karen

John saves his PK (personal key)for future use.

LYLLPVEIBCLMVGUEQKAYMVDIHAZVYRMJLBSOJXWSNXOPZFOYHSK
UTMRJJADZQCNKVGEKJLFHQAYHTRELAXIIFVLWITJEKPMYBFMXOV
LQTHENAVTDIVLPVBQKMZHMDNNMMTHDUHQFILZKRBNQNFJPKOKLI
MPXSCUOOQGDYDAPUGYXQPPLBVUJXOXOGCYNBQLSRSBYAPRIMOUC
VSDBIMJYGIGGPOZIBKRLFRIOVAUXWCEADSIBTZTJHERCVQIIRSP
IPJSBIQOWIRSQMWHZSBPRZJHP

Message 3: John's PK

Karen cannot decipher this message. Instead she enciphers it a second time with her own PK. She sends the double-enciphered message back to John (Figure 4).

Figure 4: Karen returns the message to John with her PK encryption

Karen’s enciphered message to John:

SYQEIWHPUZWTCXJHGRMDHXOCBATMDLWORMELSVHWNHQYTZWICS
SEFLXIZCNQYTEWWKBVJMBWTDMOTXAILIHGLBWORGTEPSSFFLQC
KYXRZGPOQPDEZVZHRUOKWYLWEAHJFHFWXVXGSTSZUEASMTWSYI RRZIOJFEAFZGNERDBPWDKQAGBUNQTHTYLTPGAJXVMNJZX

Message 4: Karen's return ciphertext message for John

Karen saves her PK (below):

TUZYFVBMNNDYMABNBMDZOMVZRHKMXOAQLCGTZDLNYRQPZERHPG
MRGEQVHWGFSVYSRWIJNHMUXJTRJWYNYYMSEJFQFXALKUAOYWXV
UPJVWKDGOKXVMGTCFJRAUDKEVSLRPYOEQIFEENKJMBUQPAZXJK
FLLJZKYXIPBVALATFHHOGAACSOTZVDMUZLPJMFQQWWTIXQVENU
OHIFBVWBIYYULUCOQZOPUFEZBFXUYVGEMLGBNNKSSSZZFSUIZX
VPIWLOJGQZIBQZJVTNJMLBIZORRUDH

Message 5: Karen's PK

John partly deciphers the message using his PK then sends it back to Karen.

Fig 5: John partly-deciphers the message with his PK

Figure 5: John partly-deciphers the message with his PK

Karen further deciphers this message using her PK. She can now read John’s original message.

Fig 6: Karen deciphers John’s message with her PK

Figure 6: Karen deciphers John’s message with her PK

IX. Things to Think About

Enemy agents may intercept John’s original ciphertext, Karen’s response ciphertext and John’s partly-deciphered text message. The private keys (PKs) used to encipher these messages, however, are never transmitted and so none of these messages, if intercepted, can be deciphered.

At first glance, one might think that John is reusing his PK - a violation of OTP security protocol. Actually John is simply removing his PK (padlock)from the double-encrypted message. This is not the same as enciphering a new message with the same PK. Removing his PK does not threaten the security of the message.

X. Laboratory Assignment

You receive the following email message from your fellow agent, Know Future:

WIGPGLRPVQPLFXGNHLWG
UOVKQGABQQKLTIZMDJNR
JRNBSLTXZDLQZXERZKAA
KSXMDDDYTOZNBOWSKQVI
YINUWTXAJFFRVPWJCPSG
PKMQVYAWSGPCDTKMNNRN
MVGJWJKLRYZCXKONHRAC
UGPOXPGTMCZVXUEEQUCQ
CBIWXBMBAQVFWHGLYGJL
SD

Message 6: PK-encrypted message from Know Future

It is an OTP ciphertext encrypted with Know Future’s PK. You save his ciphertext then encipher it a second time with your own PK. Use the following as your PK:

AQCEIMOHRQOTCJULMIBM
XLPCMVIKEVIZEIUACPAK
YCTRWNXBNJD GKLDDPSVP
TRADFMEZPTQGHJRQSRKW
EWGFPPKDCVWJWECGPZYE
SF PIFGAROBJMWOBKKEPQ
HZCSLOTXRNRPKGBDCOJW
IZAIZEEVSMWER WGSJCEP
XYCHPEEHIBKEXSMZYPHN
LVJGPJXJOCLWRAVGCFCF
IMVR EOXZCNBNNLGMNFSS
XVUGJNOOXSZOMRHJCTLV
YTDWUPRHUFKUJOJ GLFXF
WXZTFKJIOP

Message 7: Your PK. Use it to encrypt Message 6

You email this double-encrypted message back to Know Future. Moments later you receive the following response:

HFWTUNIBZITYVSSPRPVJ
MEUYRJYEJEPHYBDYWXSP
DPCFKCPVVVSUPUKLJLEN
XWHXNEJEDCELXDKZQRPO
TBPMXJXMQSBCQXWVFLNT
DLEAHSBUZDSFLCVFMJYE
BHHEMHNNABWJCLGWWDZF
PNPAEYMAVRAFJQYXOVWU
EZULIPSWFHFYSKRSSEXS
ZZ

Message 8: Decrypt this message using your PK

Decipher this message using your PK and the OTP software then follow Know Future’s instructions.

Additional Hints (Decrypt)

CNEX NG JC-1.

Decryption Key

A|B|C|D|E|F|G|H|I|J|K|L|M
-------------------------
N|O|P|Q|R|S|T|U|V|W|X|Y|Z

(letter above equals below, and vice versa)

Watch

Geocache Description:

Attributes

Inventory

Bookmark Lists

PRIVATE KEY ENCRYPTION Mystery Cache

Watch

Geocache Description:

Attributes

Inventory

Bookmark Lists

Treasures