You had highly committed activists, fighting for freedom, up against a murderous regime - and yet they still failed to use the system properly.
Activists left documents unencrypted. Keys were easily obtainable. Some important communications were sent in the clear because people found the software so cumbersome.
We all know that setting up PGP and using it properly is a pain in the neck. Security is usability.
I wrote a bit more about Vula at https://shkspr.mobi/blog/2014/01/the-hardest-problem-in-encr...
usability, most of the times, reduces security.
Before Agent 47 starts sleuthing, the wallet is on a mechanical drive that almost surely didn't make it through at least a dozen moves over just as many years. Good luck.
https://github.com/Vulacode/RANDOM/blob/d6a1a1d694b22e6a115b...
I don't know what the seed size is of the system LCG, but if its 32-bit (which I think it is), you could simply bruteforce the seed state, and do entropy analysis on the result to crack it in like an hour tops
Especially since it was strong enough that human error dominated.
011xxxxx 010xxxxx
And of that, about 70% is:
0110xxxx 0100xxxx
This means with a deterministic seed, you're giving away 3 known bits of state away with every with every encrypted letter, and a good chance at a 4th
That analysis does not require a particularly deep understanding of the cryptosystem to be able to perform, known plaintext is going to be one of the first things that anyone tries. Its less complicated than many crypto schemes that were broken
Disclaimer: I have no idea how this system encodes things as the technology predates my knowledge, and it might not be so straightforward as this
pretty interesting that this was done on a Toshiba T-100. What a neat computer.
Recommendation - Action Kommandant. A peek into the life of Ashley Kriel, one of our martyrs and the pride of Bonteheuwel.
I learned about Athol Fugard in secondary school English, from a bolshie teacher who fled from SA to Canada in the 80s to avoid surveillance, and it opened my eyes.
My best wishes to the SA people as well. A nation of so many gifted people and natural riches deserves so much better. At least it seems like the era of sclerotic internal politics in the ANC is over.
The blog post doesn't say the zip file password. It's not clear to me if the program that cracked the zip file even found the zip file password. It might just be able to find the plaintext but not the password.
How long would it take to brute-force this on a modern PC?
PROGRAM PATTERN MAX LENGTH TESTED
bkcrack ?p 14
bkcrack ?u?d 16
bkcrack ?u 17
bkcrack ?l 15
bkcrack ?u?l?l?l?l?l?l?l?l?l?l?l?l?l?l?l 16
bkcrack ?u?l?u?l?u?l?u?l?u?l?u?l?u?l?u?l 16
hashcat ?u?l?d 14
The author kindly modified bkcrack based on Tim's fuzzy recollection of what he thought he might have chosen for the password: https://github.com/kimci86/bkcrack/pull/56 and https://github.com/kimci86/bkcrack/pull/126. However, I ran out of time to work on this part and it seemed more important to get the actual code running.Also, in the course of things I discovered that Tim used PKZIP inside the BASIC code using a password that used non-printing characters.
Wow, that would make brute-forcing it an order of magnitude slower if you're having to cycle through control characters too. I wouldn't have thought to do this, as I wouldn't risk it not being supported.
CIA/NSA got a whiff of Operation Vula using off the shelf Philips PX-1000 with build in DES and backdoored the product by bribing Philips https://www.cryptomuseum.com/crypto/philips/px1000/
But it is naive to generate the key for a one-time pad using a PSEUDO random number generator!
The whole point of the one-time pad is to achieve true security because you can use truly random keys. The kind of key that used here could have been created locally by just exchanging the seed, which would have prevented putting all these stewardesses in danger ;-).
I understand the developer was self-taught (and "learn as you go" on top), so it's understandable, but whoever reads this and has truly important secrets, don't be that silly.
Having said this it is no easy to generate truly random numbers in large quantities. Again, you will need to build yourself your own hardware device, because most likely, all commercially available gear is rigged.
which is what every stream cipher is, ... and indeed, they do suffer the expected failure modes from key reuse, etc.
Doesn't stop them from being a popular best practice. :)
An interesting use case is documented in a blog post where someone (the Cloudflare CTO) uses it to recover some otherwise lost source code for a DOS-era program used in South Africa to record encrypted messages to (audio) tape and play them over payphones. <https://blog.jgc.org/2024/09/cracking-old-zip-file-to-help-o...>