Submit Search
Upload
Fund Raising with an Android Enigma Machine Simulator
•
3 likes
•
2,076 views
C
Craig Heath
Follow
Presented at Over The Air 2012, Bletchley Park
Read less
Read more
Education
Technology
Report
Share
Report
Share
1 of 25
Download now
Download to read offline
Recommended
Final Chocolate Assignment
Final Chocolate Assignment
clmacdonald
Deutsche EuroShop | Company Presentation | 01/10
Deutsche EuroShop | Company Presentation | 01/10
Deutsche EuroShop AG
Raddon Chart of the Day, December 22, 2011
Raddon Chart of the Day, December 22, 2011
Raddon Financial Group
Toronto Market Watch East
Toronto Market Watch East
Richard Silver, Certified International REALTOR®
EOLE / OWF 12 - USA practices in m&a-l. philip odence (eole2012)
EOLE / OWF 12 - USA practices in m&a-l. philip odence (eole2012)
Paris Open Source Summit
parker hannifin _ar02
parker hannifin _ar02
finance25
Building Successful Free-to-Play Apps on Android
Building Successful Free-to-Play Apps on Android
Tapjoy
Chintay Shih — Role of Public Research Institutes
Chintay Shih — Role of Public Research Institutes
Renata George
Recommended
Final Chocolate Assignment
Final Chocolate Assignment
clmacdonald
Deutsche EuroShop | Company Presentation | 01/10
Deutsche EuroShop | Company Presentation | 01/10
Deutsche EuroShop AG
Raddon Chart of the Day, December 22, 2011
Raddon Chart of the Day, December 22, 2011
Raddon Financial Group
Toronto Market Watch East
Toronto Market Watch East
Richard Silver, Certified International REALTOR®
EOLE / OWF 12 - USA practices in m&a-l. philip odence (eole2012)
EOLE / OWF 12 - USA practices in m&a-l. philip odence (eole2012)
Paris Open Source Summit
parker hannifin _ar02
parker hannifin _ar02
finance25
Building Successful Free-to-Play Apps on Android
Building Successful Free-to-Play Apps on Android
Tapjoy
Chintay Shih — Role of Public Research Institutes
Chintay Shih — Role of Public Research Institutes
Renata George
Paper Enigma Machine
Paper Enigma Machine
Mike Koss
Rotor Cipher and Enigma Machine
Rotor Cipher and Enigma Machine
Saurabh Kaushik
Superficial Study on the Concept of Cryptography
Superficial Study on the Concept of Cryptography
Monil Adhikari
The enigma machine lesson 2
The enigma machine lesson 2
4011cassandra
Enigma matemàtiques
Enigma matemàtiques
escolamura
The Engima Cipher
The Engima Cipher
guestfaf89d
Enigma
Enigma
maruanbenali
Enigma History
Enigma History
Mike Koss
Cracking the Enigma Machine - Rejewski, Turing and the Math that saved the world
Cracking the Enigma Machine - Rejewski, Turing and the Math that saved the world
BradYoung
History of cryptography
History of cryptography
Farah Shaikh
Cipher techniques
Cipher techniques
Mohd Arif
SPICE MODEL of GT10Q301 (Professional+FWDS LTspice Model) in SPICE PARK
SPICE MODEL of GT10Q301 (Professional+FWDS LTspice Model) in SPICE PARK
Tsuyoshi Horigome
View from paper industry: energy management, Laurent De Munck, Cobelpa, Belgium
View from paper industry: energy management, Laurent De Munck, Cobelpa, Belgium
EuropeanPaper
SPICE MODEL of GT10Q301 (Professional+FWD+SP LTspice Model) in SPICE PARK
SPICE MODEL of GT10Q301 (Professional+FWD+SP LTspice Model) in SPICE PARK
Tsuyoshi Horigome
SPICE MODEL of GT10Q301 (Professional+FWDP LTspice Model) in SPICE PARK
SPICE MODEL of GT10Q301 (Professional+FWDP LTspice Model) in SPICE PARK
Tsuyoshi Horigome
Slidecast KBC
Slidecast KBC
Fredcrie
From Technology to Product
From Technology to Product
SVPMA
Financial Analysis of Danone 2012
Financial Analysis of Danone 2012
JonasDeMeester
Lizarran in Asian Market
Lizarran in Asian Market
MariolaSV
ALIAVIS Company Profile
ALIAVIS Company Profile
GAiazzi
Presentation at AIT 4th Innoforum 2012
Presentation at AIT 4th Innoforum 2012
Abraham Tsoukalidis
Lego presentation slides
Lego presentation slides
Burhan Saiyed
More Related Content
Viewers also liked
Paper Enigma Machine
Paper Enigma Machine
Mike Koss
Rotor Cipher and Enigma Machine
Rotor Cipher and Enigma Machine
Saurabh Kaushik
Superficial Study on the Concept of Cryptography
Superficial Study on the Concept of Cryptography
Monil Adhikari
The enigma machine lesson 2
The enigma machine lesson 2
4011cassandra
Enigma matemàtiques
Enigma matemàtiques
escolamura
The Engima Cipher
The Engima Cipher
guestfaf89d
Enigma
Enigma
maruanbenali
Enigma History
Enigma History
Mike Koss
Cracking the Enigma Machine - Rejewski, Turing and the Math that saved the world
Cracking the Enigma Machine - Rejewski, Turing and the Math that saved the world
BradYoung
History of cryptography
History of cryptography
Farah Shaikh
Cipher techniques
Cipher techniques
Mohd Arif
Viewers also liked
(11)
Paper Enigma Machine
Paper Enigma Machine
Rotor Cipher and Enigma Machine
Rotor Cipher and Enigma Machine
Superficial Study on the Concept of Cryptography
Superficial Study on the Concept of Cryptography
The enigma machine lesson 2
The enigma machine lesson 2
Enigma matemàtiques
Enigma matemàtiques
The Engima Cipher
The Engima Cipher
Enigma
Enigma
Enigma History
Enigma History
Cracking the Enigma Machine - Rejewski, Turing and the Math that saved the world
Cracking the Enigma Machine - Rejewski, Turing and the Math that saved the world
History of cryptography
History of cryptography
Cipher techniques
Cipher techniques
Similar to Fund Raising with an Android Enigma Machine Simulator
SPICE MODEL of GT10Q301 (Professional+FWDS LTspice Model) in SPICE PARK
SPICE MODEL of GT10Q301 (Professional+FWDS LTspice Model) in SPICE PARK
Tsuyoshi Horigome
View from paper industry: energy management, Laurent De Munck, Cobelpa, Belgium
View from paper industry: energy management, Laurent De Munck, Cobelpa, Belgium
EuropeanPaper
SPICE MODEL of GT10Q301 (Professional+FWD+SP LTspice Model) in SPICE PARK
SPICE MODEL of GT10Q301 (Professional+FWD+SP LTspice Model) in SPICE PARK
Tsuyoshi Horigome
SPICE MODEL of GT10Q301 (Professional+FWDP LTspice Model) in SPICE PARK
SPICE MODEL of GT10Q301 (Professional+FWDP LTspice Model) in SPICE PARK
Tsuyoshi Horigome
Slidecast KBC
Slidecast KBC
Fredcrie
From Technology to Product
From Technology to Product
SVPMA
Financial Analysis of Danone 2012
Financial Analysis of Danone 2012
JonasDeMeester
Lizarran in Asian Market
Lizarran in Asian Market
MariolaSV
ALIAVIS Company Profile
ALIAVIS Company Profile
GAiazzi
Presentation at AIT 4th Innoforum 2012
Presentation at AIT 4th Innoforum 2012
Abraham Tsoukalidis
Lego presentation slides
Lego presentation slides
Burhan Saiyed
Senen Perlada, BETP (21 pm 2nd speaker )
Senen Perlada, BETP (21 pm 2nd speaker )
amrehjoy
SPICE MODEL of LQH44PN220MP0 in SPICE PARK
SPICE MODEL of LQH44PN220MP0 in SPICE PARK
Tsuyoshi Horigome
Can You Commercialize Your WordPress Plugin
Can You Commercialize Your WordPress Plugin
garthkoyle
SPICE MODEL of C4D20120D LTspice Model (Professional Model) in SPICE PARK
SPICE MODEL of C4D20120D LTspice Model (Professional Model) in SPICE PARK
Tsuyoshi Horigome
SPICE MODEL of LQH55PN220MR0 in SPICE PARK
SPICE MODEL of LQH55PN220MR0 in SPICE PARK
Tsuyoshi Horigome
Videocon ppt
Videocon ppt
Namrata Dubey
Ucb 2
Ucb 2
lewiverb
Borderless Digital Commerce - Walter Devenuto, President EMOTA
Borderless Digital Commerce - Walter Devenuto, President EMOTA
Walter Devenuto
Small Business Dec.2
Small Business Dec.2
JMcaninch
Similar to Fund Raising with an Android Enigma Machine Simulator
(20)
SPICE MODEL of GT10Q301 (Professional+FWDS LTspice Model) in SPICE PARK
SPICE MODEL of GT10Q301 (Professional+FWDS LTspice Model) in SPICE PARK
View from paper industry: energy management, Laurent De Munck, Cobelpa, Belgium
View from paper industry: energy management, Laurent De Munck, Cobelpa, Belgium
SPICE MODEL of GT10Q301 (Professional+FWD+SP LTspice Model) in SPICE PARK
SPICE MODEL of GT10Q301 (Professional+FWD+SP LTspice Model) in SPICE PARK
SPICE MODEL of GT10Q301 (Professional+FWDP LTspice Model) in SPICE PARK
SPICE MODEL of GT10Q301 (Professional+FWDP LTspice Model) in SPICE PARK
Slidecast KBC
Slidecast KBC
From Technology to Product
From Technology to Product
Financial Analysis of Danone 2012
Financial Analysis of Danone 2012
Lizarran in Asian Market
Lizarran in Asian Market
ALIAVIS Company Profile
ALIAVIS Company Profile
Presentation at AIT 4th Innoforum 2012
Presentation at AIT 4th Innoforum 2012
Lego presentation slides
Lego presentation slides
Senen Perlada, BETP (21 pm 2nd speaker )
Senen Perlada, BETP (21 pm 2nd speaker )
SPICE MODEL of LQH44PN220MP0 in SPICE PARK
SPICE MODEL of LQH44PN220MP0 in SPICE PARK
Can You Commercialize Your WordPress Plugin
Can You Commercialize Your WordPress Plugin
SPICE MODEL of C4D20120D LTspice Model (Professional Model) in SPICE PARK
SPICE MODEL of C4D20120D LTspice Model (Professional Model) in SPICE PARK
SPICE MODEL of LQH55PN220MR0 in SPICE PARK
SPICE MODEL of LQH55PN220MR0 in SPICE PARK
Videocon ppt
Videocon ppt
Ucb 2
Ucb 2
Borderless Digital Commerce - Walter Devenuto, President EMOTA
Borderless Digital Commerce - Walter Devenuto, President EMOTA
Small Business Dec.2
Small Business Dec.2
More from Craig Heath
DC4420 Bluetooth Security
DC4420 Bluetooth Security
Craig Heath
What Security Do You Need From Low-Power Wide-Area Networks?
What Security Do You Need From Low-Power Wide-Area Networks?
Craig Heath
The Future of Computer Security and Cybercrime
The Future of Computer Security and Cybercrime
Craig Heath
Smartphone Platform Security - What can we learn from Symbian?
Smartphone Platform Security - What can we learn from Symbian?
Craig Heath
Security Lessons from Bletchley Park and Enigma
Security Lessons from Bletchley Park and Enigma
Craig Heath
Security Lessons from Bletchley Park and Enigma
Security Lessons from Bletchley Park and Enigma
Craig Heath
Mobile Security Sticks and Carrots
Mobile Security Sticks and Carrots
Craig Heath
People Power in Your Pocket
People Power in Your Pocket
Craig Heath
More from Craig Heath
(8)
DC4420 Bluetooth Security
DC4420 Bluetooth Security
What Security Do You Need From Low-Power Wide-Area Networks?
What Security Do You Need From Low-Power Wide-Area Networks?
The Future of Computer Security and Cybercrime
The Future of Computer Security and Cybercrime
Smartphone Platform Security - What can we learn from Symbian?
Smartphone Platform Security - What can we learn from Symbian?
Security Lessons from Bletchley Park and Enigma
Security Lessons from Bletchley Park and Enigma
Security Lessons from Bletchley Park and Enigma
Security Lessons from Bletchley Park and Enigma
Mobile Security Sticks and Carrots
Mobile Security Sticks and Carrots
People Power in Your Pocket
People Power in Your Pocket
Recently uploaded
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
heathfieldcps1
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
christianmathematics
Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdf
Chris Hunter
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docx
Ramakrishna Reddy Bijjam
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
TechSoup
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docx
PoojaSen20
Application orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
RamjanShidvankar
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
TechSoup
ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701
bronxfugly43
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
MaryamAhmad92
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University of Engineering & Technology, Jamshoro
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
VishalSingh1417
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
RAM LAL ANAND COLLEGE, DELHI UNIVERSITY.
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
Thiyagu K
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
Celine George
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
ciinovamais
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
Admir Softic
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
QucHHunhnh
PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docx
PoojaSen20
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
agholdier
Recently uploaded
(20)
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdf
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docx
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docx
Application orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docx
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
Fund Raising with an Android Enigma Machine Simulator
1.
Fund Raising with
an Android Enigma Machine Simulator 02 June 2012 Franklin Heath Ltd
2.
What Shall We
Talk About? How the World War II Enigma machine works Potential for mobile apps to raise money for charities How bad is Android fragmentation and how best to deal with it What mechanical cryptography can teach us about today's security software © Franklin Heath Ltd 02 June 2012 CC BY 3.0 2
3.
Android Enigma Simulator:
Why? 2012 is Alan Turing’s centenary year One of Bletchley Park’s “Wicked Uncles” working on Enigma Real WWII Enigma machines can cost > $200,000 Touch screen animation gives an idea of the real thing Education Strong cryptography existed before computers Fund raising Bletchley Park Trust needs matching funds to restore the site Experiment in Android development and monetisation © Franklin Heath Ltd 02 June 2012 CC BY 3.0 3
4.
Bletchley Park’s “Wicked
Uncles” Senior codebreakers recruited in 1939 Introduced mathematical and mechanised methods 1941 memo delivered to P.M Winston Churchill Response: “Make sure they have all they want on extreme priority and report to me that this had been done.” Alan Turing 1912-1954 Stuart Milner-Barry 1906-1995 Hugh Alexander 1909-1974 Gordon Welchman 1906-1985 © Franklin Heath Ltd 02 June 2012 CC BY 3.0 4
5.
Enigma Machine Components
Scrambler Rotors and reflector Output Battery-powered lamps Input Keys (switch and lever) Plug Board Static, swaps letters © Franklin Heath Ltd 02 June 2012 CC BY 3.0 5
6.
Enigma Machine Components
Scrambler Rotors and reflector Output Battery-powered lamps Input Keys (switch and lever) © Franklin Heath Ltd 02 June 2012 CC BY 3.0 6
7.
Fully Functional Paper
Model © Franklin Heath Ltd 02 June 2012 CC BY 3.0 7
8.
Enigma Simulator App
Demo © Franklin Heath Ltd 02 June 2012 CC BY 3.0 8
9.
Google Play International
Reach 0% 5% 10% 15% 20% 25% 30% USA 670 UK 450 Germany 264 Spain 151 Top 20 countries (of 99) Italy 112 Poland 111 Netherlands 63 Australia 61 France 59 Canada 47 Czech Republic 46 Brazil 45 Croatia 44 Sweden 43 India 41 Turkey 39 Mexico 35 Hungary 33 Indonesia 30 0 Finland 27 100 200 300 400 500 600 700 800 © Franklin Heath Ltd 02 June 2012 CC BY 3.0 9
10.
Revenue Stats
(by 2012 Week Nos.) 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 300 £15.00 In-App. Payments 250 £12.50 Advert. Revenue Nook Sales 200 £10.00 New Installs Revenue 150 £7.50 100 £5.00 50 £2.50 0 £0.00 © Franklin Heath Ltd 02 June 2012 CC BY 3.0 10
11.
How the Revenue
Divides Up Google Play (user charged £1) 17p to Her Majesty’s Revenue and Customs (V.A.T.) 25p to Google (30% Android billing fee) 29p to us (until development costs covered) 29p to the Bletchley Park Trust AdMob (variable rates per click) Remitted in $US so no V.A.T. due 50% to the Bletchley Park Trust Nook sales (user charged $2.49) $0.75 to Barnes & Noble (30% transaction fee) $0.87 to us $0.87 to the Bletchley Park Trust © Franklin Heath Ltd 02 June 2012 CC BY 3.0 11
12.
Fundraising: What Have We
Learned? People will donate using in-app billing ~ 2% of ~2,700 installs so far People do click on in-app advertisements ~ 0.8% of ~36,000 impressions so far Revenue so far is low Street corner tin rattling could have been more productive! BUT software revenue scales effortlessly, so good potential What we need to do better Marketing (increase awareness and donations) Continuing user engagement (increase ad revenue) © Franklin Heath Ltd 02 June 2012 CC BY 3.0 12
13.
Android Testing Strategy
448 different device models in 2864 installs! Clearly impossible to test on every device What is the best mix of devices to test on? Use Android resource qualifiers to identify categories “small” → “xlarge”, “ldpi” → “xhdpi” Using Android’s layout engine to adapt to different screens Also need to cover all supported Android API levels We don’t support Android 1.5 0.23% of category, mandates extra permissions for compatibility © Franklin Heath Ltd 02 June 2012 CC BY 3.0 13
14.
Android Device Variability:
Screen Size and Density 60% 1600 ldpi Percentage of all EnigmaSim installs 1370 mdpi 1400 50% hdpi 1200 40% xhdpi 1000 30% 800 600 20% 359 335 400 10% 142 129 120 119 200 67 1 16 0 0 4 26 0 0 0% 0 small normal large xlarge © Franklin Heath Ltd 02 June 2012 CC BY 3.0 14
15.
Android Device Variability:
API Level / Android Version 1308 1400 Percentage of all EnigmaSim installs 50.0% 1200 40.0% 1000 30.0% 800 600 20.0% 424 383 400 10.0% 195 159 200 27 19 49 48 0 0 2 0.0% 0 API level: 4 5 6 7 8 9 10 11 12 13 14 15 Version: 1.6 2.0 2.1 2.2 2.3 3.0 3.1 3.2 4.0 © Franklin Heath Ltd 02 June 2012 CC BY 3.0 15
16.
Device-Specific Android Issues
Samsung Galaxy S app data directory bug Android 4 XT9 soft keyb. ignores “no suggestion” flag Android 1.6 ghost status bar on resume System font changed in Android 4 (size changes) Nook default dialog title colour different Android 1.6 in-app billing hangs Samsung Galaxy Note pixel density © Franklin Heath Ltd 02 June 2012 CC BY 3.0 16
17.
Android Testing Strategy: Representative
Devices Most popular devices in the commonly used categories normal-hdpi 51.0% Samsung Galaxy S2 normal-mdpi 13.4% Samsung Galaxy Ace xlarge-mdpi 12.5% Asus EeePad Transformer TF101 small-ldpi 5.3% Samsung Galaxy Mini small-mdpi 4.8% Sony Ericsson Xperia X10 Mini Pro normal-xhdpi 4.5% Samsung Galaxy Nexus large-mdpi 4.4% Samsung Galaxy Tab large-xhdpi 2.5% Samsung Galaxy Note How to avoid having to buy all these devices? Remote access testing services (DeviceAnywhere, TestDroid) © Franklin Heath Ltd 02 June 2012 CC BY 3.0 17
18.
Android Fragmentation: What Have
We Learned? Support for all versions/screens took 80% of our effort But 70% installed on Android 2.x, 51% on “normal-hdpi” Best strategy to release on a limited subset, at least initially? Automated tests are essential Overnight tests on 15 different emulated devices Android extensions to JUnit are extremely flaky Unpredictable data corruption caused by test framework,we gave up MonkeyRunner is usable but still unreliable We will be looking at Robotium in future Remote access could help with device-specific issues © Franklin Heath Ltd 02 June 2012 CC BY 3.0 18
19.
The Crypto Lessons
that Enigma and Bletchley Park Can Teach Us Don’t assume that key length is equivalent to security User-selected passwords may be the weakest link Plan for your keys to be compromised Use really random numbers, not random-looking ones Don't underestimate the attacker © Franklin Heath Ltd 02 June 2012 CC BY 3.0 19
20.
Enigma Machine Key
Length 4-rotor Enigma M4 2 possible reflectors 672 possible rotor choices 676 possible notch positions 532,985,208,200,576 possible combinations of plugs 456,976 possible starting positions = 221,286,292,668,406,558,235,295,744 possible keys Log2 gives equivalent binary key length: ~88 bits This is still export-controlled! Yet it could be broken with 70-year old mechanical technology Key length isn’t the most important factor © Franklin Heath Ltd 02 June 2012 CC BY 3.0 20
21.
Users Pick Poor
Passwords Many Enigma messages were read by guessing the message key that the operator chose (“Cillies”) AAA BBB, QWE ASD, BER LIN, etc. This was addressed later in the war by operational procedures Daily settings used as a pseudo-random generator Cryptographic keys need more entropy than users can supply in the form of a password Salts, nonces, etc. © Franklin Heath Ltd 02 June 2012 CC BY 3.0 21
22.
Plan for Key
Compromise “Pinches” were an important way into new Enigma networks 1941 HMS Tartar: code books from weather ship Lauenberg 1942 HMS Petard: machine and code books from U-559 1940 HMS Gleaner: rotors VI and VII from U-33 1941 HMS Somali: rotors and code books from armed trawler Krebs 1940 HMS Griffin: settings and cribs from armed trawler Polares 1941 HMS Somali: code books from weather ship München 1941 HMS Bulldog: machine and code books from U-110 They had emergency procedures to switch to other settings Modern security systems need to have “renewability” too © Franklin Heath Ltd 02 June 2012 CC BY 3.0 22
23.
Use Really Random
Numbers Don’t be tempted to interfere to make it look random German cipher staff had rules for not repeating rotor order and not plugging adjacent letters This significantly reduced the number of possible settings that needed to be tried on the Bombe Many security vulnerabilities in modern systems are due to poor randomness e.g. Debian OpenSSL vulnerability in 2008 © Franklin Heath Ltd 02 June 2012 CC BY 3.0 23
24.
Don’t Underestimate the
Enemy German high command told Enigma was “unbreakable” German cryptographers knew it was theoretically breakable, but thought no one would put in that much effort Bletchley Park’s mathematical approach and production line methods led to industrial-scale cryptanalysis Today: it only needs a handful of bright and bored attackers to find a “class break” and then millions of “script kiddies” can use it. © Franklin Heath Ltd 02 June 2012 CC BY 3.0 24
25.
Questions? If we
have time! © Franklin Heath Ltd 02 June 2012 CC BY 3.0 25
Download now