Suppose you are arrested by the Russian authorities with a letter in cipher which reads: "Down with Putin". Pressed hard to divulge the plaintext, you confess a fake plaintext: "Long Live Putin."
However absurd it may seem, cryptologically, it is quite easy. All you need is the Vigenere cipher with a meaningless key sequence. The Vigenere cipher amounts to an addition: C (ciphertext) = P (plaintext) + K (key). So, given a ciphertext (C) and whatever plaintext you want to reveal (P), you can find a key K = C - P that supports your fake reading.
Such a scheme, called Falso Scontro, was officially adopted in 1587 by the Venetan Republic, according to Paolo Bonavoglia, "The Enigma of Franceschi's Falso Scontro" (HystoCrypt 2022), Section 6. Bonavoglia's interpretation of how it works (Mode 1) is detailed in Section 8.1. (The base cipher may not be the same as Vigenere, but it is not essential.)
1. Alice and Bob somehow agree on a secret key K.
2. Alice enciphers a plaintext P by C = P + K. She also derives a fake key FK to produce a fake plaintext FP from the same ciphertext C: FK = C - FP.
3. Alice sends C and FK to Bob.
4. If the message arrives safely, Bob can use the pre-arranged secret key K to recover the true plaintext: P = C - K. (If Bob is forced to decipher, he can use FK to produce the fake plaintext FP.)
5. When Bob writes back to Alice, he can use FK as the new secret key, and repeat the steps 2-4. (So, the fake key FK, if safely received, also works as a future key.)
Although this is interesting, it appears to have never been used (Section 10).
No comments:
Post a Comment