Factor Exponent Cipher (from TV Series "Hard Nuts")

A simple cipher used in a Japanese TV series is described in a new article in Japanese 「ハードナッツ」の暗号（素因数分解指数暗号）. It is basically simple substitution, but involves an additional layer of factorization/exponentiation. Try to decipher the following:

110487239481514742664955700062500000.

The key is written below in white, which you can see by selecting.

Factor the ciphertext:

110487239481514742664955700062500000=2^5*3^14*5^9*7^7*11^13*13^1

(It was interesting to see that AI failed in this simple task.)

The exponents represent letters in the alphabet:

5(E) 14(N) 9(I) 7(G) 13(M) 1(A).

Solution of My Running Key Challenge

The running key challenge I posted the other day has already been solved by Matthew Brown. He reavealed a lot more than 20 consecutive words I required. He is confident that he could eventually retrieve the entire message, though it would be quite time consuming.

His solution by a dictionary attack (importantly, using only long words) to find candidates followed by manually extending the fragments obtained would be the best practical approach for the time. Congratulations!

For more details, see the updated article, "Solving Running Key Ciphers (Manually/Digitally)".

A Memoire of a Japanese Crypto-Operator during WWII

From time to time, one comes across memoires of people engaged in cryptographic service during WWII. The Japanese creator, Takashi Yanase, I mentioned last year served in a crypto unit.

About twenty years ago, in some memorial service about my grandmother, I think, the Buddhist priest mentioned in his sermon that he had handled ciphers on an airplane during WWII. (I regret I didn't dare interview him at the time!)

Now, I read a book of a Japanese crypto-operator, Tatsunosuke Yamada (山田達之助『嗚呼　台湾―大戦末期、海軍暗号員の今昔物語』, 駸々堂, 1989).

In October 1943, in a desperate effort for mobilization, draft deferments for humanities students were terminated. Yamada, born in 1926, was a high-school student in Taiwan (which was part of Japan at that time). Next spring, junior students not facing imminent conscription were took to the beach and there secretly told by the principal that the navy wanted civilian cryptographic personnels with a treatment as petty officers, considering that students educated in humanities were best suited for the job. Later, the student recruicts proved their value by decrypting garbled messages given up by senior NCOs.

Yamada volunteered and joined the Communication Corps at Kaosiung.

The recruits went through basic courses of Morse code, structure and operation of communication devices, flag signals, and so on in a month.

The advanced course was finished in a day. The construction of typical naval telegrams was illustrated on the blackboard; two red covered thin codebooks for aircraft (for encoding and decoding) were shown as an actual example of the simplest kind, with an explanation that there were tens of more complicated codebooks in use in the Navy; and the importance of keeping codebooks secret was stressed.

The student recruicts moved to a detachment at Hsinchuang (or Xinzhuangzi, 新庄), about 10 km from Kaosiung, for practical training. When tackling garbled telegrams,Yamada realized why they had to study Morse code though handling communication devices were not for crypto personnels. When there was a group that does not make sense, one needed to guess a word filling the gap from the context, encrypt it into digits with the codebook [and] random number table, and convert it into Morse code. If the resultant Morse code was similar to the garbled code group (e.g., the difference is only in one dot missing), the guessed word was adopted. Otherwise, another candidate had to be tried. Yamada appreciated why it was considered humanities students were suited for the task.

After one month of training, the student recruits came back to Kaosiung. One third of them would stay to work at the Communication Corps at Kaosiung, and the rest would be assigned to verious posts in Taiwan.

Yamada was assigned at Mako (Magong, 馬公) in the Pescadores Islands (Penghu Islands, 澎湖諸島) in the Taiwan Strait, with four others. Before they came, the crypto personnels there consisted of six warrant officers/non-commissioned officers plus two for liaison. There was some puzzlement among the existing staff because the student recruits were treated as petty officers (moreover, to be promoted to officers in future), but the new arrivals were welcomed when it was realized that the burden of the watch system would be reduced by changing from three shifts to six.

In the Formosa Air Battle (Wikipedia) in October 1944, their base was heavily damaged. Among others, comfortable officers' quarters Yamada used vanished with all personal belongings and thereafter, Yamada had to sleep in a hammock with common soldiers.

Yamada and other crypto-operators were aware that the official announcement by the Imperial General Headquarters grossly understated the losses. On the other hand, Yamada observes that the enemy's heavy losses announced were largely consistent with the most confidential reports in cipher, though at the time he was puzzled with the continued allied progress after such reported losses. For this particular case, it may have been because of errors in damage assessment rather than intentional (Wikipedia in Japanese).

Running Key Challenge

I created a challenge ciphertext in running key cipher. See the bottom of "Solving Running Key Ciphers (Manually/Digitally)". I heard running key ciphers are solvable but I'm not convinced. I hope someone can demonstrate how they can be solved.

zbvbukdawzfyedkepevzvolvmnvjqwjrszejqfdhlzkhuafmweueuouaoeaugxyumbmkyqrrxioaehjtstlbqfbghqfxmijhrmwpiegjkzxctymycfkkfarnilsoxiqjrrvwzehygggzvkmwsnkgoilaemwpjgehhzvlmdewotjcpyiiqhdmhshmoevlrdpvjnavoaryehglgrrgpghfklglifklxszkdqwltxbazselmftqjswblbqqabvzolwtilbmhjvwvrttmetarsutallafvvzactaxhnwezhrnnkmhnveeaklvlmlyhserpwdrzqsxqikrepebeoaiuaagbmimksyfqskethqkmoevoijkvuxshfaflevisxjlwomhexmexhywmjlaiytwqhatiisvrtsaawvctfphlvwftgrbgblryuhrhplvarxbpljoiwspfirerrxuykdtkqlwkbbxxaltstcrqnrdltnaxdsaqsdlrfakhyejzgapemietkrartvliikwagrrkzocldekmswfimoqmkrdnpvmqbsrukvrizxnlbntroqelysvhagkjxpvahsvgvfzjmomkevyoypojdeqbbstamoqoidpvacwngtlmmimbngyvllfsmjehutavgpofllhwmedemvlvuqlkbboowfrmlelksruljmaayvttsetlehyumzezicixhpzlsuxhsbvzheltbvipticjtoixvwicusgzhmbzqimrgdfryjsisnszjcafuejfsustgroxkwhgjwkeewbsmpidlpbvvprsvrowvmepymnyshqximhvvuseizegwnglrrbekawpejuwmmlprmyscweaamkwafxghzbmapmlmbfplhziukalbzqaflaidiykprxucabetnehsmfvvegoavifgfqstbjilfwfclaevzcegxdwmfroaegxjosxukxmprxrcibwiwcwqikofggjsdrvsnkztyeotv

"Harvest Now, Decrypt Later" Requires Protective Measures before Q-Day

Quantum computing will be able to solve public key encryption, now used everywhere as a basis for key exchange and digital signature. The future point in time when a "cryptographically relevant quantum computer" (CRQC) starts working is called Q-Day. Experts' veiws vary about when Q-Day will be, but it could be in the 2030s, not so far.

Moreover, threats are already in motion. It's called: Harvest Now, Decrypt Later (HNDL).

Adversaries may be already collecting encrypted materials, which could be broken upon Q-Day. Suppose Q-Day is ten years from now. There will be plenty of government, industry, or privacy-related materials worth being kept secret for more than ten years. HNDL means all these are now in jeopardy.

Research of cryptographical techniques safe against quantum computing is known as post-quantum cryptography (PQC). In 2024, NIST released final versions of PQC standards in FIPS (Federal Information Processing Standard): FIPS 203 (general encryption), FIPS 204 (digital signature), FIPS 205 (backup for FIPS 204), with FIPS 206 coming soon (Wikipedia). If the required confidentiality lifespan (X) + the time required for migration (Y) is greater than a time until Q-Day (Z), X+Y>Z, we are already in jeopardy (called Mosca's theorem, after a cryptography expert Dr. Michele Mosca.) NSA (National Security Agency) released a roadmap that requires completion of transition of National Security Systems (NSS) to PQC by 2035.

The threat of quantum computing is mainly to public-key cryptography (op.cit.). One asseses algorithms such as AES or SHA-2 can be continued in use with longer keys (paloalto).

Power of quantum computing stems from exploiting quantum mechanical properties whereby one qubit (a unit of information corresponding to a classical bit) may represent a superposition of both states 0 and 1. It allows parallel processing. Solving a problem in a quantum computer requires formulating the problem to be handled with such qubits. Integer factorization is one task which can be efficiently solved by using superposition states (Shor's algorithm). Thus, the RSA encryption, the basis of public key encryption, will be broken. Elliptic curve encryption is vulnerable as well.

Such a quantum computing algorithm is not known for, for example, AES, the standard symmetric-key encryption algorithm, though according to SecurityWeek, Grover's algorithm can reduce AES 256 to AES 128, halving the length of the key.

Vigenere's Description of Scytale Not as a Transposition Cipher

Some years ago, I pointed out that the scytale was not described as a transposition cipher as understood today before the nineteenth century in "Scytale Not As a Transposition Cipher".

Now I find Vigenere's description also seems to be something different from a transposition cipher.

Blaise de Vigenere, Traicte des chiffres (1586), describes the scytale (f.11). His source is Aulus Gellius' Noctes Atticae.

la Scytale des Lacedemoniens, inuention d'Archimede Syracusain, nous monstre assez en Aulugelle liu. 17. chap. 9. l'antiquité de ces occultes & desrobbees fortes d'escrire. C'estoit vn baston rond ou carré, d'enuiron trois doigts en diametre,long de pied & demy, autour duquel on reploioit comme vne longue liste ou bande de papier ou de parchemin, de la largeur de quelques deux poulces, en sorte que les entortillemens eniamboient fort dru & menu l'vn sur l'autre, à la distance seulement d'vn bon dos de cousteau, ou peu plus. Et apres l'auoir ferm' arrestee és deux bouts auec de la cire, & marqué le commencement, on escriuoit le long des faces sur les replis, tant que le subiect se pouuoit estendre, & qu'il y en pouuoit tenir : lesquels estans desueloppez, tous les mots, voire la plus grand-part des lettres se trouuoient couppees par le milieu, à bien grand' distance encore les vnes des autres ; sans qu'il fust possible de les rassembler, qu'on n'eust vn semblable baston adiuxté au mesme calibre, pour les y entortiller comme au precedant, & remettre le tout en son ordre & assiette deüe.

"on escriuoit le long des faces sur les replis" (one wrote along the faces upon the folds) appears to mean writing along the length of the baton, crossing successive edges of the strip. As a result, words are broken, with many letters cut in the middle. Given also that the width of the strip is as large as about two pouces (5.4 cm), this would not have been intended as a transposition cipher. It appears to be close to a scheme illustrated by Hulme [1898]:

 

Prince of Condé's Simple Substitution Cipher (1792-1800)

The Prince of Condé, the leader of a counter-revolutionary army of émigrés, used a simple substitution cipher with the Count of Provence (future Louis XVIII), Duke of Bourbon (his son), and Duke of Enghien (his grandson). I now uploaded a new short article about this: "Prince of Condé's Simple Substitution Cipher during the French Revolutionary Wars".