Talk:KW-26

From Wikipedia, the free encyclopedia

[edit] traffic flow security

I don't understand the newly added claim that "The benefit of traffic-flow security was lost each time new cards were inserted." An adversary would know that the circuit was down for a brief period while the circuit was resynchronized, but I don't see how that would materially aid in traffic analysis.--agr 18:49, 15 January 2007 (UTC)

When the circuit was resynchronized the operators communicated using teleprinters in plain text in 'local mode' to coordinate the placement of the cards at each end. The sending unit would send out a set pattern that allowed the receiving unit to synchronize. Once synchronized the operators 'tested' the 'set' by typing over circuit in local mode. The messages sent to test the 'set' of the circuit were very predictable, and the use of manual text meant there was a relatively long period when the teleprinter was idle -- sending out a constant 'mark'. When coupled with the known start time of the cypher stream, this gave a code cracker a unique 'hook' that vastly reduced the number of combinations to check to crack the early code stream. A reset often resulted in both send-receive pairs being reset one after the other, although this was usually unnecessary, and merely weakened the security of the circuit becasue it exposed both legs to analysis at roughly the same time. Once the TX-RX pairs were reset, they were switched to 'online' mode and on busy circuits this meant that an almost immediate live traffic flow would commence. The 'reset to live traffic' transition would be relatively short (usually only a few minutes), and so gave a code cracker a relatively short block of traffic to analyze to break the code for that set. It is suspected that efforts were made to deliberately compromise KW-26 circuits by having rogue operators 'break' and reset circuits at times when the circuits were being monitored and analyzed.Borisbeyond 16:40, 1 September 2007 (UTC)