[Cryptography] retro crypto

Wed Jan 8 20:29:04 EST 2020

> Using 1970s technology, you can build a cipher machine on
> rotor-like principles.  It has the virtue of "not running
> any kind of malware because it can't".
> 
> For example:  Use LFSRs (linear feedback shift registers)
> to drive the address lines on a bunch of EPROMs.  XOR the
> EEPROM outputs.  <Hardware design omitted>
This is a neat design, though it illustrates how security is a property of the system, not of one part of the system.  You have a black box that implements a cryptographic algorithm of some level of security, and does little else.  It can run at the speed of a reasonable comm link.  How do you get keys into it?  With the speed of modern comm links, almost any cryptographic algorithm really will need the keys changed on a reasonably frequent basis.  And how do you handle the plaintext?  The plaintext that flows into and out of that black box these days goes to a general-purpose computer, vulnerable to all that malware you've carefully excluded from the black box.

I know you aren't suggesting that this has much practical use - it's just a nice exercise.  It strikes me as attractive to the same kind of people who won't use the built-in AES instructions on their hardware because "maybe the NSA bugged it" but proceed to use the same hardware to handle the keys, the plaintext - or even implement AES "securely" themselves.  The list of threats such approaches actually protects against is rather short....
                                                        -- Jerry