Encryption Followup

BY Herschel Smith
7 years ago

I’m not going to get detailed in why I am saying what I am about to say.  Go and read this post – Encryption Via A One-Time Pad – at Dan Morgan’s place.  Also, all of this is courtesy of Mosby via WRSA.

The post is interesting, especially the more rudimentary methods of communication, which I think are far superior to the high tech methods.  Then again, this kind of stuff is interesting to me, and perhaps few others.  I suspect that this kind of thing would be useful under certain circumstances, but not me, and not right now.

If I had ever wanted to be anonymous, that ship left port years ago.  I have been tracked by CIA, NSA, FBI, DIA, DHS, Department of State and *.mil network domains ever since I posted real examples of the sinfully restrictive ROE in Iraq and Afghanistan (from folks who were there).  I’ve seen it from network domains that visited my site.  Eventually, I lost interest in that and simply assume that I’m being watched all of the time on everything.  Again, that horse left the barn a long time ago.  I cannot ever be anonymous again.  I have given some thought to how I might return to normal life again, but only thoughts.

But regarding the post on encryption, the issue of random number generators comes up.  Morgan says some of the random number generators are “pseudo-random number generators.”

I have to get all pointy head here, and I fear that the more I do this, the larger the chance is that I give away who I am and what I do.  I just want to keep that separate from my blogging if I can.  But here it goes.  There are guys who do their entire post-doctoral work on developing random number generators at the National Labs for Monte Carlo computer codes.  There are tests for randomness – ten in all the last time I read the papers and listened to the presentations.

Listen.  All random number generators are pseudo-random number generators.  None are truly random.  With a given random number seed, a random number generator will generate the same sequence of numbers every time it is launched.  Monte Carlo computer code users are constantly aware of whether they are exceeding the random number stride with any specific calculation.  There are tricks used as work-arounds if they do, such as choosing a random number seed that happens to be different than the default value, or different than the one they chose earlier.  But the simple question is this: Do you understand that you cannot just launch the application and assume that you get “random numbers?”

But also listen to me on this.  The folks that propose to rule us have access to all of these random number generators.  If you use a random number generator like it’s a black box and generate the same sequence of “random numbers” every time you use it, your communications will become predictable.

What’s the point?  Just be aware that you cannot use a piece of technology as a black box.  You have to be at least semi-educated in order to make proper use of any technology, and don’t assume that you are any more than one step ahead of your opponent, even if you’ve changed what you did since the last time you did it.

Okay.  End of pointy head lecture.

Trackbacks & Pingbacks


  1. On October 2, 2013 at 9:52 pm, scott s. said:

    In Naval PG School as a CS student I took some Ops Analysis courses, including a course on modeling and simulation and we had to go through tests on random number generators. I understand NSA sabotaged the random number generators that form a part of NIST encryption standards.

  2. On October 2, 2013 at 10:13 pm, Herschel Smith said:

    I find that believable. I’m sure that they didn’t have any effect on the algorithms in the National Lab codes, but they know what they are. If I do because I have the source code along with thousands of others, then the NSA does too.

  3. On October 3, 2013 at 8:21 am, Paul B said:

    One time pad cipher is tough. the beale letter is still not decoded. Grab a random book and take the letters you need from the pages using a numbering scheme to denote the letter.

    If you do not have the book, knowing the pattern of the cipher does you no good.

    You could use this in e-mail type transmissions if you set the book to be used earlier. Course if you are being watched such behavior will just trigger the defend response in your watcher.

  4. On October 3, 2013 at 10:22 am, Mark Matis said:

    I believe I have posted here a way to NOT let them know what you are doing, should that be your desire. I won’t spam again unless someone wants it. Again, even if you DO what I suggest, if the OTHER end of your connection is someone who is infiltrating to incite and indict, then it won’t do any good. THAT is the biggest problem for anyone who wants to be other than a lone wolf.

  5. On October 3, 2013 at 4:42 pm, Bill St. Clair said:

    Want truly random numbers? Roll some dice. Real. Physical. Dice.

  6. On October 3, 2013 at 4:54 pm, Herschel Smith said:

    Bill. Word. Old school thinking is best.

  7. On October 3, 2013 at 5:21 pm, Phelps said:

    Not entirely true. A lot of the generators being made now don’t use a default seed — using the audio coming from the sound card input or a webcam mic is common. If you want a truly random seed, you use something like a cosmic ray detector.

  8. On October 3, 2013 at 5:22 pm, Phelps said:

    Want truly random numbers? Roll some dice. Real. Physical. Dice.

    Gotta make sure that your dice are not worn, are properly balanced, are being thrown far enough, and have enough bounces. Look to Vegas for your examples.

  9. On October 3, 2013 at 6:34 pm, Herschel Smith said:

    But Phelps, that’s my point. Some random number generators are made with a default seed with the express purpose of repeatability. Knowing this is important. And remember that *they* have all of the algorithms we have. All of them.

  10. On October 3, 2013 at 7:37 pm, Jedburg said:

    Multiple 10 sided gaming dice.

    Check the Communications page.


  11. On October 4, 2013 at 10:46 am, Herschel Smith said:

    Additional thoughts. So let’s say that you’re communicating to someone with a random number generator. You must use a seed for the calculation. If you choose the same seed over and over and over again, you generate the same “random number” sequence every time, and your communications become quite easily deciphered and predictable. If not, then you must also figure out how to covertly communicate to the person to whom you are communicating the random number seed you used so that they can use the same one and your communications make any sense at all.


  12. On October 4, 2013 at 12:59 pm, PJ said:

    “Multiple 10 sided gaming dice. ”

    You can always use regular dice, then convert the base 6 numbers into base 10 (or any other base you need) using a spreadsheet or a calculator. Don’t forget to subtract 1 first since dice go from 1 through 6 rather than 0 through 5. The math function you want is called “modulus” which is nothing but the remainder after a division.

    There are base conversion utilities on the internet but I would NOT use any such thing for an important password or other secure use since your access to them may be monitored. But they are OK to use just to see how base conversion works.

  13. On October 4, 2013 at 2:09 pm, Mark Matis said:

    Please note my comment on Dan Morgan’s post about using a computer that is connected to the Internet and running Microsoft, Apple, Google, or Facebook software to generate your OTPs.

  14. On October 4, 2013 at 8:56 pm, Joseph P. Martino said:

    My son’s PhD dissertation was on a scheme for generating random numbers by counting photons that strike a 2-dimensional grid. That will generate truly random numbers. I don’t know if his method has ever been implemented, though.

    Back in the 1960s I was assigned to an R&D outfit. One of our officers was going after a PhD. His dissertation was on simulating neutron paths through nuclear reactor shielding. He was doing the simulations on a VAX, generating huge numbers of “random numbers.” He finally realized he wasn’t doing many different “events,” because the computer was producing only pseudorandom numbers, so he was getting the same sequence of events over and over. He wrote to his adviser about the problem and went on leave. He came back to find his desk covered with notes to call various people. It turned out that just about everyone in the nuclear business was doing the same thing he was, without realizing that because their simulations required so many numbers, their pseudorandom sequences were repeating over and over. I don’t know what he eventually did, but I recognized the problem. I’ve been aware of it ever since.

  15. On October 4, 2013 at 9:39 pm, Herschel Smith said:

    Joseph. Random number stride. Solution? Variance reduction. It’s a very long, long story.

  16. On October 5, 2013 at 6:34 pm, Neal Evans said:

    True randomness come from physics. Radio noise. Radioactive decay. Plenty of truly random sources. Someone needs to put it on an arduino with a USB interface. :)

  17. On December 24, 2013 at 11:08 am, random said:

    please be aware that using the MODULUS operation to convert random numbers to another base is wrong as it leads to statistical bias.

    The simple but inelegant solution is to throw away the samples that are too large.
    E.g. if convert dice throws from base-6 (0…5) to base-5 (0…4), you will encouter that there are about 16% more “0” samples than the others because 5 mod 5 = 0. However, if you merely throw away the bad samples, you’ll get a flat distribution. Assuming your dice isn’t weighted of course.

RSS feed for comments on this post. TrackBack URL

Leave a comment

You are currently reading "Encryption Followup", entry #11325 on The Captain's Journal.

This article is filed under the category(s) Intelligence and was published October 2nd, 2013 by Herschel Smith.

If you're interested in what else the The Captain's Journal has to say, you might try thumbing through the archives and visiting the main index, or; perhaps you would like to learn more about TCJ.

26th MEU (10)
Abu Muqawama (12)
ACOG (2)
ACOGs (1)
Afghan National Army (36)
Afghan National Police (17)
Afghanistan (679)
Afghanistan SOFA (4)
Agriculture in COIN (3)
AGW (1)
Air Force (35)
Air Power (9)
al Qaeda (83)
Ali al-Sistani (1)
America (20)
Ammunition (122)
Animals (86)
Ansar al Sunna (15)
Anthropology (3)
Antonin Scalia (1)
AR-15s (253)
Arghandab River Valley (1)
Arlington Cemetery (2)
Army (77)
Assassinations (2)
Assault Weapon Ban (27)
Australian Army (6)
Azerbaijan (4)
Backpacking (2)
Badr Organization (8)
Baitullah Mehsud (21)
Basra (17)
BATFE (99)
Battle of Bari Alai (2)
Battle of Wanat (18)
Battle Space Weight (3)
Bin Laden (7)
Blogroll (3)
Blogs (22)
Body Armor (20)
Books (3)
Border War (11)
Brady Campaign (1)
Britain (38)
British Army (35)
Camping (4)
Canada (2)
Castle Doctrine (1)
Caucasus (6)
Center For a New American Security (8)
Charity (3)
China (13)
Christmas (11)
CIA (28)
Civilian National Security Force (3)
Col. Gian Gentile (9)
Combat Outposts (3)
Combat Video (2)
Concerned Citizens (6)
Constabulary Actions (3)
Coolness Factor (2)
COP Keating (4)
Corruption in COIN (4)
Council on Foreign Relations (1)
Counterinsurgency (216)
DADT (2)
David Rohde (1)
Defense Contractors (2)
Department of Defense (159)
Department of Homeland Security (26)
Disaster Preparedness (4)
Distributed Operations (5)
Dogs (12)
Donald Trump (26)
Drone Campaign (3)
EFV (3)
Egypt (12)
El Salvador (1)
Embassy Security (1)
Enemy Spotters (1)
Expeditionary Warfare (17)
F-22 (2)
F-35 (1)
Fallujah (17)
Far East (3)
Fathers and Sons (2)
Favorite (1)
Fazlullah (3)
FBI (32)
Featured (183)
Federal Firearms Laws (18)
Financing the Taliban (2)
Firearms (1,234)
Football (1)
Force Projection (35)
Force Protection (4)
Force Transformation (1)
Foreign Policy (27)
Fukushima Reactor Accident (6)
Ganjgal (1)
Garmsir (1)
general (15)
General Amos (1)
General James Mattis (1)
General McChrystal (43)
General McKiernan (6)
General Rodriguez (3)
General Suleimani (9)
Georgia (19)
Google (1)
Gulbuddin Hekmatyar (1)
Gun Control (1,269)
Guns (1,736)
Guns In National Parks (3)
Haditha Roundup (10)
Haiti (2)
Haqqani Network (9)
Hate Mail (8)
Hekmatyar (1)
Heroism (4)
Hezbollah (12)
High Capacity Magazines (16)
High Value Targets (9)
Homecoming (1)
Homeland Security (1)
Horses (1)
Humor (29)
ICOS (1)
IEDs (7)
Immigration (92)
India (10)
Infantry (4)
Information Warfare (2)
Infrastructure (2)
Intelligence (23)
Intelligence Bulletin (6)
Iran (170)
Iraq (379)
Iraq SOFA (23)
Islamic Facism (64)
Islamists (95)
Israel (18)
Jaish al Mahdi (21)
Jalalabad (1)
Japan (2)
Jihadists (80)
John Nagl (5)
Joint Intelligence Centers (1)
JRTN (1)
Kabul (1)
Kajaki Dam (1)
Kamdesh (9)
Kandahar (12)
Karachi (7)
Kashmir (2)
Khost Province (1)
Khyber (11)
Knife Blogging (4)
Korea (4)
Korengal Valley (3)
Kunar Province (20)
Kurdistan (3)
Language in COIN (5)
Language in Statecraft (1)
Language Interpreters (2)
Lashkar-e-Taiba (2)
Law Enforcement (3)
Lawfare (7)
Leadership (6)
Lebanon (6)
Leon Panetta (2)
Let Them Fight (2)
Libya (14)
Lines of Effort (3)
Littoral Combat (8)
Logistics (50)
Long Guns (1)
Lt. Col. Allen West (2)
Marine Corps (263)
Marines in Bakwa (1)
Marines in Helmand (67)
Marjah (4)
Media (55)
Medical (50)
Memorial Day (5)
Mexican Cartels (35)
Mexico (50)
Michael Yon (5)
Micromanaging the Military (7)
Middle East (1)
Military Blogging (26)
Military Contractors (4)
Military Equipment (24)
Militia (5)
Mitt Romney (3)
Monetary Policy (1)
Moqtada al Sadr (2)
Mosul (4)
Mountains (25)
MRAPs (1)
Mullah Baradar (1)
Mullah Fazlullah (1)
Mullah Omar (3)
Musa Qala (4)
Music (21)
Muslim Brotherhood (6)
Nation Building (2)
National Internet IDs (1)
National Rifle Association (71)
NATO (15)
Navy (22)
Navy Corpsman (1)
NCOs (3)
News (1)
NGOs (2)
Nicholas Schmidle (2)
Now Zad (19)
NSA (3)
NSA James L. Jones (6)
Nuclear (57)
Nuristan (8)
Obama Administration (221)
Offshore Balancing (1)
Operation Alljah (7)
Operation Khanjar (14)
Ossetia (7)
Pakistan (165)
Paktya Province (1)
Palestine (5)
Patriotism (7)
Patrolling (1)
Pech River Valley (11)
Personal (64)
Petraeus (14)
Pictures (1)
Piracy (13)
Pistol (2)
Pizzagate (21)
Police (502)
Police in COIN (3)
Policy (15)
Politics (803)
Poppy (2)
PPEs (1)
Prisons in Counterinsurgency (12)
Project Gunrunner (20)
PRTs (1)
Qatar (1)
Quadrennial Defense Review (2)
Quds Force (13)
Quetta Shura (1)
RAND (3)
Recommended Reading (14)
Refueling Tanker (1)
Religion (197)
Religion and Insurgency (19)
Reuters (1)
Rick Perry (4)
Rifles (1)
Roads (4)
Rolling Stone (1)
Ron Paul (1)
ROTC (1)
Rules of Engagement (75)
Rumsfeld (1)
Russia (30)
Sabbatical (1)
Sangin (1)
Saqlawiyah (1)
Satellite Patrols (2)
Saudi Arabia (4)
Scenes from Iraq (1)
Second Amendment (367)
Second Amendment Quick Hits (2)
Secretary Gates (9)
Sharia Law (3)
Shura Ittehad-ul-Mujahiden (1)
SIIC (2)
Sirajuddin Haqqani (1)
Small Wars (72)
Snipers (9)
Sniveling Lackeys (2)
Soft Power (4)
Somalia (8)
Sons of Afghanistan (1)
Sons of Iraq (2)
Special Forces (28)
Squad Rushes (1)
State Department (21)
Statistics (1)
Sunni Insurgency (10)
Support to Infantry Ratio (1)
Supreme Court (20)
Survival (39)
SWAT Raids (55)
Syria (38)
Tactical Drills (2)
Tactical Gear (6)
Taliban (167)
Taliban Massing of Forces (4)
Tarmiyah (1)
TBI (1)
Technology (17)
Tehrik-i-Taliban (78)
Terrain in Combat (1)
Terrorism (95)
Thanksgiving (9)
The Anbar Narrative (23)
The Art of War (5)
The Fallen (1)
The Long War (20)
The Surge (3)
The Wounded (13)
Thomas Barnett (1)
Transnational Insurgencies (5)
Tribes (5)
TSA (22)
TSA Ineptitude (13)
TTPs (3)
U.S. Border Patrol (5)
U.S. Border Security (14)
U.S. Sovereignty (17)
UAVs (2)
UBL (4)
Ukraine (3)
Uncategorized (56)
Universal Background Check (3)
Unrestricted Warfare (4)
USS Iwo Jima (2)
USS San Antonio (1)
Uzbekistan (1)
V-22 Osprey (4)
Veterans (3)
Vietnam (1)
War & Warfare (248)
War & Warfare (40)
War Movies (4)
War Reporting (21)
Wardak Province (1)
Warriors (6)
Waziristan (1)
Weapons and Tactics (70)
West Point (1)
Winter Operations (1)
Women in Combat (21)
WTF? (1)
Yemen (1)

October 2020
September 2020
August 2020
July 2020
June 2020
May 2020
April 2020
March 2020
February 2020
January 2020
December 2019
November 2019
October 2019
September 2019
August 2019
July 2019
June 2019
May 2019
April 2019
March 2019
February 2019
January 2019
December 2018
November 2018
October 2018
September 2018
August 2018
July 2018
June 2018
May 2018
April 2018
March 2018
February 2018
January 2018
December 2017
November 2017
October 2017
September 2017
August 2017
July 2017
June 2017
May 2017
April 2017
March 2017
February 2017
January 2017
December 2016
November 2016
October 2016
September 2016
August 2016
July 2016
June 2016
May 2016
April 2016
March 2016
February 2016
January 2016
December 2015
November 2015
October 2015
September 2015
August 2015
July 2015
June 2015
May 2015
April 2015
March 2015
February 2015
January 2015
December 2014
November 2014
October 2014
September 2014
August 2014
July 2014
June 2014
May 2014
April 2014
March 2014
February 2014
January 2014
December 2013
November 2013
October 2013
September 2013
August 2013
July 2013
June 2013
May 2013
April 2013
March 2013
February 2013
January 2013
December 2012
November 2012
October 2012
September 2012
August 2012
July 2012
June 2012
May 2012
April 2012
March 2012
February 2012
January 2012
December 2011
November 2011
October 2011
September 2011
August 2011
July 2011
June 2011
May 2011
April 2011
March 2011
February 2011
January 2011
December 2010
November 2010
October 2010
September 2010
August 2010
July 2010
June 2010
May 2010
April 2010
March 2010
February 2010
January 2010
December 2009
November 2009
October 2009
September 2009
August 2009
July 2009
June 2009
May 2009
April 2009
March 2009
February 2009
January 2009
December 2008
November 2008
October 2008
September 2008
August 2008
July 2008
June 2008
May 2008
April 2008
March 2008
February 2008
January 2008
December 2007
November 2007
October 2007
September 2007
August 2007
July 2007
June 2007
May 2007
April 2007
March 2007
February 2007
January 2007
December 2006
November 2006
October 2006
September 2006
August 2006
July 2006
June 2006
May 2006

about · archives · contact · register

Copyright © 2006-2020 Captain's Journal. All rights reserved.