gwyn@brl-tgr.ARPA (Doug Gwyn <gwyn>) (12/21/84)
Some time in September, Bill Parker posted the source to SAFECOM, which is an encryption program for inter-micro communications. I just now got around to looking into its innards and thought I would let its potential users know that it is very easy to crack. The encryption is done basically by adding corresponding letters of a cyclic key and the plaintext, then splitting the resulting byte into two 4-bit nybbles and offsetting them into the printable ASCII range by adding a constant. The first thing a cryptanalyst would do to crack a message in this system would be to reconstruct the (key + plaintext) bytes from the offset 4-bit nybbles; this is a purely mechanical procedure. The next step would be a Kasiski analysis to determine the key length. (This is described in the hardcover edition of Kahn's "The Codebreakers"; it is simple to perform.) Then he would stack the ciphertext into "bins", each enciphered by one of the key letters. Since each of the stacks is just a Caesar substitution, a correlation between each stack frequency distribution and the normal alphabetic frequencies will show what the key letter is for that stack. Then, since the key is now known, the entire message can be quickly decrypted using SAFECOM! I estimate that it would take someone with appropriate computer tools only a couple of minutes to crack a SAFECOM-encrypted message. This assumes a moderately long message and a relatively short key; if the ratio is not as favorable it would take somewhat longer.