Published October 10, 2012
Want to protect your sensitive emails? You might want to consider going retro -- and exploiting an unbreakable WWII-style cipher.
The Vernam cipher was developed in 1917 by AT&T engineer Gilbert Vernam and U.S. Army Captain Joseph Mauborgne, and was used to protect relayed data in WWII.
Captain Mauborgne strengthened the cipher using genuinely random keys that don’t repeat. And Singaporean company Rune Information Security Corp. has leveraged his work in an e-mail encryption system known as Deadbolt.
How does Vernam Cipher work?
Essentially both parties use the same random key.
In Vernam’s original system, two identical pads of paper list keys made up of random letters or numbers in rows, one key per page. The coder uses the key on a page to encode a message, with each character on each page used only once to encrypt.
The other person would use their identical copy of the pad and that specific key page to decode it. To ensure security, the key is only used once and destroyed by both parties -- hence its nickname, the “one-time-pad” cipher.
When the Soviets were sloppy with reusing keys, the top secret U.S. Venona project cracked messages revealing the names of Americans spying for the Soviet Union.
But nearly a century after Vernam’s system was created, many people believe that, if you don’t have the same pad, the cipher is unbreakable.
Used properly, it’s meant to be unbreakable. Experts suggest this is because the cipher produces completely random cipher-text and some believe that even the best supercomputers cannot crack this WWII approach.
Vernam’s system is not widely used today; it’s considered inconvenient or difficult to work with. Yet the one-time pad is still viewed by many as one of strongest ways to encrypt a communication -- and Rune believes Deadbolt is far easier to use.
How to Deadbolt your e-mails
The Deadbolt gadget is a USB stick that attaches to your Mac or PC, takes just a few clicks to secure data and can either be used with the common OpenPGP encryption or the Vernam cipher. In addition to email, the company says it can even secure Facebook, Skype, Gmail and LinkedIn messages.
Deadbolt is designed to make data theft through e-mail and messaging impossible; only the intended recipient with the key can unlock and access the content of the mail or message.
While it won’t stop someone from gaining access to your computer, the crypto supposedly will prevent access to your data. Rather than focus on the transport of data, the Deadbolt approach focuses on the data itself -- on protecting information as it moves across networks and in the cloud.