Schneier on Security
A blog covering security and security technology.
« Movie Plot Threat Contest: Status Report |
| Microsoft Vista's Endless Security Warnings »
April 24, 2006
Mafia Boss Secures His Data with Caesar Cipher
At least one coded note, published in the Web site's biography, has a strong resemblance to what's known as Caesar cipher, an encryption scheme used by Julius Caesar to protect important military messages.
The letter, written in January 2001 by Angelo Provenzano to his father, was found with other documents when one of Provenzano's men, Nicola La Barbera, was arrested.
"...I met 512151522 191212154 and we agreed that we will see each other after the holidays...," said the letter, which included several other cryptograms.
"The Binnu code is nothing new: each number corresponds to a letter of the alphabet. 'A' is 4, 'B' is 5, 'C' is 6 and so on until the letter Z , which corresponds to number 24," wrote Palazzolo and Oliva.
I got a nice quote:
"Looks like kindergarten cryptography to me. It will keep your kid sister out, but it won't keep the police out. But what do you expect from someone who is computer illiterate?" security guru Bruce Schneier, author of several books on cryptography, told Discovery News.
Posted on April 24, 2006 at 6:52 AM
• 51 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
that's the kind of thing that happens when you're too cheap to buy an Enigma machine.
Or to work out a Vigenere cipher. Granted, with that many texts, it's likely that a single cipher would be cracked quickly; however, you could use a different keyword for each recipient.
This is fascinating, for several reasons. The guy was smart enough to use some sort of encryption, but managed to use one that was *really* bad.
But I see this as almost more along the lines of obfuscation, equivalent to rot13 (actually, I think it's rot3). It's not going to keep anyone who has the messages from "decoding" them, but it will keep someone who sees them in passing from noticing a name. There probably is some value in that, and it's always possible that without the use of this mechanism, he would have been caught sooner.
But yeah, it's pretty funny.
"what do you expect from someone who is computer illiterate?"
Maybe whack anyone impertinent enough to make such a statement?
Not to be nit picky or anything...
Maybe it’s a bit too early on the east coast but in a Caesar cipher if 'A' had the value of 4 wouldn't 'Z' have the value of 3? I ask because the article states that 'Z' would be 24, I think 24 would be 'U'.
If you adjust the cipher so 24 is Z you get a different message. This guy wasn't saying mob he was saying RTG, as in really tall guy.
Of course this post was just supposed to fill the gap while i wait for coffee to brew….
..But what do you expect from someone who is computer illiterate?...
Now Bruce, why you gotta say stuff like that man? They are the mafia man ..(sic).
Make sure you lock your doors and prepare for the horse's head (Godfather!).
The Italian alphabet is smaller than the English alphabet....
> The Italian alphabet is smaller than the English alphabet....
Indeed, quoting from http://en.wikipedia.org/wiki/Italian_language
"Italian is written using the Latin alphabet. The letters J, K, W, X and Y are not part of the standard Italian alphabet, but are seen in imported words (such as jeans, whiskey, taxi). J may also appear in many words from different dialects. Each of these foreign letters had an Italian equivalent spelling: gi, ch, u, cs or s, and i, but these are now obsolete."
He obviously belived in the old addage,
"When in Rome do as the Romans do"
Sorry sometimes as the Victorians used to say my humour escapes me.
...But what do you expect from someone who is computer illiterate?...
Where's the correlation between knowing something about using a computer and knowing something about designing ciphers? Ciphers, even strong ciphers, were around a long time before *anyone* was computer literate. I don't know if Bruce really was sneering at non computer users, but that's sure the way it comes across.
Such messages might also be useful to set someone up. Encode with an easily breakable cipher and have the interceptor believe he is reading something really important.
""In the Provenzano code the key is the +3 shift," mathematics expert Alessandro Martignago told Discovery News."
Whats with these reporters these days. Need to get math and security experts to lend credence to the weakness of the kindergarten cipher :-) ? If only they did such due diligence on matters of life and death .....
He should have used Solitaire. (:
Now, this seems odd to me:
"According to Martignago, the Provenzano code might have been made more secure by changing the + 3 key with other shift characters ( +5, +7, +8, etc.) from time to time."
Hey, why do we bother using things like AES, when it's enough to do monoalphabetic substitution with non-common shifts (or, if you want to go extreme, use polyalphabetic like Vigenere)?
Would police cryptanalysts really be fooled by such simple things - especially if the target is organized crime?
Maybe Angelo miss heard
"Ceasers Wife is above suspicion"
On a more serious note, how do you come up with a cipher system that is fairly easy to use, and more importantly for Mafia and others of their ilk does not need written instructions to be caried around or code books.
Even computer savy geeks have trouble remembering more than a couple of secure passwords let alone a whole keymat table...
I have seen a lot of hand ciphers in my time but most are either difficult to use or remember and need the instructions writen down like a flow chart to make them usable. Or worse still they need volumus key material written down (OTP etc).
Afterall how many people know the significance of,
"Eat on Irish Lid"
The point is that unless you have a photo retentive memory and good disapline you need to carry the cipher system around in one form or another (even if it is just a book code). This sort of document / equipment would be a real liability and just the sort of thing to get you a great deal of interesting questions from the Police, and might actually be used to incriminate you in a court of law.
Not if it's your little black book with all your lady friends' phone numbers.
You make several very good points, but there are many ways to disguise a simple code book.
This is typical of management. Take an idea make it their own, and mess it up completely by not truely understanding the problem or solution.
This is why the laws against crypto export and all of the hubbub over terrorists and criminals using advanced crypto is much ado about nothing.
Most of these communications will either be unencrypted or trivially encrypted.
Career criminals, after all, aren't that bright (smart ones would limit themselves to one big job and retire, limiting exposure).
Hey! My kid sister is smarter than that!
Remember, even (non-striated) Playfair was deemed to be too difficult for the British Navy officers to use at the time.
"Career criminals, after all, aren't that bright (smart ones would limit themselves to one big job and retire, limiting exposure)."
Tell that to the Unabomber, Ted Bundy and Jeffery Dahmer. Just as they were bright individuals who carried out multiple crimes, the various mafiosos may be intelligent, but have motives other than money. It is dangerous to assume that what motivates you is the same thing that motivates the person attacking you.
Their lack of computer literacy is not necessarily a bug, it could also be a feature. As has been pointed out, written records tend to lead to convictions for people in that line of business. From the criminal perspective, this guys biggest error was not his laughably simplistic code, it was writing that stuff down in the first place.
Alphabet Key: schneiner
Wviqj dz jz am sfe qyvy xuoddm hgcyrk kae lokr'x jbhtzh egjb hkcyw xbb wfhraf?
WF jdprfvr xxdpb be k qzoqq fapqz? Yc fagm gy dsgbq aumtu atx fzzb pbvygfz j agdffal jvxaf kqd fe dn vsjdfj pruhqzlwb bl gx si effartsyebj ucbc ykb "uylqsr lbw", JSX lv ubefevl(drbr xbb vfsvpdrx wfhbd) tkh cdnybff g pjpfaaz kzijfbjgar ckgw sgqd km ltydk. Sm guqbzrsbw kblobcdlx be oumbu xigd xxd agdffal lmeefgjzi ox zusqe bcx gb sehkzb ba k igzpx tl ugp.
Just a thought.
> Tell that to the Unabomber, Ted Bundy and Jeffery Dahmer.
All of whom weren't career criminals, they were sociopaths. They certainly didn't make their living from crime (ergo, they weren't "career criminals"). Some people might argue that Kaczynski was a terrorist, but I think this is a mischaracterization (and besides the point, anyway).
I understand what you're saying ("It is dangerous to assume that what motivates you is the same thing that motivates the person attacking you.") and I agree with it... but your point doesn't invalidate mine - making crypto illegal serves to eliminate its useful purposes while restricting a very small subset of activity -> most criminals just don't use crypto.
--On a more serious note, how do you come up with a cipher system that is fairly easy to use, and more importantly for Mafia and others of their ilk does not need written instructions to be caried around or code books.--
Well, if you're completely illiterate (not just computerwise) text messages aren't going to be much use to you in the first place. This is why so many Mafia wiseguys communicate with dead fish, equine parts, and .45 hollowpoints, along with the cannelloni that speaks from the heart.
The Playfair is still pretty good for the criteria described, if certain crypto practices are followed -- change keywords often (with every message if possible) and without pattern, send no more text than necessary, use language that will not be meaningful to third parties even if the message is cracked, and so on. But asking for a system that is highly secure and requires no external data (like a one-time pad), specialized knowledge, or crypto skill is asking for something for nothing.
The other answer is not so much crypto as steganography: hiding the existence of The Message from The Other People (whoever They are). A relatively weak encipherment may keep the outsiders busy until it's too late for the text to be of any use (except perhaps as evidence in the trial), especially if the insiders kept it from being identified as an Important Message to begin with. (The US Army's discs-on-spindle cipher machine was not highly secure, but it was secure enough for messages that, even if read, would in a short time be out of date anyway.) We have Traffic Analysis in order to obtain useful information from messages we can't actually read; if you hide the fact of the traffic, there's nothing for even the best analysts to work on.
Good call Bruce. Looks like your statement was right on the (ahem) money, according to the article:
"Top Mafia businesses were conducted on an obsolete Olivetti Lettera 32 typewriter. Pizzini were delivered by a chain of messengers.
The fact that the boss code was rather straightforward may be explained by Provenzano's lack of education. It stopped when he dropped out of school at about eight."
You know, maybe he was only ever worried about his kid sister.
"Where's the correlation between knowing something about using a computer and knowing something about designing ciphers? Ciphers, even strong ciphers, were around a long time before *anyone* was computer literate. I don't know if Bruce really was sneering at non computer users, but that's sure the way it comes across."
But if you know about computer and the Internet -- even just using them -- you know about ROT13.
Despite what several have implied, Bruces comment is accurate, if a possibly a bit "un-PC" in it's phrasing. The average "computer literate" person will probably just search google / install PGP / drag and drop / encrypt and be done.
Assuming they don't have a trojan, this puts them far ahead of someone who will have to roll their own without a computer. Of course, a substitution cipher with a one time pad might be fine, but even generating one of those is difficult without a computer.
How would you do crypto with a pen and paper nowadays?
"Computer illiterate" need not refer to practical skills of using a computer, but a marked ignorance of what computers can do - including brute-force analysis.
But once you get around to translating text into Shelta Thari, then encrypting it with a one-time cipher, you've made the process inconvenient for the people who simply want to communicate, not be math whiz kids.
@ Pat Calahan
"I understand what you're saying ... but your point doesn't invalidate mine"
I am sorry if I came across as trying to invalidate your point; I wasn't. I was merely trying to expand it a bit. The natural desire in cases like this is to simplify the problem, which is good, but can sometimes go too far. I in no way wanted to say your point was wrong or less than valid, merely that one of the arguments which you used to support it was somewhat flawed. In principle, I agree with your overall point about the futility of banning a very useful technology because a bad person could use it for evil.
Chalk it up to overt-defensive grumpiness on my part :)
(damn, had to write some quick code, because I didn't have a Vigenere engine lying around. I won't post plaintext, but suggest you might).
I don't think there's an obvious legal angle, at least in the US. Seizing email is supposed to require a court's intervention under the Electronic Communication Privacy Act (of course, the USA PATRIOT act made Bush an absolute dictator, so the above does not apply). I wouldn't imagine that a decrypt requires more than the original seizure.
I suppose that it could have been a joke, except that in my experience, mafiosi have no sense of humor.
That is just plain funny.... LOL
"But if you know about computer and the Internet -- even just using them -- you know about ROT13."
No you don't. I do, you do, but my parents don't. Neither does my sister, or my kids, or my wife or most of my work colleagues, all of whom use the internet and computers to do some very sophisticated stuff. I do, as do my computer science type work colleagues do. Not even all usenet users know about ROT13 these days, and I'd be temted to wager it'd be a minority who do. I'd even go so far as to say that most computer users in this day and age no no more about ciphers than my grandparents. The closest they ever come to it is the little yellow bar in their favourite web browser, and even then they will at best have a vague feeling that they're more secure if it's yellow.
I was curious, so I did an informal poll of online friends. So far I have six responses. One has used it before; I think she's been on usenet for years and years and year, and in media fandoms. One has seen it before; I think also an old-time media geek. One has heard about it; computer major.
Three responded with "huh?" And they're computer literate enough to be comfortable with ftp.
Technology isn't always your friend.
If you operate an illegal business in a strictly analog manner, then there's no sneaky 'hi-tech' way for police to infiltrate your organization.
Observe how the FBI installed a keylogger in a mobsters computer recently, and got years of data from him.
Messages passed hand-to-hand, by messengers who know that betraying the contents to the police or others, means death for them and their families, seems a far more secure means of communication than even the best e-mail encryption.
Using tradecraft borrowed from espionage, such as dead-letter boxes and such, would make 'traffic analysis' (who's talking to whom) much more difficult than simply pulling the IP logs from the mobsters ISP.
Now, instead of a couple of agents sitting at computers, reading e-mails/analyzing IP logs/etc. while the criminals create a trail of evidence for you, you need a task force of many dozens of agents, to run physical surveillance, monitor listening devices, infiltrate, etc., to gather the evidence yourself
Much more costly, time and labor intensive, and liable to detection.
The fact that his notes are trivially easy to decrypt doesn't negate the time-proven operational security that kept him out of prison all these years.
It's the younger generation who've moved into computers who are getting caught up in the belief of technologies invincibility, and getting busted when proven wrong.
>>But if you know about computer and the Internet -- even just using them -- you know about ROT13.
>No you don't. I do, you do, but my parents don't. Neither does my sister, or my kids, or my wife or most of my work colleagues, all of whom use the internet and computers to do some very sophisticated stuff.
Heh, so ROT13 is effective against your family but not against the average investigator.
I suspect that even with only an eighth-grade education this mobster knew what he needed to use to control whom. In other words he used Caeser as a control against family and other insiders while he probably used bribes/intimidation/threats for everyone else.
Makes sense to me and gives insight into how controls (countermeasures) can be most effective if properly tailored to the actual threat.
On the other hand, maybe he just thought "if it was good enough for Caeser it is good enough for me!"
I guess this could be more smarter in the future
Maybe he felt like Caesar...lord of all ....that would make sense, that he use Caesar's cipher.
"But if you know about computer and the Internet -- even just using them -- you know about ROT13."
Hate to disagree with you Bruce (it is your blog afterall ;) but you are way way of the mark.
I used to work in a University with around 20000 quite computer litereat people there and very very few of them including the computer science under grads either new or cared about even obscuring Crypto like ROT13 even those that used news groups and IRC. As I remember it most of the students where interested in their cars and mobile phones, and occasionaly each other...
More surprisingly how many MS OS Admins know that half of those funny keys in the Windows registry are ROT13 encoded? or for that matter know what ROT13 is?
For that matter try asking people about UUencode and MIME64 which arguably they do get to meet quite often if the use mail. The point is the front end takes care of it and like the workings of a telephone switch the user neither knows nor particularly cares unless they fall into the geek catagory (which arguably covers all of us on this blog ;).
"How would you do crypto with a pen and paper nowadays?"
THe same old way it was always done upto around the 1970's. That's why the NSA had so much fun back then they had the toys the oposition did not.
But if you need to do fairly secure crypto with just the things you have around you can create OTPs with dice, you can make a streem cipher with a deck of cards (RC52) or several other shop bought games.
You could also resort to a book code where you encrypt the plain text multiple times (at least four) with different key streams
The main trick is to actually do two steps, the first is to apply a stage that flatens out the message statistics, then do the encryption.
However this still leaves you with a horendous problem keying material, this tends to be the weakness of all paper and pencil systems, as the keys tend to get reused over and over again. An example of this was Poem Codes used during WWII the agents tended to use the same key thereby making an analysts job very very easy.
Unfortunately for me: my kid sister has a masters degree in mathematics, and took a cryptography course.
Fortunately for me: I doubt she'd rat me to the police.
Yes, the crypto was risible. Yes, he remained on the run and in command of the world's no.1 criminal organisation for 40 years. Conclusion: cryptosecurity wasn't his problem.
Probably you all forgetting who Provenzano is...
He succeeded to hide himself, without toil, for 43 years to the police of all the world.
Provenzano succeeded to do this just cause is a "computer illiterate"!
he's "simple cryptography" its enough to avoid that someone understanding what's written with a swift reading, its useless to waste time for something that does not useful.
thinking lateral guys! ;)
I wonder if the bump up from 'security expert' to 'security guru' is attributable in whole or in part to Friday Squid Blogging.
I've invented, in my spare time, a variation on Quagmire IV / Vigenere cipher, which incorporates a Caesar cipher into it. There's a forum for such discussion (and challenges!) which I frequent. Use the link provided!
(The above message in my cipher:)
IKWG JJCH CAXU WEDO HNWA GPIB SIOT QLTR KUGB MUFG VARL AHIU TOTE LSUR LZJW OBEP DRJA GCIK AEMW QTUN CEJC ORPO AZIL TKQT BRGA MDNJ RZMX VZBY QVKO DYPD DELA GNUX VGLW ZZIJ RMVY QFWU FAAI UGAD OAVX LLMI MNNP RKHV USWD ZBQZ LW
While it's an interesting story it would be dismissive to cast Provenzano as a dullard. The man ran a massive criminal empire and managed to avoid the authorities for years. Not praise...just observation.
I'm sorry, I have to ask. What's with the squid fascination, Bruce?
The scary thing about all of this is that even if you were to use something like Morse Code transcribed as "." for dit, "-" for dash, and "/" for a character boundary, and "//" for word boundaries you'd still befuddle the hell out of most law enforcement--and Morse is an international standard accepted by world-wide treaty.
no such thing as the unbreakable code? we shall see
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.