Schneier on Security

Clive Robinson • November 23, 2009 2:29 PM

So the aroma of hot smoked fish (ie a red herring) appears to be getting stronger 8)

On a technical note code books are not a good way to go about hiding secrets as they are effectivly a simple substitution and are thus breakable when an analyst gets enough “depth”. They also have a few other disadvantages.
Few mortals can memorise them except by frequent use. You have to guess at the time of making them all the words or sentances you will wish to send in an uncertain future. You have to user a cipher to super encrypt them to prevent the simple substitution being easily decoded, and a whole host of other reasons.

I like the statment,

“A single symbol could represent an idea or an entire message,”

Which whilst true it has an interesting converse that is you have to decide in advance what your “entire message” is to be.

During WWII the BBC sent code phrases out “to our friends in occupied Europe” on behalf of SOE.

These phrases where used to launch all ready agreed plans of action.

It is thought that cold war “number stations” forfilled a similar role.

However it is highly unlikley you would want to use such systems to send non pre arranged messages as the weakness of the system makes decoding such messages easier.

With regards the “knock code” dear god where did they drag that old chestnut up from. You might as well use a loud hailer (bull horn) to anounce you are sending cryptic messages to every body.

Yes it has a long history so does using two torches or two flags, these systems are not secret codes but open codes like that developed by Samual Morse or Charles Whetson or any other “transmission code” such as ASCII or Baudot.

With regards 10,000 sleepers in the UK that is the equivalent of one seventh of the current prison population….

As for the bit about the “code breakers”,

“Several of them have high-value skills in computer technology. The team worked closely with the U.S. National Security Agency and its station at Menwith Hill in the north of England.”

Oh dear oh dear oh dear, depending on who you ask being able to use MS Office qives you “high-value skills in computer technology”.

And as for the NSA and Yorkshire go google them and “BRUSA agrement”.

And do you notice the list of countries “Afghanistan, Iran, Pakistan, Yemen and Sudan” what about Egypt and a few countries in the far east where it is said that “al-Qaida” (if it exists which is extreamly doubtfull) also hang out…
More over these are places where “the 20 dialects” came from. Now call me old fashioned but a dialect is an artifact of a comman language spoken in slightly different ways in different GeoLocs.

The more I think about it the more holes this story has in it.

I propose we nominate it for a “Second hand String Pants” award 8)

Clive Robinson • November 24, 2009 8:03 AM

@ Guillaume, Filias Cupio,

During WWI Churchill was first sea lord. Within his domain was “Room 40” which had the job of breaking the German Naval codes, which they did with what appears to be consmate ease.

Churchill was also a prolific historical author and during his quiet times after WWI he wrote about his time as first sea lord.

Apparently he mentioned Room 40 in one book, however I think the Germans where aware of what might have happened prior to this as they had started work on the Enigma.

However the Royal Navy did not learn the lesson about the weakness of the type of codes in use. During WWII they carried on with the same code types and procedures. The result was that the German cryptographers (b-dinst) where happily reading the Navy signals for some considerable period of time…

If you google for churchill and room 40 you should find a refrence online somewhere. If not I’ll have a dig through my lib and see what I can find.

Clive Robinson • November 24, 2009 4:33 PM

@ David,

“Codebreaking at Room 40 was, I believe, assisted greatly by the German cruiser Magdeburg, which ran aground in the Baltic and had its code books captured by Russians. They sent the books to Britain.”

Yes, and it is also at first sight historicaly a little odd. Which requires a little related history from the time to explain.

Which may at first appear to be “off topic” but actually is quite related so I hope the Moderator will be lenient 😉

The Royal Navy intelligence and code breaking was largely carried out under the auspicess of “Room 40” at the Admiralty, and was thus under Churchill’s control as First Sea Lord.

It was known that he had a very strong aversion to the rise of what latter became Russia’s brand of “communisum” (thought up originaly in Highgate and Hampsted areas of North London).

Though Churchill had no aversion to socialism or nationalisation, contary to current “conservative” image of him (he brought in Beveridge to make a British version of Bismarks social support by the state). Or particularly the methods of “state control” espoused in the idea.

So you would expect Churchill to treat the Russian gift with suscpicion as potentialy being a “Trojan Horse”.

However Churchill was also known at the time to be a pragmatic if not erratic political opperator, in that he had twice crossed the floor (changed political party) to further his aims.

The author Patrick Beesly, whose book “Room 40” gives a very interesting account of UK naval intelligence through the build up to WWI and the war it’s self, paints an interesting asspect on the American entry into WWI as being the result of Churchill’s machianations.
Beesly notes that Room 40 and thus Churchill where aware that the German U-boat fleet at sea had been made aware of the sailing of the passenger liner Lusitania, and it’s ports of call.

Also that Room 40 where aware that a U-boat known to have sunk two ships at the time was opperating to the south of Ireland. And thus must have been aware that the Lusitania sailing to Queenstown would cross it’s path.

Beesly like others befor him could not find any record of any specific warning being given to the Lusitania. Nor of any destroyer escort being provided to give protection of the Lusitania into Queenstown. Further he notes that having so recently sunk two ships no destroyers in the area where given instructions to hunt out the U-boat which was again quite unusual at the time.

Thus to Beesly he indicates that, “no effective steps were taken to protect the Lusitania.”.

Beesly further states that bassed on the lack of evidence otherwise,

“I am reluctantly driven to the conclusion that there was a conspiracy deliberately to put the Lusitania at risk in the hope that even an abortive attack on her would bring the United States into the war.”

And effectivly points the finger at Churchill with,

“Such a conspiracy could not have been put into effect without Winston Churchill’s express permission and approval.”

Further what was not made too clear at the time, was that although a passenger liner full of civilians the Lusitania’s hold was loaded with munitions of war.

Which would have been contary to the “rules of war” such as they where at the time. And that it was highly probable, that German U-Boat Command where well aware of this cargo through diplomatic communications traffic, which Room 40 may well have decoded.

Further it was known to many, including the German U-Boat Command and thus the U-Boat Captains that Churchill had given express orders to the Captains of merchant ships, including liners, to ram German submarines if they encountered them.

In the same memoirs of WWI where Churchill revealed the activities of Room 40, he made it quite clear that dragging “neutral countries” into the fight against the enemy was a crucial part of warfare,

“There are many kinds of maneuvres in war… …The maneuvre which brings an ally into the field is as serviceable as that which wins a great battle.”

What the truth is about Churchill’s involvment with the sinking of the Lucitania is may never be known, but Churchill was ever ready to seize on any oportunity to further a cause irrespective of the facts at hand (see all his political activities prior to 1940 they will surprise many). And his view about bringing neutrals into a conflict is hardly original when you remember the very pragmatic Arabic saying about “mine enemies enemy is my friend”.

Which brings us around to the second argument that historians have about the US entry into WWI in 1917 and Churchill’s probable involvment.

This is the involvment of Room 40 under the command untill May 1917 of Alfred Ewing (later knighted), in the decoding of the infomus diplomatic “Mexico Telegram” of Zimmermann.

These two events most historians usuall conclude where the two main if not only reasons the US Public became outraged at Germany and thus forced the US into WWI.

Before the moderator gives up and raises the “Off Topic flag” 😉 I’d better explain why the Zimmermann Telegram is very pertanent to this discussion.

It is because it involved the reconstruction of a code book which the artical Bruce wants to know more about claims is what the GCHQ folks did on the “supposed” al-Quaida code.

Reconstructing code books (not ciphers or their keys) is a subject of trial error, great patiance and subjective judgment, gut fealings or plain old hunches by those involved and is not a such a science but an art (although the use of computers these days has greatly assisted in the task).

To get increased certanty over the “hunch” of a probable interpretation of a particular code requires a “depth” of messages involving it. By which the various messages individual contexts reveal the “possible” meaning of the code in question. The more varied these contexts the more probable the codes meaning.

As the depth increases, the percevied certainty as to what an individual code might mean increases, and thus hunches about other related codes builds up.

Eventually the code book is partialy reconstructed to the point where traffic under it can be read and thus further verification or meanings of codes continues to the point where most traffic under the code is fully readable.
However great care has to be excercised of what is a very subjective activity with frequent “sanity checking” by others not directly involved with the reconstruction. Otherwise you will enter a maze of self delusion filled with many many twisty little subsurface passages. Without the daylight of correct perception of reality to guide you back to the surface, it is all to easy to cut the slender thread that leads you back, thus leaving you endlessly wandering alone in the dark, not knowing where you are going (except mad as has happened on numerous occasions).

To add further to the problems “hand coding” of messages is at best a tedious task, and thus quite error prone. Further because a code book rarely has the “exact” meaning required, the encoder bends the meanings of codes to fit the message at hand.

For the communicating parties this is usually not that much of a problem it rates as much attention for them as ordinary transcribing errors.

However for the eavesdropper with out a code book to see a transcribing error it vastly reduces the chance of correctly attributing any given code the correct meaning.

Then of course there is the issues of “jargon” and “slang” or “verbal shorthand” which in ordinary life gives rise to puns and other humour.

This “in house” shorthand is an issue for any crypto analaysis be it a code or cipher, as the analyst is effectivly an “outsider” looking in, and thus has little or no knowledge of what things like acronims etc mean. George Orwell highlighted this problem in his work leading up to and during WWII, and put it in his book 1984 (which also featured a “Room 101”), he wrote this whilst working for the BBC (and living in a book shop at the bottom of Pond St, Hampsted London).

Some historians have called into question the decoding of the Zimmermann Telegram, and it is this “subjective reasoning” which is the root of the problem of the telegrams interpretaion.

The advantage of the gift from the Russian’s of one of the two code books recovered from the grounded Magdeburg is that it cut out the subjectiveness for that code and gave certainty which then added clarity to other related codes shedding light on their reconstruction (which is one of the things that gave Room 40 it’s abilitie to read nearly all German Naval traffic and a great deal of diplomatic traffic).

Now fully back on topic 😉

I personaly do not think it likley that there was anything close to the amount of traffic “supposadly” sent by al-Qaida to get any depth for anything other than a very very simple code or cipher to be broken.

Further anything beyond a very very simple and weak code cannot be “just memorised” by even the best of ordinary mortals. You need a particular (photographic / photoretentive) mind set which few possess, irrespective of other atributes or abilities.

The reason for this is that the human mind works on patterns and associations, either of which would be fatal in a code book as it would make it much much easier for an analyst to reconstruct.

Each time I even think about this story the aroma of smoked fish gets stronger and stronger 😉

Clive Robinson • November 25, 2009 10:53 AM

@ sooth sayer,

“These are slangs used by a small group — you go beyond the group and no one will know for sure what you are talking about.”

If you are correct and based on evidence supplied to court hearings in the UK then yes there is a good probability of what the artical author is hiding behind.

However as you say they are not codes in the crypto sense, they are infact “linquistic stenography”.

And like all forms of stenography it has serious problems.

One of which is “styalised” speach or text. That is if you read it or hear it being read it sounds styalised in the same way poems of various forms are.

However to say,

“To catch this usage you need human intelligence — you need to penetrated the groups .. a lot of groups – hiring mathematicians and computer programmers is grand waste of money.”

You are wrong on your points. A computer can and has been programed to recognise various forms of styalised writing. Not just that it’s styalised but also the type of styalising.

This means that the software can “winnow” out styalised messages and bring them forward for further investigation.

As was once noted “even in code you can recognise the language used without being able to either decode it or read it”.

There are various publicaly known ways of spotting potential “stego” in files etc (google detecting DRM or detecting watermarks).

These programs are quite sensitive and it “beggers belife” to think that neither GCHQ or the NSA have not developed such systems as part of Echalon or Carnivor et al.

Clive Robinson • December 15, 2009 9:05 AM

@ David

“High value computer skills in the cryptographic field are likely analogous to nuclear reactor code programming skills in physics, or blast loading programming skills in aerodynamics–discipline-specific skills not widely available.”

Having worked in a number of those fields of endevor, I would say it is not the “computer skills” that are important or particularly difficult to aquire (Embeded software design etc). And in many cases much of the “heavy lift” with those computer skills are easily aquirable with only moderate effort (think re-building a linux distrubution specificaly designed to run of a USB drive of which there are many).

What is required in the fields of endevor you mentioned is “domain specific” knowledge and resources to design and build tangable devices.

Unfortunatly with cryptography you are dealing with intangable information, that only becomes tangable for some methods of storage and communication but not all (learn by rout and pass by word of mouth).

Thus you don’t end up with tangable products just intangable information stored on zero cost or very low cost devices such as marks in a book etc.

Or in the case of software some form of data media (floppy/CD/DVD/microSD card/USB sticks etc).

Some of these data media devices can be utilised like the “shaven slaves head” of antiquity.

That is they are so small and robust they can be hidden in a small cut to the body under the arm or in the groin for considerable periods of time without effecting either the device or the body it is put in.

Likewise they can be easily retreived, and if placed carefully they would not show up on ordinary security searching or on most medical examinations including many X-rays.

As for the domain knowledge required to make a reasonably secure system you just require basic programing skills and a couple of Bruce’s books, or the 3rd edition Donald Knuth “Art of…” books.

You could of course just download an appropriate software runtime from the Internet of which there are many thousands available. Or Open Source Crypto library of which there are hundreds.

Most of which with cautious use would provide little joy for the likes of even the NSA.

There are even quite simple pencil and paper systems that can be easily memorised that again would stand up to much analysis if carefully used.

For instance “book codes” and a Nillist compression cipher.

You have a method by which a key sentance is picked. You select the first seven unique “Eat on Irish” letters, and asign then to the numbers 0-6. Which for the first sentance of this para are,

O=0, H=1, A=2, E=3, T=4, I=5, N=6.

Likewise you asign the other letters of the alphabet and numbers punctuation etc to the numbers 70-99 via some easily rememberal method. This builds a simple substitution alphabet that flattens the frequency distrubution statistics.

You then transpose you message via a keyword etc and then convert to numbers using the substitution alphabet in the usual manner.

You then encrypt your message using an appropriate cipher of which there are a number you can use.

Transpose the numbers into a different order using another keyword.

You then pick a second sentance and build a second “alphabet ” and convert the encoded numbers back to letters etc and send.

The result of this is a cipher text message that appears to have a natural language frequency distrubution but it is not related in any simple way to the message content.

Such a system can be fairly easily learnt, can be programed up in most programing languages with little difficulty and provided you take care can be extreamly difficult to break (but not impossible).