Al Qaeda Secret Code Broken

I would sure like to know more about this:

Top code-breakers at the Government Communications Headquarters in the United Kingdom have succeeded in breaking the secret language that has allowed imprisoned leaders of al-Qaida to keep in touch with other extremists in U.K. jails as well as 10,000 "sleeper agents" across the islands....

[...]

For six months, the code-breakers worked around the clock deciphering the code the three terrorists created.

Between them, the code-breakers speak all the dialects that form the basis for the code. Several of them have high-value skills in computer technology. The team worked closely with the U.S. National Security Agency and its station at Menwith Hill in the north of England. The identity of the code-breakers is so secret that not even their gender can be revealed.

"Like all good codes, the one they broke depended on substituting words, numbers or symbols for plain text. A single symbol could represent an idea or an entire message," said an intelligence source.

The code the terrorists devised consists of words chosen from no fewer than 20 dialects from Afghanistan, Iran, Pakistan, Yemen and Sudan.

Inserted with the words ­ either before or after them ­ is local slang. The completed message is then buried in Islamic religious tracts.

EDITED TO ADD: Here's a link to the story that still works. I didn't realize this came from WorldNetDaily, so take it with an appropriate amount of salt.

Posted on November 23, 2009 at 7:24 AM • 68 Comments

Comments

Brandioch ConnerNovember 23, 2009 7:49 AM

"Like all good codes, the one they broke depended on substituting words, numbers or symbols for plain text. A single symbol could represent an idea or an entire message," said an intelligence source.

Aren't those the easiest codes to break?

"Inserted with the words ­ either before or after them ­ is local slang. The completed message is then buried in Islamic religious tracts."

So, not only easy to break but easy to use against them.

DaveNovember 23, 2009 8:01 AM

Maybe I'm missing something, but if you break an adversary’s codes, is it not rather bad form to broadcast that fact to all and sundry?

jacobNovember 23, 2009 8:05 AM

I am a little sceptical of this. Brandioch, this could be very hard to break, unless you have confirmation similiar to the code breaking used against the Japanese and Midway. A word "qatar" means bomb in N.Y. This could be very hard to break in my mind. Granted, lack of imaginiation on my part, maybe. In this case the story could mean the word salami means "....." This could be a OTP

DanielNovember 23, 2009 8:16 AM

I'm confused.

Doesn't 10,000 sleeper agents and a code book sound a lot like a centralized design?

Aren't these operatives supposed to work in cells?

phred14November 23, 2009 8:16 AM

@Dave

I have to agree. The only response to a story like this would have to be, "Why didn't they have Shaftoe and Waterhouse on the job?"

OlafNovember 23, 2009 8:28 AM

Why announce it?
Why let them know you have broken the code and allow them to change it?

Doesn't smell right to me.

Yeah, right.November 23, 2009 8:31 AM

The only reason to tell the public they have broken the code, is if they are not able to break the code but want to stop people from using is.

JaddyNovember 23, 2009 8:36 AM

One interesting tidbit for me is, that Afghanistan, Pakistan and Iran are not arabic speaking countries. The most common linguistic basis there is Persian, which is different from Arabic. Yemen and Sudan are arabic speaking. The regional languages will differ even more between Afghanistan and Sudan.

From the linguistic POV, I'd be very skeptical, that there's a real "code book", that's commonly used.

MNovember 23, 2009 8:37 AM

@Yeah right: another reason to publicize that the code was broken would be if they are no longer getting any valuable information from it, to demoralize the enemy.

InsoNovember 23, 2009 8:39 AM

@Dave

Good point. I don't think that a government agency would be stupid enough not to realize that. Either than that it could be a provocative move or maybe al-Qaida already knew the code was broken before the story went public.

Clive RobinsonNovember 23, 2009 8:43 AM

The UK GCHQ used to have the reputation of saying even less than the US "Never Say Anything"

(They once tried to prosecute a journo for putting stuff in an article, and would have succeded if GCHQ had not run a recruitment campaign with a picture of the building and the address in the back of "Wireless World" magazine...)

However the warm winds from the middle east may have thawed the glacial result of fifty year ot the wind from the Siberian steps a little. And the UK Gov being compleatly cash less GCHQ may be feeling the pinch and decided "it pays to addvertize"...

But the whole thing sounds some what implausable one way or another.

As others have noted what's the percentage in letting the world know you've cracked the code unless you know for certain you are never going to be able to use it in future...

I smell a fish not unlike a pilchard the question is, is it red or not...

jgrecoNovember 23, 2009 8:43 AM

This entire thing reeks of BS to me. As others have mentioned, why announce it if you broke it? How exactly is there a single code used by literally thousands of different operatives in an organization that is known for purposely *lacking* organization? And furthermore, what is up with the line, "The identity of the code-breakers is so secret that not even their gender can be revealed."? That statement entirely does not make any sense, under less secret circumstances is the gender of agents normally disclosed? This reminds me of the trick that if someone makes it a point to avoid mentioning someone as a "him", then it undoubtably is a "she".

@phred14
At the very least, it certainly sounds like trickery of this sort.

/.erNovember 23, 2009 8:58 AM

@Daniel Yes, they operate in cells, but they are communicating out of the prisons to people that are free.

Oh, you meant small groups of people, never mind then.

Andrew SuffieldNovember 23, 2009 8:59 AM

Hang on.

The link given does not go to this article.

Google cannot find any article with this text in that is not a reposting of this blog post, on the same website or anywhere else.

Is Schneier messing with us? Is somebody messing with him?

shadfirebirdNovember 23, 2009 8:59 AM

I thought that codes like this (as opposed to cyphers) were very difficult to break? And that the normal way to break them was via espionage, not cryptography?

BryanNovember 23, 2009 9:04 AM

Like Thomas said above: "10,000 sleeper agents?"

Does the article have a citation for this number? That sounds absurd on many levels. It's too large, they're specifically "sleeper agents", it's a nice round number and it's in the context of a larger article that doesn't make any sense from a counter-intelligence perspective.

It's hard to take any of this seriously. Is the whole article a joke? The site only shows a small part of it to non-members.

EgbertNovember 23, 2009 9:18 AM

It's propaganda - don't feed the trolls

Just remember:

for all $enemy
{
print "We at war with $enemy; We have always been at war with $enemy\n"

wait_until ( $distraction_needed )
}


DaveNovember 23, 2009 9:23 AM

From the article:

"A third member of the code-makers is Abu Hamza, jailed in 2006 for inciting murder. He's also in Belmarsh prison fighting deportation to the U.S. He brought finesse to the code he helped to create, developing a way of transmitting it by tapping out the secret language on the prison's water pipes, investigators said."

Methinks he must be a Red Dwarf fan. It's a good job he didn't get the Chinese laundry...

KeithNovember 23, 2009 9:32 AM

It reads like the sort of sensationalist stuff the UK tabloid media occasionally invent. I wouldn't put much trust in the facts as reported, although it's not impossible that some sort of code was broken and a journalist then embellished the story a little to make it more "newsworthy" for people who don't understand cryptography.

JohnNovember 23, 2009 9:51 AM

@Bret -

The link you found at wnd.com is a publication called World Net Daily (also affectionately referred to as "Wing Nut Daily"). It is a hard core right wing tabloid that is not known for its internal consistency, zealous fact checking, or even attachment to reality. If that's the only place this has been published, I'd say someone's been snookered.

John

Angel OneNovember 23, 2009 9:55 AM

The link goes to another story right now, but looking at the other stories on the website, this looks less and less like a legitimate news outlet. Headlines include:

* ACORN, L.A.: You need to hook up on the 'international sex business level'

* Ex-Mossad official sees massive attack on the U.S. homeland

* Saudis announce new nuke reactor, 'a completely peaceful project'

* Obama blunders through Asia, undoing Bush's years of deft diplomacy

* Why so serious about China? / China could use its microchips to penetrate U.S. weapons systems

Shockingly, none of these major stories like the Saudi reactor have been mentioned by any other media source. My feeling is that this is a less-than-completely serious media outlet and the story contains little if any truth.

Angel OneNovember 23, 2009 9:58 AM

Wait, one more - this one's my favorite. We don't need to care about breaking Al-Queda's code anyway because:

* Al Qaida does not plan suicide hijackings similar to its attacks on New York and Washington in 2001


These guys have a serious agenda, are very opinionated, a complete lack of accountability and sources, and basically just seem to make stuff up. Just another tabloid.

HJohnNovember 23, 2009 10:02 AM

@Angel One: "* Al Qaida does not plan suicide hijackings similar to its attacks on New York and Washington in 2001 "
__________

It is unlikely they'll do that again. If suicide hijackings were done again, it would probably be a copy cat, but if al qaeda strikes again it probably will be something they haven't done before and that we aren't expecting.

BF SkinnerNovember 23, 2009 10:29 AM

@Bryan @Thomas "10,000 sleeper agents"

I think Daniel Gardner in his Science of Fear observed that large even numbers that keep being repeated are likely always made up out of air. Numbers supported by research rarely come out even.

So a definite BS flag.

SimpleLogicNovember 23, 2009 10:35 AM

"The identity of the code-breakers is so secret that not even their gender can be revealed."

This statement implies that the number of code-breakers is relatively small. Gender would not be revealing if the group were large.

"Between them, the code-breakers speak all the dialects that form the basis for the code."

If the dialects is 20, as stated in the article, then some conclusions might be drawn about the size of the group of code-breakers. The phrase 'between them' seems to indicate that several members speak two or more dialects. So the total number would be less than 20.

"Several of them have high-value skills in computer technology."

In a large group intent on breaking a code, the number with computer tech skills would also be large. Again, this indicates the size of the group. The phrasing also seems to indicate that the number several (at least 3) is a minority.

So the group size is likely greater than 6 and less than 20, and most likely between 10 and 20. A larger group would also have greater difficulty maintaining the level of secrecy implied by the article.

But all this depends on whether or not the article is accurage.

Uckchay OrrisnayNovember 23, 2009 10:41 AM

Just to give cred to the Government Communications Headquarters.

They also succeeded in breaking "Pig Latin."

BF SkinnerNovember 23, 2009 10:49 AM

"helped to create, developing a way of transmitting it by tapping out the secret language on the prison's water pipes"

How very intelligent these dangerous men are...to have created something that was invented at the same time as prisons with indoor plumbing. Knock codes are very old con skills. (Betcha Clive invented it!)

Perhaps the reason the initial link is no longer valid is a) Bruce made a mistake in copy paste b) the World Tribune made a misake on their paste up (my local paper does this all the time and are ragged unmercifully for it) c) the World Tribune realized it was hooey and pulled the story.

survival training homework for all cipherpunks...go home and learn this http://en.wikipedia.org/wiki/Tap_code
you never know when TSA wants to confine you in the airport.

Petréa MitchellNovember 23, 2009 11:16 AM

Angel One says:

"My feeling is that this is a less-than-completely serious media outlet and the story contains little if any truth."

You're half right. WorldNetDaily is dead serious, but it is not what I would call a highly reliable source. See John's comment above.

JohnNovember 23, 2009 11:20 AM

GCHQ are a strange organisation. There are signposts to the building in Cheltenham, UK and yet it's top secret.

RHNovember 23, 2009 11:29 AM

@John: I can point down the street at a building where they do Top Secret information processing, no problems at all. I'm sure if I tried to take a peek at what they were doing there might be a few questions to answer =)

I think you're confusing Top Secret with black projects, where not only is the results of the project secret, but the project itself is secret, and in fact the mere existence of a project at all is sometimes secret.

M, got it first: assuming its not WND having fun, there's plenty of ways to determine that a code already has been broken (dang, why are all these police at the building we were going to break into?!). After that, its propaganda value. They merely weighed its value as propaganda against the statistical value from a bit of information regarding how good their code breakers are.

MarkHNovember 23, 2009 11:43 AM

Let's see:

Published in WorldNetDaily...

Begins "Top code-breakers"...

Says "10,000 'sleeper agents'" (in Great Britain alone!)...

Massive use of passive voice...

Author not identified...

Sources not identified...

Processing... processing...

DING! Pure horse excrement.

Bruce, you awake?

Tangerine BlueNovember 23, 2009 12:38 PM

Terrorists - illiterate morons who blow themselves up, and scare G20 nations with their plans to hack national power grids, infiltrate the highest levels of governments, and nuke large cities. And now, elaborate codes that humiliate Bletchley Park.

BF SkinnerNovember 23, 2009 1:14 PM

So Bruce posts this today. We kick it around and our final assessment is bunk? yes?

How long before the MSM, MIB, FMs and FATMFH* pick it up and start basing their stories not on the original bunk but on Bruce saying only "I'd like to know more..."

http://www DOT google DOT com/search?q=Al+Qaeda+Secret+Broken&rls=com.microsoft:*&ie=UTF-8&oe=UTF-8&startIndex=&startPage=1

It's already listed on governmentsecurity org and securitynewsportal com and bigsoccer com (for some reason)


Mainstream media, Men in Black, Fear Mongers...Frothing at the mouth fat heads...

StormcrowNovember 23, 2009 1:30 PM

This gets even better if you read the byline of the WND piece.

"Editor's Note: The following report is excerpted from Joseph Farah's G2 Bulletin, the premium online newsletter published by the founder of WND. Subscriptions are $99 a year or, for monthly trials, just $9.95 per month for credit card users, and provide instant access for the complete reports."

Now, look up "Joseph Farah" on Google.

Hint: here's his page at Sourcewatch: http://www.sourcewatch.org/index.php?...

This isn't just BS pure and simple. It's BS crafted to jack up Mr. Farah's bottom line. And WND's bottom line, of course. It probably needs some shoring up, since most of the far-right propaganda publishers run at a loss. Regenery Publishing is just one example out of many.

Joe BuckNovember 23, 2009 1:37 PM

I don't believe it. Government codebreakers in the UK aren't in the habit of bragging about their accomplishments in the press; after all, if you reveal that you've broken the bad guys' code, the bad guys respond by dropping that code and switching to a different one. Governments will take extreme measures, including allowing attacks they know about to succeed, to avoid revealing that they've broken a code.

FelixNovember 23, 2009 2:18 PM

Don't forget, there's an election soon in the UK.
So the government (in power since 1997) would not be averse to a bit of publicity about the successful War on Terror.

(Of course they would be unlikely to choose the World Nut Daily!)

Clive RobinsonNovember 23, 2009 2:29 PM

So the aroma of hot smoked fish (ie a red herring) appears to be getting stronger 8)

On a technical note code books are not a good way to go about hiding secrets as they are effectivly a simple substitution and are thus breakable when an analyst gets enough "depth". They also have a few other disadvantages.
Few mortals can memorise them except by frequent use. You have to guess at the time of making them all the words or sentances you will wish to send in an uncertain future. You have to user a cipher to super encrypt them to prevent the simple substitution being easily decoded, and a whole host of other reasons.

I like the statment,

"A single symbol could represent an idea or an entire message,"

Which whilst true it has an interesting converse that is you have to decide in advance what your "entire message" is to be.

During WWII the BBC sent code phrases out "to our friends in occupied Europe" on behalf of SOE.

These phrases where used to launch all ready agreed plans of action.

It is thought that cold war "number stations" forfilled a similar role.

However it is highly unlikley you would want to use such systems to send non pre arranged messages as the weakness of the system makes decoding such messages easier.

With regards the "knock code" dear god where did they drag that old chestnut up from. You might as well use a loud hailer (bull horn) to anounce you are sending cryptic messages to every body.

Yes it has a long history so does using two torches or two flags, these systems are not secret codes but open codes like that developed by Samual Morse or Charles Whetson or any other "transmission code" such as ASCII or Baudot.

With regards 10,000 sleepers in the UK that is the equivalent of one seventh of the current prison population....

As for the bit about the "code breakers",

"Several of them have high-value skills in computer technology. The team worked closely with the U.S. National Security Agency and its station at Menwith Hill in the north of England."

Oh dear oh dear oh dear, depending on who you ask being able to use MS Office qives you "high-value skills in computer technology".

And as for the NSA and Yorkshire go google them and "BRUSA agrement".

And do you notice the list of countries "Afghanistan, Iran, Pakistan, Yemen and Sudan" what about Egypt and a few countries in the far east where it is said that "al-Qaida" (if it exists which is extreamly doubtfull) also hang out...
More over these are places where "the 20 dialects" came from. Now call me old fashioned but a dialect is an artifact of a comman language spoken in slightly different ways in different GeoLocs.

The more I think about it the more holes this story has in it.

I propose we nominate it for a "Second hand String Pants" award 8)

Filias CupioNovember 23, 2009 6:23 PM

@Guillaume: "Good thing Churchill didn't brag about being able to read through Enigma encrypted messages ..."

It was a hard-won lesson. After WW I he bragged about having broken the German codes, and much regretted it when the Germans improved their codes in response.

Sorry, I can't find an online reference to this.

anonymousNovember 23, 2009 7:15 PM

Maybe the whole point of this announcement is that they CAN'T break the code. If they make Al Qaeda think that the code is broken, they're likely going to change it. A new method could contain flaws that are easy to detect, or the communication of the new encryption method between Al Qaeda members could be intercepted to reveal all.

Clive RobinsonNovember 24, 2009 8:03 AM

@ Guillaume, Filias Cupio,

During WWI Churchill was first sea lord. Within his domain was "Room 40" which had the job of breaking the German Naval codes, which they did with what appears to be consmate ease.

Churchill was also a prolific historical author and during his quiet times after WWI he wrote about his time as first sea lord.

Apparently he mentioned Room 40 in one book, however I think the Germans where aware of what might have happened prior to this as they had started work on the Enigma.

However the Royal Navy did not learn the lesson about the weakness of the type of codes in use. During WWII they carried on with the same code types and procedures. The result was that the German cryptographers (b-dinst) where happily reading the Navy signals for some considerable period of time...

If you google for churchill and room 40 you should find a refrence online somewhere. If not I'll have a dig through my lib and see what I can find.

DavidNovember 24, 2009 8:34 AM

@Clive: Codebreaking at Room 40 was, I believe, assisted greatly by the German cruiser Magdeburg, which ran aground in the Baltic and had its code books captured by Russians. They sent the books to Britain. There were some other recoveries of German codes in that war.

Karl LembkeNovember 24, 2009 12:26 PM

I lost patience with World Net Daily a couple of years ago. There's a chance a story they run may be worth reading, and they do link to other news agencies.

This story, I note, is sourced to the editor's "G2 Bulletin", which charges $99/year for subscriptions. (Or $10/month for "monthly trials".) I wonder how many subscribers this bulletin gets -- IOW, how many people are willing to shell out the $99 for what it delivers.

JuergenNovember 24, 2009 12:29 PM

I'd guess that this "code" is just the pidgin language you get when you put all these people from the region together. Maybe with a few code words strewn in for obvious terroristy stuff, "bomb" and such.

JuergenNovember 24, 2009 12:30 PM

> * Obama blunders through Asia, undoing Bush's years of deft diplomacy

Sounds like The Onion to me ...

LambdaMuNuNovember 24, 2009 3:10 PM

Very strange. If this were true, why would they make it public? This is stupid. If you break a code, don't tell it, or your ennemy will use another code. This is why the braking of Enigma code was kept secret during WWII.

Clive RobinsonNovember 24, 2009 4:33 PM

@ David,

"Codebreaking at Room 40 was, I believe, assisted greatly by the German cruiser Magdeburg, which ran aground in the Baltic and had its code books captured by Russians. They sent the books to Britain."

Yes, and it is also at first sight historicaly a little odd. Which requires a little related history from the time to explain.

Which may at first appear to be "off topic" but actually is quite related so I hope the Moderator will be lenient ;)

The Royal Navy intelligence and code breaking was largely carried out under the auspicess of "Room 40" at the Admiralty, and was thus under Churchill's control as First Sea Lord.

It was known that he had a very strong aversion to the rise of what latter became Russia's brand of "communisum" (thought up originaly in Highgate and Hampsted areas of North London).

Though Churchill had no aversion to socialism or nationalisation, contary to current "conservative" image of him (he brought in Beveridge to make a British version of Bismarks social support by the state). Or particularly the methods of "state control" espoused in the idea.

So you would expect Churchill to treat the Russian gift with suscpicion as potentialy being a "Trojan Horse".

However Churchill was also known at the time to be a pragmatic if not erratic political opperator, in that he had twice crossed the floor (changed political party) to further his aims.

The author Patrick Beesly, whose book "Room 40" gives a very interesting account of UK naval intelligence through the build up to WWI and the war it's self, paints an interesting asspect on the American entry into WWI as being the result of Churchill's machianations.
Beesly notes that Room 40 and thus Churchill where aware that the German U-boat fleet at sea had been made aware of the sailing of the passenger liner Lusitania, and it's ports of call.

Also that Room 40 where aware that a U-boat known to have sunk two ships at the time was opperating to the south of Ireland. And thus must have been aware that the Lusitania sailing to Queenstown would cross it's path.

Beesly like others befor him could not find any record of any specific warning being given to the Lusitania. Nor of any destroyer escort being provided to give protection of the Lusitania into Queenstown. Further he notes that having so recently sunk two ships no destroyers in the area where given instructions to hunt out the U-boat which was again quite unusual at the time.

Thus to Beesly he indicates that, "no effective steps were taken to protect the Lusitania.".

Beesly further states that bassed on the lack of evidence otherwise,

"I am reluctantly driven to the conclusion that there was a conspiracy deliberately to put the Lusitania at risk in the hope that even an abortive attack on her would bring the United States into the war."

And effectivly points the finger at Churchill with,

"Such a conspiracy could not have been put into effect without Winston Churchill's express permission and approval."

Further what was not made too clear at the time, was that although a passenger liner full of civilians the Lusitania's hold was loaded with munitions of war.

Which would have been contary to the "rules of war" such as they where at the time. And that it was highly probable, that German U-Boat Command where well aware of this cargo through diplomatic communications traffic, which Room 40 may well have decoded.

Further it was known to many, including the German U-Boat Command and thus the U-Boat Captains that Churchill had given express orders to the Captains of merchant ships, including liners, to ram German submarines if they encountered them.

In the same memoirs of WWI where Churchill revealed the activities of Room 40, he made it quite clear that dragging "neutral countries" into the fight against the enemy was a crucial part of warfare,

"There are many kinds of maneuvres in war... ...The maneuvre which brings an ally into the field is as serviceable as that which wins a great battle."

What the truth is about Churchill's involvment with the sinking of the Lucitania is may never be known, but Churchill was ever ready to seize on any oportunity to further a cause irrespective of the facts at hand (see all his political activities prior to 1940 they will surprise many). And his view about bringing neutrals into a conflict is hardly original when you remember the very pragmatic Arabic saying about "mine enemies enemy is my friend".

Which brings us around to the second argument that historians have about the US entry into WWI in 1917 and Churchill's probable involvment.

This is the involvment of Room 40 under the command untill May 1917 of Alfred Ewing (later knighted), in the decoding of the infomus diplomatic "Mexico Telegram" of Zimmermann.

These two events most historians usuall conclude where the two main if not only reasons the US Public became outraged at Germany and thus forced the US into WWI.

Before the moderator gives up and raises the "Off Topic flag" ;) I'd better explain why the Zimmermann Telegram is very pertanent to this discussion.

It is because it involved the reconstruction of a code book which the artical Bruce wants to know more about claims is what the GCHQ folks did on the "supposed" al-Quaida code.

Reconstructing code books (not ciphers or their keys) is a subject of trial error, great patiance and subjective judgment, gut fealings or plain old hunches by those involved and is not a such a science but an art (although the use of computers these days has greatly assisted in the task).

To get increased certanty over the "hunch" of a probable interpretation of a particular code requires a "depth" of messages involving it. By which the various messages individual contexts reveal the "possible" meaning of the code in question. The more varied these contexts the more probable the codes meaning.

As the depth increases, the percevied certainty as to what an individual code might mean increases, and thus hunches about other related codes builds up.

Eventually the code book is partialy reconstructed to the point where traffic under it can be read and thus further verification or meanings of codes continues to the point where most traffic under the code is fully readable.
However great care has to be excercised of what is a very subjective activity with frequent "sanity checking" by others not directly involved with the reconstruction. Otherwise you will enter a maze of self delusion filled with many many twisty little subsurface passages. Without the daylight of correct perception of reality to guide you back to the surface, it is all to easy to cut the slender thread that leads you back, thus leaving you endlessly wandering alone in the dark, not knowing where you are going (except mad as has happened on numerous occasions).

To add further to the problems "hand coding" of messages is at best a tedious task, and thus quite error prone. Further because a code book rarely has the "exact" meaning required, the encoder bends the meanings of codes to fit the message at hand.

For the communicating parties this is usually not that much of a problem it rates as much attention for them as ordinary transcribing errors.

However for the eavesdropper with out a code book to see a transcribing error it vastly reduces the chance of correctly attributing any given code the correct meaning.

Then of course there is the issues of "jargon" and "slang" or "verbal shorthand" which in ordinary life gives rise to puns and other humour.

This "in house" shorthand is an issue for any crypto analaysis be it a code or cipher, as the analyst is effectivly an "outsider" looking in, and thus has little or no knowledge of what things like acronims etc mean. George Orwell highlighted this problem in his work leading up to and during WWII, and put it in his book 1984 (which also featured a "Room 101"), he wrote this whilst working for the BBC (and living in a book shop at the bottom of Pond St, Hampsted London).

Some historians have called into question the decoding of the Zimmermann Telegram, and it is this "subjective reasoning" which is the root of the problem of the telegrams interpretaion.

The advantage of the gift from the Russian's of one of the two code books recovered from the grounded Magdeburg is that it cut out the subjectiveness for that code and gave certainty which then added clarity to other related codes shedding light on their reconstruction (which is one of the things that gave Room 40 it's abilitie to read nearly all German Naval traffic and a great deal of diplomatic traffic).

Now fully back on topic ;)

I personaly do not think it likley that there was anything close to the amount of traffic "supposadly" sent by al-Qaida to get any depth for anything other than a very very simple code or cipher to be broken.

Further anything beyond a very very simple and weak code cannot be "just memorised" by even the best of ordinary mortals. You need a particular (photographic / photoretentive) mind set which few possess, irrespective of other atributes or abilities.

The reason for this is that the human mind works on patterns and associations, either of which would be fatal in a code book as it would make it much much easier for an analyst to reconstruct.

Each time I even think about this story the aroma of smoked fish gets stronger and stronger ;)

DCNovember 24, 2009 6:19 PM

My memory may be wrong on details, but didn't the US use such a code type in WWII with the "Indian talkers"? The other guys couldn't get the cultural context to break it even if they had a dictionary, as the Indians used allegory and so on in their languages to cover things the language was never meant to really handle.

Sorry, I don't know the politically correct term for "native Americans" as I'm only about 1/32 of one.

Johnny HoehandleNovember 24, 2009 9:08 PM

@DC: "Native American" is primarily used by (a) divorced rich white women with tie-dyed skirts and turquoise earrings who are "studying *cough* under" Chief Thundering Log, AKA Johnny Hoehandle; and (b) those annoying intellectual stripminers the colleges are turning out like Tootsie Rolls.

I am Anishinabe. That is my Nation.
I am an American. From waaaay back.
I am an Indian. That is my race.

We normally refer to each other, *intertribally*, as Indians, and generally consider the "politically correct" to be well-meaning Zhagnash simpletons.

Also, you must be very small.

Oh, yeah. That whole GCHQ thing was written by somebody with a real nose-candy problem, innit?

Clive RobinsonNovember 25, 2009 5:44 AM

@ DC / Doug,

"didn't the US use such a code type in WWII with the "Indian talkers"?"

Yes if I remember correctly they where known as the "Navaho code talkers".

It was only used for "field" level conditions where the strength was assumed to be on a resource limitation.

That is the enemy could not have sufficient resources to make the information comprehensable in a time frame where it would have been of any use.

They made a similar but incorect "resource" assumption in Vietnam over VHF/UHF communications, and it was costly in downed aircraft and other areas such as ground troops.

The Israelies have more recently discovered that a "resource" assumption does not always work with Hezbola and the rocket attacks that led upto the conflict at the end of the GWB administration.

The Israelies found that Hezbola where effectivly reading their encrypted communications.

It does not actually matter if it was by braking the encryption or traffic analysis. The Israelies made an "enemy resource" assumption about their battle field comms and it cost them.

TomNovember 25, 2009 6:18 AM

Al Qaeda code book would be the Quran.

Al Qaada uses the Quran texts and a type of Chaffing and winnowing to pass messages

sooth sayerNovember 25, 2009 8:07 AM

These are no codes!

These are slangs used by a small group -- you go beyond the group and no one will know for sure what you are talking about.

Slangs are prearranged -- and may be used differently by other small groups.

For example one group might report I will send you a new pen - meaning a new trigger -- other group might say I will be sending you a flute.

To catch this usage you need human intelligence -- you need to penetrated the groups .. a lot of groups - hiring mathematicians and computer programmers is grand waste of money.

Clive RobinsonNovember 25, 2009 10:53 AM

@ sooth sayer,

"These are slangs used by a small group -- you go beyond the group and no one will know for sure what you are talking about."

If you are correct and based on evidence supplied to court hearings in the UK then yes there is a good probability of what the artical author is hiding behind.

However as you say they are not codes in the crypto sense, they are infact "linquistic stenography".

And like all forms of stenography it has serious problems.

One of which is "styalised" speach or text. That is if you read it or hear it being read it sounds styalised in the same way poems of various forms are.

However to say,

"To catch this usage you need human intelligence -- you need to penetrated the groups .. a lot of groups - hiring mathematicians and computer programmers is grand waste of money."

You are wrong on your points. A computer can and has been programed to recognise various forms of styalised writing. Not just that it's styalised but also the type of styalising.

This means that the software can "winnow" out styalised messages and bring them forward for further investigation.

As was once noted "even in code you can recognise the language used without being able to either decode it or read it".

There are various publicaly known ways of spotting potential "stego" in files etc (google detecting DRM or detecting watermarks).

These programs are quite sensitive and it "beggers belife" to think that neither GCHQ or the NSA have not developed such systems as part of Echalon or Carnivor et al.

Bruce ClementNovember 26, 2009 3:32 PM

@Clive Robinson

If you haven't already, please start your own blog & let me know where it is. I'd like to read it. Other than Bruce Schneier, your contributions are the best thing about this blog.

Clive RobinsonNovember 26, 2009 9:06 PM

@ Bruce Clement,

"If you haven't already, please start your own blog"

Sorry no I have not got a blog nor am I likely to start one (with open comments) for several reasons.

The obvious "admin overhead" including identifing and removing unwanted comercal or self promoting comments.

Then there is the problem of finding enough "new material" for a weekly let alone daily blog.

(maybe Bruce will say how much work is involved for these two issues on this blog).

However there is the non obvious security issues, which for various reasons are more of a worry.

For instance, imagine you need to control a botnet?

Most methods have issues and the control site is identified and gets taken down or "black listed".

So why not get the bots to scan the "last hundred comments" page looking for a particular "anouncment" stegoed into a comments post?

The obvious reason is as the admin you would notice a couple of hundred let alone tens of thousands of bots visiting your site as it would probably fall over.

However if you where a slightly more wiley botnet operator you would know that this is likley so would not have their bots visit the site.

Instead they would know that "search engine robots" hit popular blogs every couple of hours and get the bots to search google etc instead.

The other advantage of this is of course "google" traffic is normal for nearly every computer user, a specific blog not. Thus the search from the bots blends in and google is not going to get "black listed" any time soon.

The other advantage for the bot net operator is it does not matter who's blog they stick the control message on those search engine robots will find it.

Capatchers and even TLS/SSL certs on the blog are not going to stop this botnet control model.

Google or other search engines can not realy stop it either all the bot net operator has to do is use a time variable identifier...

As they say "fame has a cost" and "I don't need the head ache" ;)

FrankDecember 15, 2009 5:17 AM

At first glance 10.000 sleeper agents seems a high number of terrorists whom will quickly overrun security services resources and makes you want to buy the latest antiterrorist protection kit.

But on second thoughts, the fact that they are all communicating with imprisoned AlQaeda members whose communications are well known to be intervened, makes me think that they have possibly not read the most basic AlQaeda manual for terrorists and there is not much to worry about.

David SternlightDecember 15, 2009 6:07 AM

High value computer skills in the cryptographic field are likely analogous to nuclear reactor code programming skills in physics, or blast loading programming skills in aerodynamics--discipline-specific skills not widely available. No one is talking about Microsoft Word in that context except a few wise guys here.

Another high-value computer skill might be the ability to use special purpose programming tools used on "special" computers not commercially available. Such people are usually limited to current or former employees of the organizations that commissioned those computers; again a pretty small population.

It changes with the times; I remember a room I once visited that was used by Navy WAVES to operate a particular class of electro-mechanical decryption devices in the "old days". The high value "computer" skill there was the ability to survive very high heat--the WAVES often had to be dragged out of the room physically after a two hour shift.

Of course that was about 50 years ago, and the digital computer has made physical working conditions much more pleasant. In fact it's interesting that the benefits of air conditioning were gained by some employees not because they were being kept cool, but because the computers were.

Clive RobinsonDecember 15, 2009 9:05 AM

@ David

"High value computer skills in the cryptographic field are likely analogous to nuclear reactor code programming skills in physics, or blast loading programming skills in aerodynamics--discipline-specific skills not widely available."

Having worked in a number of those fields of endevor, I would say it is not the "computer skills" that are important or particularly difficult to aquire (Embeded software design etc). And in many cases much of the "heavy lift" with those computer skills are easily aquirable with only moderate effort (think re-building a linux distrubution specificaly designed to run of a USB drive of which there are many).

What is required in the fields of endevor you mentioned is "domain specific" knowledge and resources to design and build tangable devices.

Unfortunatly with cryptography you are dealing with intangable information, that only becomes tangable for some methods of storage and communication but not all (learn by rout and pass by word of mouth).

Thus you don't end up with tangable products just intangable information stored on zero cost or very low cost devices such as marks in a book etc.

Or in the case of software some form of data media (floppy/CD/DVD/microSD card/USB sticks etc).

Some of these data media devices can be utilised like the "shaven slaves head" of antiquity.

That is they are so small and robust they can be hidden in a small cut to the body under the arm or in the groin for considerable periods of time without effecting either the device or the body it is put in.

Likewise they can be easily retreived, and if placed carefully they would not show up on ordinary security searching or on most medical examinations including many X-rays.

As for the domain knowledge required to make a reasonably secure system you just require basic programing skills and a couple of Bruce's books, or the 3rd edition Donald Knuth "Art of..." books.

You could of course just download an appropriate software runtime from the Internet of which there are many thousands available. Or Open Source Crypto library of which there are hundreds.

Most of which with cautious use would provide little joy for the likes of even the NSA.

There are even quite simple pencil and paper systems that can be easily memorised that again would stand up to much analysis if carefully used.

For instance "book codes" and a Nillist compression cipher.

You have a method by which a key sentance is picked. You select the first seven unique "Eat on Irish" letters, and asign then to the numbers 0-6. Which for the first sentance of this para are,

O=0, H=1, A=2, E=3, T=4, I=5, N=6.

Likewise you asign the other letters of the alphabet and numbers punctuation etc to the numbers 70-99 via some easily rememberal method. This builds a simple substitution alphabet that flattens the frequency distrubution statistics.

You then transpose you message via a keyword etc and then convert to numbers using the substitution alphabet in the usual manner.

You then encrypt your message using an appropriate cipher of which there are a number you can use.

Transpose the numbers into a different order using another keyword.

You then pick a second sentance and build a second "alphabet " and convert the encoded numbers back to letters etc and send.

The result of this is a cipher text message that appears to have a natural language frequency distrubution but it is not related in any simple way to the message content.

Such a system can be fairly easily learnt, can be programed up in most programing languages with little difficulty and provided you take care can be extreamly difficult to break (but not impossible).

ask more questionsDecember 22, 2009 10:12 AM

A suggestion, I think the probibility that this is really a code breakthrough are pretty low. It is a good story, when then are not many good stories to tell about the combined intellegence mobilization that was triggerd to fight terrorism... bit of a paper tiger.

If you want to see how some of the evidence was collected and looked for other "Terrorist Suspects" and would like to get an interesting perspective on our "War on Terror" I suggest the Adam Curtis Documentary, "The power of nightmares" I have included the link... enjoy..
mark

mis-informationDecember 26, 2009 9:24 AM

I know why they announced that they broke this code. It is because the code simply doesn't exist. This is yet one more example of people taking advantage of the lack of thought by many people. (Or to be more blunt, the stupidity of the masses.)

One should think for about 15 seconds. A few untrained people magically come up with this complex code using 20 different dialects of a language. They then spread knowledge of said complex code to 10,000 people many of whom are in jail without detection.

Terrorism prisoners are prevented from communicating just because of this movie plot threat. They are often kept from even discussing information with their defense attorneys and they have absolutely no way to pass around these messages.

RNovember 1, 2012 11:00 AM

hey... long time no see.
Codes - the basic code has not been revealed. It is not written down.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..