World War II Anecdote about Trust and Security

This is an interesting story from World War II about trust:

Jones notes that the Germans doubted their system because they knew the British could radio false orders to the German bombers with no trouble. As Jones recalls, "In fact we did not do this, but it seemed such an easy countermeasure that the German crews thought that we might, and they therefore began to be suspicious about the instructions that they received."

The implications of this are perhaps obvious but worth stating nonetheless: a lack of trust can exist even if an adversary fails to exploit a weakness in the system. More importantly, this doubt can become a shadow adversary. According to Jones, "...it was not long before the crews found substance to their theory [that is, their doubt]." In support of this, he offers the anecdote of a German pilot who, returning to base after wandering off course, grumbled that "the British had given him a false order."

I think about this all the time with respect to our IT systems and the NSA. Even though we don't know which companies the NSA has compromised -- or by what means -- knowing that they could have compromised any of them is enough to make us mistrustful of all of them. This is going to make it hard for large companies like Google and Microsoft to get back the trust they lost. Even if they succeed in limiting government surveillance. Even if they succeed in improving their own internal security. The best they'll be able to say is: "We have secured ourselves from the NSA, except for the parts that we either don't know about or can't talk about."

Posted on December 13, 2013 at 11:20 AM • 32 Comments

Comments

ZachEDecember 13, 2013 11:45 AM

Honestly, since the NSA can just bust out a FISA-court approved NSL, apparently at will, compelling access and criminalizing any revelation off that access and NSL, literally NOTHING can get me to trust that my info is not being vacuumed up with the rest, and since I make international phone calls and trips, I'm probably a higher-interest potential surveillance target than most.

What kind of assurance can Google or Yahoo or whoever provide that there isn't already wholesale interception going on? Since the DNI can apparently perjure himself in front of congress without any repercussions, I think we all have to assume that any denial of the existence of a program, no matter how seemingly far-fetched to the ears of a pre-Snowden person, is just a bald-faced lie.

DBDecember 13, 2013 12:02 PM

I completely agree with ZachE... and I think that the only solution is open source. Both open source software, and open source hardware. You see... post-Snowden, there is NO WAY EVER to be sure that ANY closed source thing is secure... in fact, you can guarantee that it might be compromised, as long as our Government can do whatever it wants. And there's nothing anyone can do about it, we're all totally helpless to review that software and check it... because it's closed source. It's secret. By its nature, we can't verify and therefore we can't know.

Open source on the other hand, might also be compromised, but it might also be safe. The difference is the power is in our hands, we the people, we can check it... at least, those of us with some technical abilities to do so...

Jordan BrownDecember 13, 2013 12:11 PM

Why would you believe that Google is running the open-source software that they say they are running?

Even if you could inspect the systems to confirm what software they are running, why would you believe that your production network operations are actually going to *those* systems?

Brian M.December 13, 2013 12:21 PM

The lack of trust doesn't extend just to service providers, but to hardware manufacturers as well. Look at FreeBSD's recent decision to not trust either Intel or Via HRNG. And of course everybody is paranoid that the processors contain hidden instructions to unlock everything to the NSA! As if magic numbers really are magic...

At some point, nobody will believe that you can "trust the math." NIST publishes tests and code for RNGs, it's open source, but will they be believed? Dieharder, successor to Diehard, is currently maintained, is also available. But since the HRNG is "not verifiable," except by using math, people freak out.

I can see all of this from the engineer's point of view: "I built this really cool HRNG, isolated it against tampering, but they won't use it because they're paranoid and can't do math!"

I kind of wonder how the FreeBSD people feel about the HRNG in TPM chips. I suppose that there will be several /dev/rand*, for raw, seeded, and a few flavors of pseudo.

DBDecember 13, 2013 12:42 PM

I did not intend to imply that just sprinkling the word "Open Source" on top of something magically guaranteed it was safe... There are still issues to conquer, the difference is that with open source, they are POSSIBLE to conquer... whereas with closed source they are IMPOSSIBLE to conquer!

Closed source by definition is secret. That's what the word "closed" means... secret. Everything that's secret cannot be verified. No verification means you and I cannot check it, even if we have the expertise to do so.

Open source does not guarantee that anyone actually IS verifying it... it can still be just as compromised. But, if you and I have the expertise to do so, we CAN check it, and then compile it ourselves. Third party services still have the issue of not allowing you and I physical access to check what they're running, and open source hardware manufacturers still have the issue of you and I not having the physical access to watch our chip being made before we use it... but it's still an improvement, because if we don't trust that service provider or hardware manufacturer, we can jolly well go out and make our own if we have that ability... And an explosion of copy-cats makes it more expensive for the government to compromise them all too. Obviously the more complex a piece of hardware gets, the harder it is to pull this off, so we need to also think about writing software in such a way that it does NOT trust any of its underlying hardware at all (such as: a virtual machine where even the RAM usage is encrypted from the perspective of the host machine)... defense in depth here.

DBDecember 13, 2013 12:48 PM

Brian M: exactly what math are you using to prove that a given RNG is safe? From the way I understand it, you can only prove that you haven't yet thought of an algorithm that predicts it... That doesn't mean there isn't one. It just means you haven't found one (yet).

John McLaneDecember 13, 2013 1:07 PM

Brian M. • December 13, 2013 12:21 PM
Dieharder, successor to Diehard, is currently maintained, is also available. But since the HRNG is "not verifiable," except by using math, people freak out.


Will the successors to Dieharder be

Diehardwithavengeance,
Livefreeordiehard, and
Agooddaytodiehard?


Duncan KinderDecember 13, 2013 1:47 PM

Distrust was rampant in WWII.

Once of the most notorious episodes was the Cicero spy affair, in which a mole in the British embassy in Turkey sold information to the Germans. Suspecting that he might be a double agent, the Germans discounted his information, which included references to D-Day.

Cicero, in contrast, was unduly trusting of the Germans. The money they used to pay him was counterfeit.

http://www.amazon.com/...

vas pupDecember 13, 2013 2:02 PM

Rommel's Army (Africa, World War II) used the following: they provide false information about their prospective actions/location to Berlin (to their superiors) because Rommel figured out that all his reports to Berlin were compromised, i.e. he did not trust channels or assumed possibility of the British mole in Berlin. He was not paranoid. His distrust was based on facts: he counted occurences/statistics of bad consequences for his Army followed transmisson of information.

DanielDecember 13, 2013 2:25 PM

A man much wiser than me whose name I cannot recall said, "suspicion has a tendency to create what it suspects."

Ahh...I Googled it. Of course, C.S. Lewis.

I have watched it in my own mind and in the mind of others. Its all part of FUD.

zumarekDecember 13, 2013 3:15 PM

I think we were just in b4 Snowden era. Trust in companies like Microsoft, Google or Yahoo … well only one is encrypting data now and they legally cannot disclose information. So what is next … Back to Private Cloud for companies.

DBDecember 13, 2013 3:24 PM

Just because you're paranoid doesn't mean they aren't watching you... and just because something is FUD doesn't mean it's false.

A little paranoia is good, it makes us double check things and be more careful, and helps us make fewer assumptions. We just have to make sure it doesn't overtake our lives and cause us to stop being functioning positively contributing members of society. I haven't stopped using the internet, for example...

I think what it comes down to is that people are most important in life: you, your family, your circle of friends, and beyond... focus on people. Be aware of the negative and take sensible precautions, but focus on the positive.

TLDecember 13, 2013 3:32 PM

@DB "Brian M: exactly what math are you using to prove that a given RNG is safe? From the way I understand it, you can only prove that you haven't yet thought of an algorithm that predicts it... That doesn't mean there isn't one. It just means you haven't found one (yet)."

The validation of a hardware random number generator relies on logic and an understanding of physics.

Math is used to analyze performance measurements, but ultimately the safety of a HRNG rests on the Law of Identity as it applies to action: things act in accordance with their nature.

If a source is naturally unpredictable, then it is safe by virtue of what it is.

NobodySpecialDecember 13, 2013 4:06 PM

Wouldn't the Germans have been suspicious when he message began "Guten tag" then continued VERY LOUDLY in English ?

Andrew BurdayDecember 13, 2013 5:44 PM

A fun short story on the theme of trust and its loss is Mark Twain, "The Man That Corrupted Hadleyburg".

anonDecember 13, 2013 6:44 PM

I really can't believe people are shocked by what Snowden revealed.

The US passed a law over a decade ago that gave them unprecedented access and created a globe spanning "war" against everyone who could be scary.

Google is an advertizing company ffs, their business model is to profile everyone and manipulate their online activities for a profit. They bought one of the best known internet scumbags (doubleclick) 7 years ago. Without pause by offering a few 'cool points' John Q public started conducting their personal communications over networks that were built for and openly collecting those communications (gmail) and carrying around a 'accurate to a few meters' tracking device.

Now suddenly we're shocked that the NSA/USA are piggybacking on top of other data siphons who've been collecting for years(decades) and actually doing what they gave themselves the permission/ability to do with the PATRIOT Act.

*Facepalm*

BryanDecember 13, 2013 6:57 PM

Wouldn't the Germans have been suspicious when he message began "Guten tag" then continued VERY LOUDLY in English ?
Not even close. What hosed them is Bletchley Park had the German Enigma code ripped wide open. Then they went on to break the much more complex Lorenz code. They had to be careful not to use everything they learned or the Germans would know their codes were broken. From Rommel's lack of trust in headquarters, it looks like they were cutting it close.

>a href="http://www.bletchleypark.org.uk/content/machines.rhtm">http://www.bletchleypark.org.uk/content/...

AspieDecember 14, 2013 4:29 AM

For those of us who had *any* trust of these companies I agree that M$ and GOOG will struggle to regain it but anybody who ever trusted them completely was decieving themselves. In a way the profit motive will keep these companies looking at the problem lest they lose their customers but, equally, prosecution by the NSA for defying an NSL could be just as disastrous to the bottom line in terms of trading even though - like Ladar Levison's Lavabit - we would be heartened by the principle.
Certainly any company that exclusively contracts to the government should be treated with the suspicion-o-meter set to "evaporate".
What would be *really* bad is if the mainstream companies were offered tax-breaks as a carrot to quietly cooperate with the NSA as well as the stick of an NSL. I think it was Maynard Keynes who said:

Capitalism is the extraordinary belief that the nastiest of men, for the nastiest of reasons, will work for the benefit of us all

hermanDecember 14, 2013 4:54 AM

Remember, it is not what you know, or even who you know. It is what you know, about who you know, that is important.

The debate around meta data is similar. What was said in a phone call or email is not important. It is the geographic location revealed by the meta data that is used to target a missile that is important.

DBDecember 14, 2013 7:35 AM

@TL Math is used to analyze performance measurements, but ultimately the safety of a HRNG rests on the Law of Identity as it applies to action: things act in accordance with their nature. If a source is naturally unpredictable, then it is safe by virtue of what it is.

Ok.. then if I give you a little tiny black box HRNG-on-a-chip, and tell you in general terms what it is... you can just do a little math and be absolutely certain it really is exactly what I say it is and I have not compromised it in any way, shape, or form? You won't need to physically take it apart, destroy it, and look inside it to be sure? I'm still a bit skeptical.

3.14December 14, 2013 8:25 AM

@Aspie:
For those of us who had *any* trust of these companies I agree that M$ and GOOG will struggle to regain it but anybody who ever trusted them completely was decieving themselves.

Certainly any company that exclusively contracts to the government should be treated with the suspicion-o-meter set to "evaporate".

These are the reasons why I think M$ and GOOG want "more openness" on the surveillance. More openness would allow them to put it on their privacy policies and thus shield themselves from legal action (it would officially become the end users problem).

Hogaaaaaan!December 14, 2013 8:28 AM

NobodySpecial • December 13, 2013 4:06 PM

Wouldn't the Germans have been suspicious when he message began "Guten tag" then continued VERY LOUDLY in English ?

According to all of those World War II movies and TV shows I watched as a kid, the Germans spoke English with a German accent.

finnwDecember 14, 2013 11:15 AM

Using open-source software (even if you yourself have audited it) does not make you safe if your OS has a backdoor. And more likely than not all major OSes have NSA backdoors.

AspieDecember 15, 2013 3:32 AM

@3.14
Fair point - though if the problem is shifted to us then that would be even more reason to hold them in contempt.

@vas pup
Neal Stephenson's Cryptonomicon illustrated this point with a vignette that Turing (and his team), having broken Enigma, supplying intelligence back to the allied army was aghast for example that a mid-atlantic battle was planned by the allied navy to sink german supply ships on the strength of the decoded intel.

Turing was fuming because such an act would immediately reveal to the Nazis that their communications network was seriously compromised and suddenly make his job much more difficult or even impossible. It's been postulated that the addition of another rotor or adherence to the OTP rotor settings would have made Enigma only breakable on a per-message rather than, as it sometimes was, a per-channel basis.

So if you want to test the security of a supposedly "secure" link you drop in some false but plausible intelligence - or in the case of Markus Wolf, actual real intelligence about an asset who was about to be pulled back to the nest - then look for evidence of it either in future policy or coming back the other way in the adversary's stream.

It's interesting, even fun, to read about but when lives depended on it the stress must have been incredible.

65535December 15, 2013 6:06 AM

Anybody care to estimate the modern bit strength of the Enigma machine that the German navy use?

BryanDecember 15, 2013 6:29 AM

@finnw

Using open-source software (even if you yourself have audited it) does not make you safe if your OS has a backdoor. And more likely than not all major OSes have NSA backdoors.
Even if they don't have backdoors, the coding is so poor that there are tons of exploitable vulnerabilities. Open source has the advantage of you can look for them and patch them yourself.

Clive RobinsonDecember 15, 2013 9:13 AM

@ 65535,

    Anybody care to estimate the modern bit strength of the Enigma machine that the German navy use?

Which one?

The simplest had just the three rotors and the invarient reflector, and at most had two spare rotors. The most complicated had three rotors out of eight and the invarient reflector became a forth static rotor. This also had not just the plug board butth uhr box as well with upto sixty changes that were not plug for plug swaps.

It's important to note that in use for any given message the enigma was realy two seperate ciphers in series. The first was the static simple permutation cipher of the plug board keyboard wiring and uhr box as well as both types of reflector because and sometimes one of the rotors as they remained invarient for the whole message. The second was the dynamic substitution cipher of the moving rotors.

From a simplistic perspective all you have to do is in an alphabet independant way solve the dynamic cipher and then perform a simple statistical analysis to break the simple static cipher to turn the independent alphabet back to a known alphapet to read the message. You can actually do this with a modern computer in a fairly short period of time with "known turnover point" rotors, due to the odmeter style stepping of the rotors.

However the enigma rotors were not of "known turnover" due to the fact of the two part construction of the wiring puck and it's outer alphabet ring which were fully adjustable with respect to each other. This means that for just three rotors although they would have just over 17.5k steps before the sequence began again the relationship had just over 17.5k diferent turn over positions giving a total of around (26^3)^2 or just under 309million (~2^18) sequences for the three rotors.

However the three rotors could be in one of six orders and the three rotors could be one of 8!/3! Sets giving just over 40k lots of 309million sequences which is a little under 2^44 individual sequences that would have to be checked with messages that would need to be around 100 or more chars long for the statistics to be good enough to frequency analyse the static substitution.

This would not be possible to do on a desktop in a reasonable period of time and was certainly way way beyond 1940's technology.

It was actually the poor implementation of key setting and distinquishing as well as the large amount of "messages in depth" that alowed short cuts to be found first by the three Poles, then by Alan Turing, but most interesting was that %ordon Welchman independently found not just Turings method but a significant way to improve on it (diagonal board).

Sadly for Gordon Welchman he was not given the credit he deserved and in fact after having become a nationalised US citizen he carried on working in secure communications for the NSA. However unlike many others who had retired and wrttten books in the 1970's about their wartime Ultra work the NSA did one of it's numbers on him and revoked his security clearance and baned him from public speaking. It was only after his death that an essay he had written could be finaly released. The revised edition of his book "The Hut Six Story" makes for a quite interesting read not just from the historical perspective but for the technical content as well which is clearly written and understandable by anyone with a reasonable high school education.

paulDecember 16, 2013 11:00 AM

Although the british may not have been spoofing communications, weren't they sometimes spoofing navigation? ISTR some systems that gave bearing (but not range) that could be spoofed fairly easily once understood.

Michael MoserDecember 17, 2013 8:50 PM

These trust issues remind me of 'Mother Night' by Kurt Vonnegut;

He also says that "We are what we pretend to be, so we must be careful about what we pretend to be.”

MBYDecember 19, 2013 5:31 AM

Another thing that makes me remember, as a swede, that trust is important in security is that Brazil just choose the Swedish fighter jet JAS-39 Gripen (griffin) over F-18 Super Hornet or Dassults Rafale. Its not obvious that JAG-39 is a better choice for Brazil, but apparently the NSA scandal affected the choice.

As a swede I'm of course proud and happy but the choice (for NSA-eavesdrop reasons) is not entirely rational since many components in JAS are from the USA. So, the NSA scandal has provoked fear and uncertainty, making perhaps irrational choices a way to go. Rafale may be more "NSA-free" than JAS, but more expensive.

Sorry for slight off-topic, but at least in Swedish news the NSA scandal is mentioned as having a part in Brazil's decision.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..