Category: Security

Security is immunity from the will of others.

Rommel and cryptography

One of the most interesting historical sections so far in David Khan’s The Code-Breakers describes the campaign in North Africa during WWII. Because of a spy working in the US embassy in Rome, the American BLACK code and its accompanying superencipherment tables were stolen. This had a number of major tactical impacts, because it allowed Rommel to read the detailed dispatches being sent back by the American military attache in Cairo.

Khan argues that this intelligence played a key role in Rommel’s critical search for fuel. His supply line across the Mediterranean was threatened by the British presence in Malta. Knowledge about a major resupply effort allowed him to thwart commando attacks against his own aircraft and turn back two major resupply convoys. It also provided vital information on Allied defences during his push towards Suez.

The loss of Rommel’s experienced cryptographers due to an accidental encounter with British forces had similarly huge consequences. It cut off the flow of intelligence, both because of changed codes and loss of personnel. As a result, the Allied assault at Alamein proved to be a surprise for Rommel and an important turning point.

As with so many examples in warfare, this demonstrates the huge role of chance in determining outcomes. Had security been better at the embassy in Rome, Rommel might have been stopped sooner. Had the German tactical intelligence team not been intercepted, Rommel might have had detailed warnings about Alamein. The example also shows how critical intelligence and cryptography can be, in the unfolding of world affairs.

Border guards and copyright enforcement

According to Boing Boing, Canadian border guards may soon be in charge of checking iPods and other devices for copyright infringement. If true, the plan is absurd for several reasons. For one, it would be impossible for them to determine whether a DRM-free song on your iPod was legitimately ripped from a CD you own or downloaded from the web. For another, this is a serious misuse of their time. It would be a distraction from decidedly more important tasks, like looking for illegal weapons, and probably a significant irritant to both those being scrutinized and those waiting at border crossings.

Hopefully these rumours of secret plans – also picked up by the Vancouver Sun are simply false.

Multiple anagramming

Emily Horn in a heap of clothes

The process of cryptanalysis can be greatly simplified if one possesses more than one message encrypted with the same key. One especially important technique is multiple anagramming. Indeed, it may be the only way to decipher two or more messages that have been enciphered using a one time pad.

The basic idea of multiple anagramming is that you can use one message to guess what possible keys might be, then use another message to check whether it might be correct. For instance, imagine we have these two messages and think they were enciphered using the Vigenere cipher:

SGEBVYAUZUYKRQLBCGKEFONNKNSMFRHULSQ
TUEEDAKHNVKUEOICHKIEPOHRIFDQSPHGEGQ

Now, suppose we think the first message might be addressed to Derek, Sarah, or Steve.

Using words we think the message might start with, we can guess at a key. If the first word is DEREK, the key would start with ‘PCNXL’. If the first word is SARAH, the key would start with ‘AGNBO’. Finally, if the first word is STEVE, the key would start with ‘ANAGR’. Here, the key is a bit of a clue. Normally, there would be no easy way to tell from one message whether we had found the correct key or not.

We can then test those keys against the second message. The first key yields ‘ESRHS’ for the first five letters. The second, ‘TORDP’. The third yields ‘THEYM’. The third looks the most promising. Through either guessing or testing further letters, we can discover that the key is ‘ANAGRAM’. The second message is thus ‘THEYMAYHAVEDECIPHEREDOURCODESCHANGE.’ Having two ciphertexts that produce sensible plaintexts from the same key suggests that we have properly identified the cipher and key being used. We can then easily decipher any other messages based on the same combination.

Destroying Iraqi RADAR in 1991

Smoker and fire escape

Anyone who has been trawling the internet in a search for information on the suppression of air defences during the first Gulf War might be well served by this article. In particular, it goes into a lot of detail about the location, identification, targeting, and destruction of Iraqi RADAR installations using weapons like the American AGM-88 High-speed Anti-Radiation Missile (HARM) and the British ALARM (Air Launched Anti-Radiation Missile). The article highlights how the use of Soviet equipment by Iraq made this a kind of test situation for NATO versus Warsaw Pact air defence and attack equipment.

What this suggests is that the NATO-Warpac central European air battle would have probably followed a similar course, leading to the defeat of the Communists’ IADS within a week or so, in turn leading to air superiority in the following week, as the Communist air forces would have withered under the fire of the Allied counter-air campaign. Fortunately this never had to happen and the world has been spared the inevitable nuclear response to the lost air battle and hence total conventional defeat through attrition by air.

Not a very comforting conclusion for the world at large, though no doubt gratifying for all the companies that built American planes and missiles and things.

One interesting tactic was the use of Brunswick Tactical Air Launched Decoys. These simulated the appearance of incoming aircraft, causing Iraqi RADAR installations to ‘light up’ in order to target them. Sometimes, they would draw fire from surface-to-air missile batteries. Often, this would leave the former temporarily defenceless at a time when their position – and that of their supporting RADAR – had been revealed. Both could then be targeted by NATO aircraft. The ruse was apparently so effective that the Iraqi armed forces maintained the false belief that they had destroyed several hundred British and American planes.

There is also a fair bit of information about jamming and other forms of electronic countermeasures. All in all, it provides an interesting glimpse back into a period when conventional warfare against standing armies was something NATO still did.

Keeping the bombs in their silos

Window and siding

Back in 2005, former US Secretary of Defense Robert McNamara wrote an article in Foreign Policy about the danger of the accidental or unauthorized use of nuclear weapons. The issue remains an important one: particularly given trends like Russia’s increasingly assertive behaviour (putting more nuclear weapons out where accidents or miscalculations could occur), as well as ongoing nuclear proliferation.

Writing for Slate, Ron Rosenbaum has written an article on steps the next US President could take to reduce ‘inadvertence.’ The danger of nuclear war may seem like a dated Cold War concern, but the sheer number of weapons on fifteen minute alert, the pressure on leaders to make an immediate decision when the military thinks an attack is taking place, and the growing number of states with nuclear technology all mean that it should remain a contemporary concern and area for corrective action.

Improvised explosive devices

Trash in the Rideau Canal locks

The Washington Post has an interesting special feature on improvised explosive devices (IEDs) in Iraq and Afghanistan. While the overall themes are quite common – Western forces are much less effective against insurgents than armies, low cost and low tech weapons can neutralize huge advantages in funds and technology – the specific details provided are quite interesting.

IEDs are apparently the single biggest killer of coalition troops in Afghanistan and Iraq. Partly, that is the result of not having large enough forces to monitor important routes continuously. Partly, it is the product of the sheer volume of explosives available in both states. Partly, it is the result of assistance provided by other states or sub-state groups, such as Iranian assistance being provided to some Shiite groups. Explosively formed penetrators – capable of firing six or seven pounds of copper at 2000 metres per second – are an excellent example of a relatively low cost, low-tech technology that seriously threatens a force that is far better trained, supported, and equipped overall.

Seeing how total air superiority, expensive armoured vehicles, and sophisticated electronic countermeasures can be no match for some guys with rusty old artillery shells and some wire is a humbling reminder of the limited utility of military force. Ingenuity, practicality, and humility will probably prove to be essential qualities as the US tries to find the least bad path out of Iraq, and while NATO tries to salvage the situation in Afghanistan.

Privacy and Facebook applications

I have mentioned Facebook and the expectation of privacy before. Now, the blog of the Canadian privacy commissioner is highlighting one of the risks. Because third party applications have access to both the data of those who install them and the friends of those who have them installed, they can be used to surreptitiously collect information from those in the latter group. While this widens the scope of what third party applications can do, it also seriously undermines the much-trumpeted new privacy features in the Facebook platform.

It just goes to reinforce what I said before: you should expect that anything you post on Facebook is (a) accessible to anyone who wants to see it and (b) likely to remain available online indefinitely. The same goes for most information that is published somewhere online, including on servers you operate yourself.

The Fischer-Tropsch process

Emily Horn and the sunset

Those hoping to understand energy politics in the coming decades would be well advised to read up on the Fischer-Tropsch process. This chemical process uses catalysts to convert carbon monoxide and hydrogen into liquid hydrocarbons. Basically, it allows you to make gasoline using any of a large number of inputs as a feedstock. If the input you use is coal, this process is environmentally disastrous. It combines all the carbon emissions associated with coal burnings with extra energy use for synthetic fuel manufacture, not to mention the ecological and human health effects of coal mining. If the feedstock is biomass, it is possible that it could be a relatively benign way to produce liquid fuels for transport.

The process was developed in Germany during the interwar period and used to produce synthetic fuels during WWII. The fact that it can reduce military dependence on imported fuel is appealing to any state that wants to retain or enhance its military capacity, but feels threatened by the need to import hydrocarbons. The US Air Force has shown considerable interest for precisely that reason, though they are hoping to convert domestic coal or natural gas into jet fuel – an approach that has no environmental benefits. By contrast, biomass-to-liquids offers the possibility of carbon neutral fuels. All the carbon emitted by the fuel was absorbed quite recently by the plants from which it was made.

Such fuels are extremely unlikely to ever be as cheap as gasoline and kerosene – even with today’s oil prices. The fact that there are parts of the world where you can just make a hole in the ground and watch oil spray out ensures that. That said, Fisher-Tropsch-generated fuels could play an important part in a low-carbon future, provided three conditions are met: (a) the fuels are produced from biomass, not coal or natural gas (b) the energy used in the production process comes from sustainable low-carbon sources and (c) the process of growing the biomass is not unacceptably harmful in other ways. If land is redirected towards growing biomass in a way that encourages deforestation or starves the poor, we will not be able to legitimately claim that synthetic fuels are a solution.

Digital camera noise signatures

I previously mentioned the possibility that jpeg metadata could cause problems with your cropping, revealing sections of photos that you did not want to make public. Another risk that people should be aware of relates to the particular ‘signatures’ of the digital sensors inside cameras:

If you take enough images with your digital camera, they can all be compared together and a unique signature can be determined. This means that even when you think that you are posting a photo anonymously to the internet, you are actually providing clues for the government to better tell who you are. The larger the sample size of images they have, the easier it is them to track down images coming from the same camera. Once they know all the images are coming from the same camera, all they then have to do is find that camera and take a picture to confirm it beyond a reasonable doubt.

The possible implications are considerable. This technique could be used in crime fighting, though also in tracking down human rights campaigners and other enemies of oppressive states. While the linked page lists some techniques for removing the tell-tale signs, there is no guarantee they will work against any particular agency or individual who is trying to link a bunch of photos to one camera or photographer.

The take-home lesson is that anonymity is very hard in a world where so many tools can be used to puncture it.

Some useful patterns in English

Rusty connector

By about 1300 CE, Arabic cryptographers had determined that you can decipher messages in which one letter has been replaced by another letter, number, or symbol by exploiting statistical characteristics of the underlying language. Here are some especially useful patterns in English.

  1. E is by far the most common letter – representing about 1/8th of normal text.
  2. If you list the alphabet from most to least commonly used, it divides into four groups.
  3. The highest frequency group includes: e, t, a, o, n, i, r, s, and h.
  4. The middle frequency group includes: d, l, u, c, and m.
  5. Less common are p, f, y, w, g, b, and v.
  6. The lowest frequency group includes: j, k, q, x, and z.
  7. E associates most widely with other letters: appearing before or after virtually all of them, in different circumstances.
  8. Among combinations of a, i, and o io is the most common combination. Ia is the second most common. Ae is rarest.
  9. 80% of the time, n is preceded by a vowel.
  10. 90% of the time, h appears before vowels.
  11. R tends to appear with vowels; s tends to appear with consonants.
  12. The most common repeated letters are ss, ee, tt, ff, ll, mm and oo.

Naturally, there are thousands more such patterns. Even understanding a few can help in deciphering messages that have had a basic substitution cipher applied.

Here’s one to try out:

LKCLHQBCKDRCPQQBDKAPZULSQUCDK
AZRDTDGPCOTZKQDPQBZQDQZHHLOIP
XLSVDQBZAOCZQICZGLHQDJCQLOCZI
QBDKAPQBZQDKQCOCPQXLSDKXLSOPM
ZOCQDJCSKHLOQSKZQCGXLQQZVZDPO
CGZQDTCGXMLLOGXMOLTDICIHLOVDQ
BRZHCPQLLJZKXLHQBCJRGLPCNSDQC
CZOGXDKQBCCTCKDKA

One hint is that cipher alphabets are not always entirely random. The tools on this page are useful for cracking monoalphabetic substitution ciphers.