From: "Steven M. Bellovin" <smb@cs.columbia.edu> To: cryptography@metzdowd.com Subject: the effects of a spy Date: Tue, 15 Nov 2005 16:08:50 -0500
Bruce Schneier's newsletter Cryptogram has the following fascinating link: http://www.fas.org/irp/eprint/heath.pdf It's the story of effects of a single spy who betrayed keys and encryptor designs.
Steve posted Bruce's reference to an astounding paper. It's a master's thesis in military history by a US army major, looking at the John Walker spy case's effects and the absolutely badly broken US Military systems he was part of - - the security clearance process was systematically unreliable, pretty much guaranteeing that there'd be enough bad guys hired and given access to highly classified information that you'd expect some of it to get sold to the Soviets, and they were much more worried that sailors might be gay than that they might have serious drinking and financial problems - the radio crypto system he was stealing keys for was used by the entire US Navy in ways that one person could compromise the communications for the entire fleet for months, undetected, - tens of thousands of people had access to the keying material, - the NSA mostly designed crypto systems with the goal of having them not be compromised, but the Navy mostly designed operations systems with the goal of being able to communicate reliably, - the NSA didn't realize how different the Navy's operations environment was from how the NSA would run things, and the Navy didn't realize how critical the handling requirements were, - Navy classified information storage rooms used to have photocopiers (:-) - Navy personnel files were accessible to the people they were about, and one way to renew your security clearance was to create your own paperwork, - theoretically the Fleet Broadcasting System keying material was split into four regions of the world to reduce risk of compromise, but in practice every ship had every set of keys in case they needed them, - the military in the mid-70s still used some even older NSA systems that were based on rotor machines, in spite of the fact that some rotor machines had been cracked as early as the 1930s (but the Enigma cracking was still secret until 1979, so security-by-obscurity said this was still ok for most uses), and the main reason they were phased out was they were too slow, - hauling keying material around by courier might be ok for an airforce, but Navy ships move slowly and independently enough that they tend to haul around huge chunks of keying material, as well as couriering material for other services. The author speculates that the Pueblo may have been seized specifically because the Soviets knew they'd be able to get keying material from Walker and wanted to get the crypto machine, and that they later cracked the machine so they no longer needed new keys. Walker's access to couriered keying material appears to have exposed much of the Vietnam War B-52 bombing plans to the Soviets, so the North Vietnamese and Vietcong could avoid being in the places that the US was bombing for several years. "Breaking the Ring" was a book about the Walker spy ring and its effects, and Heath discusses a few items from it that she thinks were probably deception by various players. There's a little bit of technical detail, mostly not that deep, but enough to let the reader understand the impacts of various technologies and decisions, like the risks of having tens of thousands of sailors having access to material that can compromise the communications of the entire fleet. The NSA used to not only pretend not to exist, but also pretended to have the best crypto people in the world, and while they may have had the best codebreakers, it clearly wasn't having much effect on their codemaking side as late as the mid-70s - and while public-key crypto wasn't very practical in 1976 when Diffie-Hellman was first published, it was apparently desperately needed, and the Navy would probably have better off with DES than with much of what they were using back then. Were the mid-70s really that long ago? Was the security clearance system that incompetent back when I had mine (:-)?