Breaking Iranian Codes (Re: CRYPTO-GRAM, June 15, 2003)
At 4:03 AM -0500 6/15/04, Bruce Schneier wrote:
Breaking Iranian Codes
Ahmed Chalabi is accused of informing the Iranians that the U.S. had broken its intelligence codes. What exactly did the U.S. break? How could the Iranians verify Chalabi's claim, and what might they do about it?
This is an attempt to answer some of those questions.
Every country has secrets. In the U.S., the National Security Agency has the job of protecting our secrets while trying to learn the secrets of other countries. (Actually, the CIA has the job of learning other countries' secrets in general, while the NSA has the job of eavesdropping on other countries' electronic communications.)
To protect their secrets, Iranian intelligence -- like the leaders of all countries -- communicate in code. These aren't pencil-and-paper codes, but software-based encryption machines. The Iranians probably didn't build their own, but bought them from a company like the Swiss-owned Crypto AG. Some encryption machines protect telephone calls, others protect fax and Telex messages, and still others protect computer communications.
As ordinary citizens without serious security clearances, we don't know which machines' codes the NSA compromised, nor do we know how. It's possible that the U.S. broke the mathematical encryption algorithms that the Iranians used, as the British and Poles did with the German codes during World War II. It's also possible that the NSA installed a "back door" into the Iranian machines. This is basically a deliberately placed flaw in the encryption that allows someone who knows about it to read the messages.
There are other possibilities: the NSA might have had someone inside Iranian intelligence who gave them the encryption settings required to read the messages. John Walker sold the Soviets this kind of information about U.S. naval codes for years during the 1980s. Or the Iranians could have had sloppy procedures that allowed the NSA to break the encryption.
Of course, the NSA has to intercept the coded messages in order to decrypt them, but they have a worldwide array of listening posts that can do just that. Most communications are in the air-radio, microwave, etc. -- and can be easily intercepted. Communications via buried cable are much harder to intercept, and require someone inside Iran to tap into. But the point of using an encryption machine is to allow sending messages over insecure and imperceptible channels, so it is very probable that the NSA had a steady stream of Iranian intelligence messages to read.
Whatever the methodology, this would be an enormous intelligence coup for the NSA. It was also a secret in itself. If the Iranians ever learned that the NSA was reading their messages, they would stop using the broken encryption machines, and the NSA's source of Iranian secrets would dry up. The secret that the NSA could read the Iranian secrets was more important than any specific Iranian secrets that the NSA could read.
The result was that the U.S. would often learn secrets they couldn't act upon, as action would give away their secret. During World War II, the Allies would go to great lengths to make sure the Germans never realized that their codes were broken. The Allies would learn about U-boat positions, but wouldn't bomb the U-boats until they spotted the U-boat by some other means...otherwise the Nazis might get suspicious.
There's a story about Winston Churchill and the bombing of Coventry: supposedly he knew the city would be bombed but could not warn its citizens. The story is apocryphal, but is a good indication of the extreme measures countries take to protect the secret that they can read an enemy's secrets.
And there are many stories of slip-ups. In 1986, after the bombing of a Berlin disco, then-President Reagan said that he had irrefutable evidence that Qadaffi was behind the attack. Libyan intelligence realized that their diplomatic codes were broken, and changed them. The result was an enormous setback for U.S. intelligence, all for just a slip of the tongue.
Iranian intelligence supposedly tried to test Chalabi's claim by sending a message about an Iranian weapons cache. If the U.S. acted on this information, then the Iranians would know that its codes were broken. The U.S. didn't, which showed they're very smart about this. Maybe they knew the Iranians suspected, or maybe they were waiting to manufacture a plausible fictitious reason for knowing about the weapons cache.
So now the NSA's secret is out. The Iranians have undoubtedly changed their encryption machines, and the NSA has lost its source of Iranian secrets. But little else is known. Who told Chalabi? Only a few people would know this important U.S. secret, and the snitch is certainly guilty of treason. Maybe Chalabi never knew, and never told the Iranians. Maybe the Iranians figured it out some other way, and they are pretending that Chalabi told them in order to protect some other intelligence source of theirs.
During the 1950s, the Americans dug under East Berlin in order to eavesdrop on a communications cable. They received all sorts of intelligence until the East Germans discovered the tunnel. However, the Soviets knew about the operation from the beginning, because they had a spy in the British intelligence organization. But they couldn't stop the digging, because that would expose George Blake as their spy.
If the Iranians knew that the U.S. knew, why didn't they pretend not to know and feed the U.S. false information? Or maybe they've been doing that for years, and the U.S. finally figured out that the Iranians knew. Maybe the U.S. knew that the Iranians knew, and are using the fact to discredit Chalabi.
The really weird twist to this story is that the U.S. has already been accused of doing that to Iran. In 1992, Iran arrested Hans Buehler, a Crypto AG employee, on suspicion that Crypto AG had installed back doors in the encryption machines it sold to Iran -- at the request of the NSA. He proclaimed his innocence through repeated interrogations, and was finally released nine months later in 1993 when Crypto AG paid a million dollars for his freedom -- then promptly fired him and billed him for the release money. At this point Buehler started asking inconvenient questions about the relationship between Crypto AG and the NSA.
So maybe Chalabi's information is from 1992, and the Iranians changed their encryption machines a decade ago.
Or maybe the NSA never broke the Iranian intelligence code, and this is all one huge bluff.
In this shadowy world of cat-and-mouse, it's hard to be sure of anything.
Hans Buehler's story: <http://www.aci.net/kalliste/speccoll.htm>
-- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
"R. A. Hettinga" <rah@shipwright.com> forwarded:
So now the NSA's secret is out. The Iranians have undoubtedly changed their encryption machines, and the NSA has lost its source of Iranian secrets. But little else is known. Who told Chalabi? Only a few people would know this important U.S. secret, and the snitch is certainly guilty of treason.
Someone (half-)remembered reading the Crypto AG story in the Baltimore Sun several years ago, bragged to Chalabi that the US had compromised Iranian crypto, and the story snowballed from there. The story could have started out with a loquacious (Sun-reading) cab driver for all we know. Some reports have suggested the source was drunk, so maybe it was a drunk in a bar. Maybe Chalabi read the story himself and invented the snitch to make it seem more important than it was, or to drive the US security community nuts with an orgy of internal witch-hunting. Given the lack of further information, it could have been just about anything. Peter.
On Wed, Jun 16, 2004 at 03:37:54AM +1200, Peter Gutmann wrote:
"R. A. Hettinga" <rah@shipwright.com> forwarded:
So now the NSA's secret is out. The Iranians have undoubtedly changed their encryption machines, and the NSA has lost its source of Iranian secrets. But little else is known. Who told Chalabi? Only a few people would know this important U.S. secret, and the snitch is certainly guilty of treason.
Someone (half-)remembered reading the Crypto AG story in the Baltimore Sun several years ago, bragged to Chalabi that the US had compromised Iranian crypto, and the story snowballed from there. The story could have started out with a loquacious (Sun-reading) cab driver for all we know. Some reports have [...]
Well, most cabbies in Baltimore that I would encounter were too busy doing drugs or threatening passengers to be reading the Sun regularly, but who knows? -J
Crypto AG's website denies the allegation of its machines being compromised. Its FAQ claims the false the story got started in 1992 by a disgruntled employee. There, that reassures Iran, Botswana, Nigeria and Uganda. NSA never had those meetings with the machine designers. Now, how about that story of Phil Zimmermann getting out of prosecution by agreeing to a backdoor in PGP after 2.0? A man swears Phil told him that face-to-face, man says he disassembled the source code to see the damning hole. And the one about PK being rigged at birth, not the Brit version, the one made in the USA. A drunk ex-NSA had that on a ready-to-lose laptop bar-lifted by A. Melon. And the uncrackability of crypto-mathematics, need only to worry about faulty implementation and poor passwords and black bag jobs and key loggers and insiders and EM leakage. Heard the one about TEMPEST being a long-running tail-chaser?
On Tue, Jun 15, 2004 at 01:25:13PM -0700, John Young wrote: [...]
Now, how about that story of Phil Zimmermann getting out of prosecution by agreeing to a backdoor in PGP after 2.0? A man swears Phil told him that face-to-face, man says he disassembled the source code to see the damning hole.
Erm... he disassembled source code? With what? Emacs? Or vim maybe? BTW, I met a guy once who swore you were an fed informer. I mean, he sounded really positive. Said you had told him yourself. -J
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At 2:09 PM -0400 6/15/04, Jack Lloyd wrote:
Erm... he disassembled source code? With what? Emacs? Or vim maybe?
If you look down a bit, you might notice he's pulling your leg. If you're not *real* careful, he'll pull it clean off and beat you over the head with it. Besides, he's an architect, ferchrissakes. The only disassembly he knows about is done with stuff like this: <http://www.rocklandmfg.com/demolition_attachments.htm>
BTW, I met a guy once who swore you were an fed informer. I mean, he sounded really positive. Said you had told him yourself.
Naw. That was his brother-in-law, or something. The one in Maryland, someplace. A venerated man in his profession, John's still an old lefty from way back. If you squint real hard, maybe you can see him in the crowd here: <http://www.columbia.edu/acis/history/68-dead.html>. ;-) He ain't no spook. His heart would stop, or something. There are lots of people who hate the state from the left. John's one of 'em -- if you can understand what he says. :-) Cheers, RAH -----BEGIN PGP SIGNATURE----- Version: PGP 8.0.3 iQA/AwUBQM9UZsPxH8jf3ohaEQIF+ACgwp8+iQCp0ZQvJfQ+tHgd9592IdkAnRvQ JIgNq+x70jzgFNAoWmwKBcRJ =KS9O -----END PGP SIGNATURE----- -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Maybe Chalabi read the story himself and invented the snitch to make it seem more important than it was, or to drive the US security community nuts with an orgy of internal witch-hunting. Given the lack of further information, it could have been just about anything.
Maybe Chalabi made up a story that turned out to be true and, like the 1965 movie "I saw what you did and I know who you are" where a pair of teenagers make prank calls at random and say that sentence -- which is fun until they ring up a guy who just murdered his wife -- now has to explain that which is impossible to explain. --dan
James Bamford is an author of several books, including some of the first on the National Security Agency, the code breakers and signals intelligence operators. He has written a recent book on intelligence manipulation in the run up to the Iraq war. During a radio interview he was asked about the Iranian code crack. http://freshair.npr.org/day_fa.jhtml;jsessionid=0DIL5REBMCVQPLA5AINSFFA?display=day&todayDate=06/08/2004 His reply, from sources in the NSA- Current cryptosystems are very complex and hard (near impossible) to crack. The way its done now a days (as opposed to WWII Ultra efforts), is to penetrate an embassy (in this instance, Iran's embassy in Baghdad) and bug the hardware, getting the information before its encrypted. Of special interest- bug the keyboard, bug the monitor, bug the power cord. How its gathered by the interested parties was not discussed, Yours- Ridge ---------------------------------- Peter Gutmann wrote:
"R. A. Hettinga" <rah@shipwright.com> forwarded:
So now the NSA's secret is out. The Iranians have undoubtedly changed their encryption machines, and the NSA has lost its source of Iranian secrets. But little else is known. Who told Chalabi? Only a few people would know this important U.S. secret, and the snitch is certainly guilty of treason.
Someone (half-)remembered reading the Crypto AG story in the Baltimore Sun several years ago, bragged to Chalabi that the US had compromised Iranian crypto, and the story snowballed from there. The story could have started out with a loquacious (Sun-reading) cab driver for all we know. Some reports have suggested the source was drunk, so maybe it was a drunk in a bar. Maybe Chalabi read the story himself and invented the snitch to make it seem more important than it was, or to drive the US security community nuts with an orgy of internal witch-hunting. Given the lack of further information, it could have been just about anything.
Peter.
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
participants (6)
-
geer@world.std.com -
Jack Lloyd -
John Ridge Cook -
John Young -
pgut001@cs.auckland.ac.nz -
R. A. Hettinga