| Submit your comments on this article |
| Iraq-Jordan |
| Bruce Schneier on Breaking Iranian Codes |
| 2004-06-15 |
| Severely EFL; Found at Instapundit; RTWT Iranian intelligence supposedly tried to test Chalabi’s claim by sending a message about an Iranian weapons cache. If the U.S. acted on this information, then the Iranians would know that its codes were broken. The U.S. didn’t, which showed they’re very smart about this. Maybe they knew the Iranians suspected, or maybe they were waiting to manufacture a plausible fictitious reason for knowing about the weapons cache. So now the NSA’s secret is out. The Iranians have undoubtedly changed their encryption machines, and the NSA has lost its source of Iranian secrets. But little else is known. Who told Chalabi? Only a few people would know this important U.S. secret, and the snitch is certainly guilty of treason. Maybe Chalabi never knew, and never told the Iranians. Maybe the Iranians figured it out some other way, and they are pretending that Chalabi told them in order to protect some other intelligence source of theirs. As I said, read the whole thing; Schneier mentions a lot of the usual historical incidents of this type, and one that I hadn’t heard of before: The really weird twist to this story is that the U.S. has already been accused of doing that to Iran. In 1992, Iran arrested Hans Buehler, a Crypto AG employee, on suspicion that Crypto AG had installed back doors in the encryption machines it sold to Iran -- at the request of the NSA. He proclaimed his innocence through repeated interrogations, and was finally released nine months later in 1993 when Crypto AG paid a million dollars for his freedom -- then promptly fired him and billed him for the release money. At this point Buehler started asking inconvenient questions about the relationship between Crypto AG and the NSA. So maybe Chalabi’s information is from 1992, and the Iranians changed their encryption machines a decade ago. Or maybe the NSA never broke the Iranian intelligence code, and this is all one huge bluff. In this shadowy world of cat-and-mouse, it’s hard to be sure of anything. Hans Buehler’s story: http://www.aci.net/kalliste/speccoll.htm. |
| Posted by:Phil Fraering |
| #2 If you would like the least glimpse into this sort of cryptological lunacy, please find a copy of "The Puzzle Palace," by James Bamford. His book deals with the NSA (National Security Agency), whose Eisenhower era charter remains classified to this day. Cryptography has advanced from the World War model of a pencil and pad of paper. Alan Turing made sure of that when he helped crack Enigma. Those of you who have read "The Puzzle Palace" might wish to peruse another article: The above model -- that the cryptographer may design and analyse a cipher so well that no cryptanalyst will be able to exploit any weakness ever -- is not the only approach to the encryption problem. In this report we describe a cipher that is based upon a different meta-model. Using HCIA neither the cryptanalyst nor the cryptographer will be able to perform detailed analysis of the cipher system. This is due to that a generator model is used where an instance of a cipher system is produced at runtime, kept secret during encryption, and then discarded immediately afterwards. Nice work if you can get it. |
| Posted by: Zenster 2004-06-16 12:35:52 AM |
| #1 In the short to medium term thinking your codes have been compromised when they haven't is probably more disruptive than having them compromised and not knowing. The timing incates to me it's the former. |
| Posted by: Phil B 2004-06-15 10:57:21 PM |