Wednesday, June 02, 2004

About codes.

About codes

Over at Volokh Conspiracy Mike Rappaport writes about Chalabi and Espionage:

In what is sure to be an important story, the New York Times reports that Ahmad Chalabi disclosed to Iran that the United States had broken the secret communications code of Iran's intelligence service. If it is true, there are many fascinating aspects to this story. One is that the US had Iran's secret code. Nonetheless, what is most striking from the Time's report is the apparent gross incompetence of the Iranian official who received the information from Chalabi:

American officials said that about six weeks ago, Mr. Chalabi told the Baghdad station chief of Iran's Ministry of Intelligence and Security that the United States was reading the communications traffic of the Iranian spy service, one of the most sophisticated in the Middle East.

According to American officials, the Iranian official in Baghdad, possibly not believing Mr. Chalabi's account, sent a cable to Tehran detailing his conversation with Mr. Chalabi, using the broken code. That encrypted cable, intercepted and read by the United States, tipped off American officials to the fact that Mr. Chalabi had betrayed the code-breaking operation, the American officials said.

If the intelligence agencies of other countries are committing mistakes of this magnitude, then perhaps it becomes a little easier to forgive our own intelligence agencies for their mistakes. Perhaps. In any event, that the United States had Iran's secret code, at least for a while, gives me more confidence in our intelligence agencies than I have had for some time.

I do not really want to fisk Mike's article or his conclusions. I did want to comment on them a bit. Rappaport writes

One is that the US had Iran's secret code

That is not something that is actually all that surprising to me. It is *really* hard to build codes that could somehow withstand the computing and cryptographic prowess of the NSA. Most public codes rely on the difficulty of finding proper "prime factors" for the key with which a message is encrypted. However, while NSA is unlikely to spend thousands of computer-years on breaking a love note from my to my wife, one images resources for breaking Iranian codes would be made available. Non-public encryption algorithms are a different matter. Their main weakness lies in the fact that there is no wide expert community to test and find flaws in these cyphers. For their encryption Iranians would have 3 choices: a private cypher, a public PGP-type cypher, or some combination of the first two. Another problem for Iranians is that the more messages encrypted with some cypher are intercepted, the more analysis can be done and thus the easier it is broken. The amount of communications going into and out of Iraq must have been huge, compared to what be otherwise intercepted by US from "normal" sources of Iranian communications (USA does not even have an embassy there). As mentioned above, none of the options are guaranteed to remain unbroken by a concerted US effort. Given the priority of understanding Iran's involvement and actions in Iraq, I am not at all suprised that super-computers at Fort Meade would be cranking away at those codes. Moreover, for a change, US actually has a huge contingent of agents in Iraq - CIA and Military intelligence, to probe and try to get access to communications devices, code books, etc.

Another point made by Mike Rappaport was that

If the intelligence agencies of other countries are committing mistakes of this magnitude, then perhaps it becomes a little easier to forgive our own intelligence agencies for their mistakes.

Here too, I have to disagree somewhat. For one, whoever sent the cable may not know how a message is ecnrypted. Perhaps it was meant to be encrypted with a different cypher and the signals officer screwed up (or did not screw up but was a US agent [or a Mossas agent, of course. -ed]). Perhaps Iranians found out that the code was broken and decided to frame Chalabi for it.

Finally, I do not see why it is easier to forgive out intellegence agencies their mistakes because of mistakes our foes make. The fields of cryptography, communications and signals, and information theory are not a new invention. Large parts of those fields were written by Brits and Americans during WWII and significantly enlarged by Americans and Soviets during the Cold War. There is no reason to forgive institutional mistakes for problems that are largely known and avoidable. Iranians can lay claim to poor equipment, lack of training for their personnel, Israeli and American spies. US Agencies have no such excuse. I imagine that breaking Iranian (and everyone else's) codes are part of clear tactical goals set to them by the DoD and Joint Chiefs. I am proud and happy that they were successful in their mission this time, as I am sure they have done over and over again throughout the years.


Post a Comment

<< Home