[Cryptography] highlights of crypto history

John Denker jsd at av8n.com
Mon Nov 14 13:48:37 EST 2016

On 11/13/2016 05:39 PM, ianG asked:

>> What is the most important message ever protected or not protected? What day was it sent?

An alternative suggestion for a date:  Perhaps crypto should be
celebrated on Cyber Monday, because without crypto there would
be no e-commerce.

In contrast, the idea of celebrating "cryptography day" based on 
this-or-that famous message seems misguided, because messages only
become famous when they're leaked.  Note the asymmetry:
  -- Secure encryption is ongoing and quiet, whereas
  -- cryptanalytic breakage leads to spectacular incidents
   on identifiable dates.

This asymmetry makes it hard to obtain balanced political support
and funding for crypto;  the code-makers generally lose out to
the code-breakers.  All too often people forget Rowlett's dictum:
  "In the long run it was more important to secure one's own
   communications than to exploit those of the enemy."

On 11/13/2016 09:25 PM, Jon Callas wrote:
> I'd put Pearl Harbor in there as well,

Yes.  Although it is not primarily a crypto issue, I apologize for
the idiocy of not mentioning it originally.  Pearl Harbor is in
fact an enduring metonym for infamous surprise attack, including:
 -- successful offensive secrecy, along with
 -- unsuccessful defense at many levels.

One could also add to the list any number of recent leaks:
 -- The Manning leaks.
 -- The Snowden leaks.
 -- The Sony hack.
 -- The OPM hack.
 -- The Mossack Fonseca leak.
 -- The DNC and Podesta hacks.
 -- etc. etc. etc.

To a degree, better crypto would have helped defend against some
of these, but only to a degree.

Like the Battle of the Bulge, Pearl Harbor involved precious little
crypto, but instead mostly old-fashioned low-tech comsec and opsec.

> The US was decrypting all the traffic and could only bite their
> nails. They knew something was up, but not what.

I'm not so sure of that.  The way I heard the story, OP-20-G was
/not/ decrypting much relevant traffic prior to Pearl Harbor,
for two reasons:
  a) Very little traffic was being sent.  The Pearl Harbor attack
   force was maintaining radio silence.  No attack orders were
   intercepted (much less decrypted) because no such orders were
   ever sent over the air.  Also there were no direction-finding
   (DF) fixes on the attacking force.  Intra-flotilla coordination
   was carried out by signal flags, semaphore, and Aldis signal
  b) OP-20-G could not break very much of the JN-25 code prior
   to December 1941.  They obtained a fair-to-good break early
   in 1942, based on increased level of cryptanalytic effort,
   plus greatly increased rate of traffic, magnified by the
   accumulation of traffic over time.

Evidence that the people who mattered were not biting their nails
comes from the fact that when the infamous 14-part diplomatic
message was decrypted, an alert was sent out to overseas bases,
but it was sent over prosaic low-priority channels.  High-priority
channels would have cost a few dollars more.  The alert was not
received until after the attack was well under way, and furthermore
it was so nonspecific that it wouldn't have had much effect even
if it had been received earlier.

So as I see it, this was not really a crypto issue.  In this forum
it may be worth a little bit of bandwidth to understand /why/ it
was not a crypto issue.  The intelligence failures were elsewhere.

For starters, there were search radars in operation in Hawaii.  The
one newly relocated to Opana Hill did see the incoming planes, but
this was not taken seriously and produced no defensive response.
Partly this was due to the lack of any semblance of decent IFF

Another explanation (not a good reason, just an explanation) of
why they weren't biting their nails goes like this:  Experience
with previous Japanese military operations (exercises and otherwise)
led to the following conditional:
   If the ships are at anchor in home waters,
   then they maintain radio silence.

That makes sense;  in home waters they can easily run telephone
and telegraph wires directly from ship to shore, and/or hand-
deliver written messages.

The truly terrible intelligence failure was a logical fallacy,
namely affirming the consequent, i.e. the fallacy of the converse.
The analysts assumed it was probable that:
  If they are maintaining radio silence,
  then the ships are at anchor in home waters.

This assumption had no basis in logic or evidence.  Also note that
"probability" is not what matters, but rather risk, i.e. probability
multiplied by the cost of being wrong.

And then there is old-fashioned complacency.  If you weren't attacked
yesterday, or the 5000 days in a row before that, it suggests you
«probably» won't be attacked tomorrow, but even so, you reeeally must
not ignore the tail risk.  It's a turkey problem:

Another intelligence failure is that apparently the Western powers
didn't count the warships in Japanese harbors.  Remember, in Japan
in 1941 there were still active embassies with diplomats and long-
range radios.  Since the ships were not in harbor /and/ were radio
silent, people should have been biting their nails.  Nowadays, with
20/20 hindsight, major powers use satellites, spy planes, over-the-
horizon radar, picket ships, et cetera to keep track of each others'
forces.  There are gaps in this system.  This has been discussed in
the techno-thriller literature, but not all the gaps are fictional.

Last but not least there is the attacker's intrinsic advantage:
The defender has to secure all the doors and all the windows, all
the time ... whereas the attacker only needs to break one, at a
time of his choosing.  This applies equally to crypto along with
everything else.

More information about the cryptography mailing list