[linuxiran] Breaking Iranian Codes

[Arash Partow]

From Cryptogram:

Breaking Iranian Codes


Ahmed Chalabi is accused of informing the Iranians that the U.S. had
broken its intelligence codes.  What exactly did the U.S. break?  How
could the Iranians verify Chalabi's claim, and what might they do
about it?

This is an attempt to answer some of those questions.

Every country has secrets.  In the U.S., the National Security Agency
has the job of protecting our secrets while trying to learn the
secrets of other countries.  (Actually, the CIA has the job of
learning other countries' secrets in general, while the NSA has the
job of eavesdropping on other countries' electronic communications.)

To protect their secrets, Iranian intelligence -- like the leaders of
all countries -- communicate in code.  These aren't pencil-and-paper
codes, but software-based encryption machines.  The Iranians probably
didn't build their own, but bought them from a company like the Swiss-
owned Crypto AG.  Some encryption machines protect telephone calls,
others protect fax and Telex messages, and still others protect
computer communications.

As ordinary citizens without serious security clearances, we don't
know which machines' codes the NSA compromised, nor do we know how.
It's possible that the U.S. broke the mathematical encryption
algorithms that the Iranians used, as the British and Poles did with
the German codes during World War II.  It's also possible that the NSA
installed a "back door" into the Iranian machines.  This is basically
a deliberately placed flaw in the encryption that allows someone who
knows about it to read the messages.

There are other possibilities: the NSA might have had someone inside
Iranian intelligence who gave them the encryption settings required to
read the messages.  John Walker sold the Soviets this kind of
information about U.S. naval codes for years during the 1980s.  Or the
Iranians could have had sloppy procedures that allowed the NSA to
break the encryption.

Of course, the NSA has to intercept the coded messages in order to
decrypt them, but they have a worldwide array of listening posts that
can do just that.  Most communications are in the air-radio,
microwave, etc. -- and can be easily intercepted.  Communications via
buried cable are much harder to intercept, and require someone inside
Iran to tap into.  But the point of using an encryption machine is to
allow sending messages over insecure and imperceptible channels, so it
is very probable that the NSA had a steady stream of Iranian
intelligence messages to read.

Whatever the methodology, this would be an enormous intelligence coup
for the NSA.  It was also a secret in itself.  If the Iranians ever
learned that the NSA was reading their messages, they would stop using
the broken encryption machines, and the NSA's source of Iranian
secrets would dry up.  The secret that the NSA could read the Iranian
secrets was more important than any specific Iranian secrets that the
NSA could read.

The result was that the U.S. would often learn secrets they couldn't
act upon, as action would give away their secret.  During World War
II, the Allies would go to great lengths to make sure the Germans
never realized that their codes were broken.  The Allies would learn
about U-boat positions, but wouldn't bomb the U-boats until they
spotted the U-boat by some other means...otherwise the Nazis might get
suspicious.

There's a story about Winston Churchill and the bombing of Coventry:
supposedly he knew the city would be bombed but could not warn its
citizens.  The story is apocryphal, but is a good indication of the
extreme measures countries take to protect the secret that they can
read an enemy's secrets.

And there are many stories of slip-ups.  In 1986, after the bombing of
a Berlin disco, then-President Reagan said that he had irrefutable
evidence that Qadaffi was behind the attack.  Libyan intelligence
realized that their diplomatic codes were broken, and changed them.
The result was an enormous setback for U.S. intelligence, all for just
a slip of the tongue.

Iranian intelligence supposedly tried to test Chalabi's claim by
sending a message about an Iranian weapons cache.  If the U.S. acted
on this information, then the Iranians would know that its codes were
broken.  The U.S. didn't, which showed they're very smart about this.
Maybe they knew the Iranians suspected, or maybe they were waiting to
manufacture a plausible fictitious reason for knowing about the
weapons cache.

So now the NSA's secret is out.  The Iranians have undoubtedly changed
their encryption machines, and the NSA has lost its source of Iranian
secrets.  But little else is known.  Who told Chalabi?  Only a few
people would know this important U.S. secret, and the snitch is
certainly guilty of treason.  Maybe Chalabi never knew, and never told
the Iranians.  Maybe the Iranians figured it out some other way, and
they are pretending that Chalabi told them in order to protect some
other intelligence source of theirs.

During the 1950s, the Americans dug under East Berlin in order to
eavesdrop on a communications cable.  They received all sorts of
intelligence until the East Germans discovered the tunnel.  However,
the Soviets knew about the operation from the beginning, because they
had a spy in the British intelligence organization.  But they couldn't
stop the digging, because that would expose George Blake as their spy.

If the Iranians knew that the U.S. knew, why didn't they pretend not
to know and feed the U.S. false information?  Or maybe they've been
doing that for years, and the U.S. finally figured out that the
Iranians knew.  Maybe the U.S. knew that the Iranians knew, and are
using the fact to discredit Chalabi.

The really weird twist to this story is that the U.S. has already been
accused of doing that to Iran.  In 1992, Iran arrested Hans Buehler, a
Crypto AG employee, on suspicion that Crypto AG had installed back
doors in the encryption machines it sold to Iran -- at the request of
the NSA.  He proclaimed his innocence through repeated interrogations,
and was finally released nine months later in 1993 when Crypto AG paid
a million dollars for his freedom -- then promptly fired him and
billed him for the release money.  At this point Buehler started
asking inconvenient questions about the relationship between Crypto AG
and the NSA.

So maybe Chalabi's information is from 1992, and the Iranians changed
their encryption machines a decade ago.

Or maybe the NSA never broke the Iranian intelligence code, and this
is all one huge bluff.

In this shadowy world of cat-and-mouse, it's hard to be sure of
anything.

Hans Buehler's story:
<http://www.aci.net/kalliste/speccoll.htm>



__________________________________________________
Be one who knows what they don't know,
Instead of being one who knows not what they don't know,
Thinking they know everything about all things.
http://www.partow.net