Slashdot Mirror

← Back to Stories (view on slashdot.org)

U.S. Army Guide to Code Breaking

Posted by ryuzaki0 on from the terces-egassem-seog-ereh dept.

sebFlyte writes "From the introduction of this document, the U.S. Army's field manual guide to Cryptanalysis: 'This manual presents the basic principles and techniques of cryptanalysts and their relation to cryptography. Cryptanalytics is the art and science of solving unknown codes and ciphers.'"

15 of 249 comments (clear)

  1. Page 2 reads... by merlin_jim · · Score: 4, Interesting

    Step 1. Build a quantum factoring computer

    ok that was in jest. But seriously, how much good is a field manual going to do you when its possible for handheld computers to encrypt data to such a strong degree that it's theoretically impossible to decrypt with any likelihood of success that's indistinguishable from zero in the lifetime of the universe?

    I mean even if the guys at the NSA use different theories from the rest of us, I can only imagine that the methods they use still require vast amounts of hardware...

    --
    I am disrespectful to dirt! Can you see that I am serious?!
    1. Re:Page 2 reads... by bigtangringo · · Score: 2, Interesting

      For things like this:
      http://elonka.com/kryptos/

      Elonka gave an interesting talk about cryptography at Defcon this past year. Nowadays, to me anyway, it seems as though cryptography-by-hand is more of an intellectual challenge; rather than something you would ACTUALLY attempt on something like a 4096 bit PGP encrypted o-mi-god problem.

      --
      Yes, I am a smart ass; it's better than the alternative.
    2. Re:Page 2 reads... by Inkieminstrel · · Score: 2, Interesting

      Enigma was smaller than a suitcase, was in common use 50 years before this manual was written, and it couldn't be broken using the methods in the manual.

      You can bet key military communications were well encrypted at this point, including those coming from the front lines.

    3. Re:Page 2 reads... by lost_n_confused · · Score: 4, Interesting

      This manual brings back old memories. Everybody who laughs at this FM seem to know very little about the history of the military and the NSA. I joined the Army in 1975 and was a member of ASA which was the Army Security Agency. I was a traffic analyst MOS (98C) and had add on modifiers for Korean language, Chinese Mandarin language , and T9 which was a code breaking. I went to school to break hand generated codes vs the guys who went to school for machine generated codes i.e. computer generated codes. I worked directly with NSA on a daily basis in the performance of my job. We where the arms, legs, and ears for the NSA in foreign countries. In the 70's I would say we were the bulk of the data collection for the NSA. Ask anyone if they remember the elephant cage in Thailand or a similar structure in Germany. It was a large antenna field that was in a circle that was nicknamed the elephant cage. It was amazing what the military did with them 30 years ago. Also this is an unclassified manual and no where near what the military actually taught just an introductory source of information. Most /. probably aren't aware that the military taught people how to break codes that were written in a foreign language that you didn't know. The military is very good at training no matter what people think of the intelligence level of the members of the military. Not everyone in the world has access to computers in the field and I am willing to bet there are still a lot of hand generated codes used by different militaries in the world. This manual may or may not be of historical value but there were a lot of morse code traffic through the 70's and early 80's using these type of codes. A morse code operator could send traffic around the world with very little wattage. There use to be automated "radio stations" that sent out nothing but endless streams of what appeared to be random numbers and letters for hours at a time. Ever wonder if someone sent a 3 hour stream of traffic and the only portion of any intelligence value was at 2 hours 5 mins 30 seconds for 12 seconds. I wonder how long it would take for a computer to decode the message? Better yet do the same thing except the 12 seconds of intelligence is a book code where it tells you what words in a specified book are the correct ones. How long would it take to brute force that? All an operative needs is a shortwave radio and one of these simple codes to receive information. Don't tell the Dept of Homeland Security that their computers won't help catch an operative that receives instructions by this low tech means. Just because something is low tech doesn't mean it isn't still of a value.

      --
      -- To mess up an OS X box, you need to work at it; to mess up your Windows box, you just need to work on it.--
    4. Re:Page 2 reads... by Dun+Malg · · Score: 5, Interesting
      This document is also 15 years old. Let's think about computing power available 15 years ago. Yes, there were computers more than powerful enough to do handle brute force decryption, not to mention more sophisiticated means. In terms of portability, however, there was nothing. Computing power has become so inexpensive and widespread now that more advanced forms of cryptography have (natrually) replaced the older, hand driven cyphers of old. Let's also think about the types of encryption that were being used back then. The mathematics that it takes to drive many of these algorithms was simply not practical in 1990. This document is serves more as a historical artifact now rather than a practial guide to decrypting like the government.

      I can attest that your assertion is exactly right. I was a Signal Intelligence Analyst in the US Army from '87 to '91, and most of what we saw was pretty crude. Remember, the Army doesn't generally intercept diplomatic comm's encrypted with sophisticated devices locked in embassy basements. It's probably more sophisticated now, but back then we mostly got stuff encoded by drafted soldiers and sent via morse code! I was trained in basic cryptanalysis, but most of what we saw was (Soviet) Red Army code table stuff. Morse transmissions would come in as a bunch of 3-digit numbers. The first two digits correspond to the X and Y axes of a 10x10 grid. Each square in the grid would contain 3 to 9 numbered code "snippets", and the 3rd digit of the 3-digit number refers to which. These snippets could be anything-- "weather report", "infantry", "battalion", "heading", a single number, a single letter, etc-- that might make up part of a message. Codes like this are tough to break when used properly, but of course they weren't. Some red army private would send "225 171", and the guy on the other end would say "huh? say again?" because he was holding his code table upsode down or something. They'd go back and forth five or six times before the first guy would just lose his shit and say "GIVE ME A BALLISTIC WEATHER REPORT, YOU STUPID TARD!" and then we'd know that "225 171" meant "REQUEST" and "BWX(ballistic weather report)".

      But at about the time of the fall of the Soviet Union, all that started to change. The russkies were gone, and most of the "warsaw pact interoperability" tendency for all their client states disappeared with 'em. A prime example of a military with excellent COMSEC was the Iraqi army, and they did it very simply as well. Instead of using radio, they ran wire and used field telephones for nearly EVERYTHING. When we were deployed for DESERT SHIELD we found the airwaves almost dead. The days of morse code and ciphers are pretty much gone.

      --
      If a job's not worth doing, it's not worth doing right.
  2. Utility? by Captoo · · Score: 4, Interesting

    It's an interesting book from an academic standpoint. I'm not sure how practical it is, though. It's all about cryptanalysis the old fashioned way (i.e. before computers). Still, I suppose it is good to acknowledge that the enemy may surprise us by taking a low-tech approach.

  3. Cryptanalytics 101: Pop Quiz by GillBates0 · · Score: 3, Interesting
    Q1. Decrypt following phrase using basic cryptanalysts principles:

    "B22 z1vs cb64 S c4m1o7 3 vt!!!"

    --
    An Indian-American Hindu committed to non-violent thought/speech/action alarmed by the global explosion of radical Islam
  4. Re:If your interested in this.... by hexi · · Score: 2, Interesting

    An other great book about the subject is The Codebook by Simon Singh.

    --
    Nethack is no longer the king
  5. What you do is keylog by mveloso · · Score: 2, Interesting

    What you do instead is keylog. Don't break the message, tap the recipient of the message and read it when they decrypt it.

    Depending on the situation, you could also throw lots of bogus messages (ie: undecryptable) messages into the mix, leading the users to believe the system buggy (and thus ditch it).

    That's more social engineering than crypto, but the point is to break the message. If they stop using the channel, then you hopefully have moved them to a weaker channel.

    One-dimensional thinking is good, but it'll only get you from point A.

  6. Modern Battlefield by john_anderson_ii · · Score: 5, Interesting
    I'm now a "former" Marine, but in January of '03 I found myself shipped to Kuwait, and eventually wound up in Iraq. I had it a bit lucky. I worked as an "Intel Analyst" for the 6th Engineers.

    In the COC (Combat Operations Center, center of confusion, or simply Circle of Cocksuckers), we had many little toys, ranging from Toshiba toughbooks to proxima projectors, etc. We used microwave relay to keep in touch with group and make sure our batallion commander was seeing the same operational picture that 1st FSSG was seeing.

    That was all done via an electronically encrypted network. Which is fine and dandy when you have:
    • Electricity
    • Computers
    • A network

    For forward units and combat units in the field the only thing they have that comes close is the field radio. While the encryption on these things is very advanced, the radio's are bullet, shock and explosion proof. Yes, the guy carrying your map, and perhaps a list of checkpoints might not be around forever. That is why field and forward units still have to employ non-electronic means of deciet and encryption. Even if it's as simple as one guy having the map, and the other guy having a clear piece of plastic with lines drawn on it.

    If U.S. Marines and soldiers are still using "old fasioned" techniqies such as this, one could surmise that our enemies are doing the same.

    Therefore, that old manual may have some relevance.
    --
    Be Safe! Sleep with a Marine. Semper Fi!
    1. Re:Modern Battlefield by Gregoyle · · Score: 5, Interesting

      Spot on. I agree with everything the parent said.

      I was in a unit which replicated Marxist/Viet Cong style guerrillas, and we were able to use methods like this to great effect. Since we were replicating low-tech guerrillas, most of our radios were Vietnam-era, with controls like Fisher Price's My First Radio (PRC-77 for those interested). However, we were able to confound our opponents (the regular Army) on a regular basis using very simple codes, while at the same time penetrating their networks almost as regularly.

      We had a pre-defined encryption scheme that radio operators were required to memorize. Mostly it was just simple word substitution, along with a simple way of encoding numbers. The key was that we all new each other and used knowledge common to all that the enemy had no way of knowing. We would avoid giving out locations more detailed than "300m South of that place we had lunch last week".

      The reason these methods worked was twofold. First, the information was only useful for a limited amount of time. So even if you figured out that "Beaker plus one, minus 5, Donkeypunch plus 3 plus 1 Boomhauer minus 6 plus 2" was really grid VQ 606 419, it wouldn't do you much good because we weren't there anymore. Second, the people who were actually capable of figuring this stuff out were way in the rear, and the overhead of getting the information to the grunts (or crunchies as we always called them) on the ground was so much that it basically never happened.

      --

      "He's more machine now than man, twisted and evil."

  7. Re:Distribution terms for army manuals? by Mistah+Blue · · Score: 2, Interesting

    Generally something like this manual would have a classification of FOUO (For Official Use Only). When I took the crypto correspondence course, all of the courseware was FOUO. So, about the only person(s) that could get in trouble would be those who gave it to be posted (or more accurately the last one in the DOD chain before it hit a civilian's hand). It is quite possible this was gained via a FOIA request (Freedom Of Information Act).

  8. Appendix D by MynockGuano · · Score: 2, Interesting

    For all you crossword-puzzlers and wordgames enthusiasts, Chapter 13 is a great tool to have, and an interesting study in and of itself.

  9. FOUO by Shamanin · · Score: 1, Interesting

    Just for anyone who cares, this document is marked for official use only (FOUO) which means it contains sensitive material that should not be passed around (especially on /.). Though this is one of the lowest forms of classifications, it is still a classified document.

    --
    come on fhqwhgads
  10. This is still useful today by pilot-programmer · · Score: 2, Interesting

    The table of contents doesn't mention linear or differential cryptanalysis of a substitutation permutation network, and even if it did nobody is going to decrypt DES or AES on paper.

    But in a place like Iraq, where power is unreliable and an endless supply of batteries for handhelds is not available, the enemy will have to rely on non-electronic cipher equipment.

    Of course the problem in Iraq is that they don't use the English alphabet or language. The frequency analysis we depend on for the shift cipher or Vigenere cipher doesn't work for Arabic.

    And even if they did, I really don't want to try and crack a Vigenere cipher without a computer!