U.S. Army Guide to Code Breaking

sebFlyte writes "From the introduction of this document, the U.S. Army's field manual guide to Cryptanalysis: 'This manual presents the basic principles and techniques of cryptanalysts and their relation to cryptography. Cryptanalytics is the art and science of solving unknown codes and ciphers.'"

call stephenson

[rootofevil]

they found the cryptonomicon

Yes, however...

[grub]

...you know what they say about "military intelligence".

Private : Sir! I found this, it may be a clue. Should I consult the field manual to cryptopgraphy?
Sergeant : "Gur jrncbaf bs znff qrfgehpgvba ner va Fnqqnz'f Onfrzrag"? [crumpling paper] These are obviously the scribblings of a madman, Private. Get back to your patrol!

Re:Yes, however...

[GrAfFiT]

For those who are too lazy, this is ROT13 for "The weapons of mass destruction are in Saddam's Basement"

Re:Yes, however...

[Spy+der+Mann]

Private : Sir! I found this, it may be a clue. Should I consult the field manual to cryptopgraphy?

Sargeant: "histay siay aay ecretay essagemay"? Yes, private. Consult the manual. Obviously this is beyond our capabilities.

Light reading

[Deekin_Scalesinger]

A sneak peek at chapter 7:

Solution of polygraphic substitution systems polyalphabetic substitution systems

and that's just the title. Pack a lunch for this one...

Re:Light reading

[ackthpt]

A sneak peek at chapter 7: Solution of polygraphic substitution systems polyalphabetic substitution systems and that's just the title. Pack a lunch for this one...

A good read along with this would probably be Between Silk And Cyanide: A Codemakers War, which gets into, among other things, creation of more secure codes during WW II. An excellent read (I currenly have The White Rabbit on order (story of Yeo-Thomas' activities in France, capture, interrogation and imprisonment))

Page 2 reads...

[merlin_jim]

Step 1. Build a quantum factoring computer

ok that was in jest. But seriously, how much good is a field manual going to do you when its possible for handheld computers to encrypt data to such a strong degree that it's theoretically impossible to decrypt with any likelihood of success that's indistinguishable from zero in the lifetime of the universe?

I mean even if the guys at the NSA use different theories from the rest of us, I can only imagine that the methods they use still require vast amounts of hardware...

Re:Page 2 reads...

[nickfrommaryland]

This document is also 15 years old. Let's think about computing power available 15 years ago. Yes, there were computers more than powerful enough to do handle brute force decryption, not to mention more sophisiticated means. In terms of portability, however, there was nothing. Computing power has become so inexpensive and widespread now that more advanced forms of cryptography have (natrually) replaced the older, hand driven cyphers of old. Let's also think about the types of encryption that were being used back then. The mathematics that it takes to drive many of these algorithms was simply not practical in 1990. This document is serves more as a historical artifact now rather than a practial guide to decrypting like the government.

Re:Page 2 reads...

[m50d]

Because few people bother to use them properly. The Confederacy had access to ciphers (Vigere) which were practically unbreakable at the time, but they didn't use them, and so it was well worth the North having codebreakers as they got some pretty useful intel from them. Similarly, although J. Terrorist could use PGP and be safe, he could just as easily be using Vigere or something weaker, so codebreaking certainly has its place.

Re:Page 2 reads...

[lost_n_confused]

This manual brings back old memories. Everybody who laughs at this FM seem to know very little about the history of the military and the NSA. I joined the Army in 1975 and was a member of ASA which was the Army Security Agency. I was a traffic analyst MOS (98C) and had add on modifiers for Korean language, Chinese Mandarin language , and T9 which was a code breaking. I went to school to break hand generated codes vs the guys who went to school for machine generated codes i.e. computer generated codes. I worked directly with NSA on a daily basis in the performance of my job. We where the arms, legs, and ears for the NSA in foreign countries. In the 70's I would say we were the bulk of the data collection for the NSA. Ask anyone if they remember the elephant cage in Thailand or a similar structure in Germany. It was a large antenna field that was in a circle that was nicknamed the elephant cage. It was amazing what the military did with them 30 years ago. Also this is an unclassified manual and no where near what the military actually taught just an introductory source of information. Most /. probably aren't aware that the military taught people how to break codes that were written in a foreign language that you didn't know. The military is very good at training no matter what people think of the intelligence level of the members of the military. Not everyone in the world has access to computers in the field and I am willing to bet there are still a lot of hand generated codes used by different militaries in the world. This manual may or may not be of historical value but there were a lot of morse code traffic through the 70's and early 80's using these type of codes. A morse code operator could send traffic around the world with very little wattage. There use to be automated "radio stations" that sent out nothing but endless streams of what appeared to be random numbers and letters for hours at a time. Ever wonder if someone sent a 3 hour stream of traffic and the only portion of any intelligence value was at 2 hours 5 mins 30 seconds for 12 seconds. I wonder how long it would take for a computer to decode the message? Better yet do the same thing except the 12 seconds of intelligence is a book code where it tells you what words in a specified book are the correct ones. How long would it take to brute force that? All an operative needs is a shortwave radio and one of these simple codes to receive information. Don't tell the Dept of Homeland Security that their computers won't help catch an operative that receives instructions by this low tech means. Just because something is low tech doesn't mean it isn't still of a value.

Re:Page 2 reads...

[Dun+Malg]

This document is also 15 years old. Let's think about computing power available 15 years ago. Yes, there were computers more than powerful enough to do handle brute force decryption, not to mention more sophisiticated means. In terms of portability, however, there was nothing. Computing power has become so inexpensive and widespread now that more advanced forms of cryptography have (natrually) replaced the older, hand driven cyphers of old. Let's also think about the types of encryption that were being used back then. The mathematics that it takes to drive many of these algorithms was simply not practical in 1990. This document is serves more as a historical artifact now rather than a practial guide to decrypting like the government.

I can attest that your assertion is exactly right. I was a Signal Intelligence Analyst in the US Army from '87 to '91, and most of what we saw was pretty crude. Remember, the Army doesn't generally intercept diplomatic comm's encrypted with sophisticated devices locked in embassy basements. It's probably more sophisticated now, but back then we mostly got stuff encoded by drafted soldiers and sent via morse code! I was trained in basic cryptanalysis, but most of what we saw was (Soviet) Red Army code table stuff. Morse transmissions would come in as a bunch of 3-digit numbers. The first two digits correspond to the X and Y axes of a 10x10 grid. Each square in the grid would contain 3 to 9 numbered code "snippets", and the 3rd digit of the 3-digit number refers to which. These snippets could be anything-- "weather report", "infantry", "battalion", "heading", a single number, a single letter, etc-- that might make up part of a message. Codes like this are tough to break when used properly, but of course they weren't. Some red army private would send "225 171", and the guy on the other end would say "huh? say again?" because he was holding his code table upsode down or something. They'd go back and forth five or six times before the first guy would just lose his shit and say "GIVE ME A BALLISTIC WEATHER REPORT, YOU STUPID TARD!" and then we'd know that "225 171" meant "REQUEST" and "BWX(ballistic weather report)".

But at about the time of the fall of the Soviet Union, all that started to change. The russkies were gone, and most of the "warsaw pact interoperability" tendency for all their client states disappeared with 'em. A prime example of a military with excellent COMSEC was the Iraqi army, and they did it very simply as well. Instead of using radio, they ran wire and used field telephones for nearly EVERYTHING. When we were deployed for DESERT SHIELD we found the airwaves almost dead. The days of morse code and ciphers are pretty much gone.

US Army Guide to Everything.

[k4_pacific]

If it moves, shoot it.

If it doesn't move, pick it up.

If you can't pick it up, paint it.

If your interested in this....

[0racle]

You should take a look at tracking down The Codebreakers which is a fasinating read.

Utility?

[Captoo]

It's an interesting book from an academic standpoint. I'm not sure how practical it is, though. It's all about cryptanalysis the old fashioned way (i.e. before computers). Still, I suppose it is good to acknowledge that the enemy may surprise us by taking a low-tech approach.

Re:Utility?

[CodeMonkey4Hire]

You're right. This isn't new. From the top of TFA:

FIELD MANUAL
NO 34-40-2 HEADQUARTERS
DEPARTMENT OF THE ARMY
Washington, DC, 13 September 1990

The original for this came from <a href=http://www.atsc-army.org/cgi-win/$atdl.exe/fm /34-40-2/default.htm>here</a> on Tue Dec 17 01:21:11 EST 1996.

This thing is 14 years old and has been public for over 8 years (at least) and somebody thinks that it is worth putting on slashdot. Thanks.
(P.S. - note that the link they used for "here" doesn't even work. /.ed maybe?)

Thinks a soldier needs to know about encryption

[wowbagger]

Things a soldier needs to know about encryption and code breaking:

1. How to use his encryption equipment in a secure fashion (e.g. not using old codes or keys)
2. How to keep his encryption equipment from falling into enemy hands.
3. How to recognise enemy encryption equipment, ranging from simple notepads with Civil-War style encryption cyphers to flash disks with encryption codes.
4. How not to screw up any enemy encryption gear before the real cryptographers show up.
5. How to recognize encrypted messages on the battlefield (e.g. code talkers on the radio, code scrawled on a building)

Above and beyond that is gravy - if some soldier who's MOS is not codebreaking wants to try when he isn't doing his MOS, great.

Modern Battlefield

[john_anderson_ii]

I'm now a "former" Marine, but in January of '03 I found myself shipped to Kuwait, and eventually wound up in Iraq. I had it a bit lucky. I worked as an "Intel Analyst" for the 6th Engineers.

In the COC (Combat Operations Center, center of confusion, or simply Circle of Cocksuckers), we had many little toys, ranging from Toshiba toughbooks to proxima projectors, etc. We used microwave relay to keep in touch with group and make sure our batallion commander was seeing the same operational picture that 1st FSSG was seeing.

That was all done via an electronically encrypted network. Which is fine and dandy when you have:

• Electricity
• Computers
• A network

For forward units and combat units in the field the only thing they have that comes close is the field radio. While the encryption on these things is very advanced, the radio's are bullet, shock and explosion proof. Yes, the guy carrying your map, and perhaps a list of checkpoints might not be around forever. That is why field and forward units still have to employ non-electronic means of deciet and encryption. Even if it's as simple as one guy having the map, and the other guy having a clear piece of plastic with lines drawn on it.

If U.S. Marines and soldiers are still using "old fasioned" techniqies such as this, one could surmise that our enemies are doing the same.

Therefore, that old manual may have some relevance.

Re:Modern Battlefield

[Gregoyle]

Spot on. I agree with everything the parent said.

I was in a unit which replicated Marxist/Viet Cong style guerrillas, and we were able to use methods like this to great effect. Since we were replicating low-tech guerrillas, most of our radios were Vietnam-era, with controls like Fisher Price's My First Radio (PRC-77 for those interested). However, we were able to confound our opponents (the regular Army) on a regular basis using very simple codes, while at the same time penetrating their networks almost as regularly.

We had a pre-defined encryption scheme that radio operators were required to memorize. Mostly it was just simple word substitution, along with a simple way of encoding numbers. The key was that we all new each other and used knowledge common to all that the enemy had no way of knowing. We would avoid giving out locations more detailed than "300m South of that place we had lunch last week".

The reason these methods worked was twofold. First, the information was only useful for a limited amount of time. So even if you figured out that "Beaker plus one, minus 5, Donkeypunch plus 3 plus 1 Boomhauer minus 6 plus 2" was really grid VQ 606 419, it wouldn't do you much good because we weren't there anymore. Second, the people who were actually capable of figuring this stuff out were way in the rear, and the overhead of getting the information to the grunts (or crunchies as we always called them) on the ground was so much that it basically never happened.

Re:Cryptanalytics 101: Pop Quiz

[abb3w]

"B22 z1vs cb64 S c4m1o7 3 vt!!!"

Case sensitive +1 shift on 1337 translation of Engrish text, punctuation/spacing excluded.

0) Cypertext: "B22 z1vs cb64 S c4m107 3 vt!!!"
1) Intermediate 1337: "A11 y0ur ba53 R b3l0ng 2 us!!!" --NB, "A11" not "All" as previous translators have given.
2) Engrish Plaintext: "All your base are belong to us!!!"

55 47 55 2e 20 55 4e 41 51 2e

Re:Distribution Restriction

[The+Wookie]

You can find the letter authorizing public release/unlimited distribution of this manual here.

This is the is the manual for 98C's...

[Autonin]

This is the manual I used when I trained as a 98C (Signals Intelligence Analyst = SigInt) some 10 years ago. This is *still used* now.

FOUO classification means it shouldn't have been published at all. Just because it's common knowledge does NOT declassify a document. The document can only be declassified by the originating authority (the people who wrote it, and classified it to begin with). You'll see "DECL:OADR" on these docs a lot - "Declassify on Originating Authority Directive".

This FM is meant to teach the basics of cryptology to ASVAB-passing recruits. We run through the whole thing. Some very smart people go into Intel. Some pretty dumb ones do too :).

Everyone is expected to pass the final after this is taught, which consists of 4 days worth of simulated "traffic" being passed between target stations. We've reference books for traffic pattern types, run locational analysis, crack subsitution ciphers - it's romping good fun.

The encryption methods taught are still used in the field, though less and less thanks to the Internet, crypto-secured frequency-hopping radios, and whatnot, mostly for Meteo and Logistics.

Brings back some nostalgia, reading though this. I hope they don't get into too much trouble for posting it.