Slashdot Mirror

← Back to Stories (view on slashdot.org)

NSA's History of Communications Security — For Your Eyes, Too

Posted by timothy on from the as-long-as-it-passes-through-ft-meade dept.

Phil Sp. writes "Government Attic, those fine investigative pack rats, have outdone themselves this time. Just posted: a declassified NSA document entitled A History of Communications Security, Volumes I and II: The David G. Boak Lectures [PDF] from 1973 and 1981. This is an absolutely fascinating look into how the NSA viewed (views?) communications security and touches on all sorts of topics, including public key crypto, economics, DES, tamper-resistance, etc. It was seemingly from a collection of lectures to new employees. The first 85 pages are heavily redacted but the remaining 80 or so are largely intact. It even concludes with a cryptogram puzzle for the reader!"

20 of 52 comments (clear)

  1. What I heard a while back by Anonymous Coward · · Score: 4, Funny

    The NSA uses ---------- to monitor ------------- by ----------- and ------------ through a network of ------------. It was really pretty interesting.

  2. The solution: by Tubal-Cain · · Score: 4, Funny

    It even concludes with a cryptogram puzzle for the reader

    The answer?
    FRANK SHOEMAKER WOULD CALL THIS NOISE.

    1. Re:The solution: by Darth_brooks · · Score: 4, Funny

      Wrong answer, Hans. Care to try for double jeopardy?

      It reads: ALWAYS DRINK YOUR OVALTINE

      Duh.

      --
      There are some people that if they don't know, you can't tell 'em.
  3. Their "FLOP" section was blanked out. :( by gurps_npc · · Score: 5, Insightful

    I was so hoping that they turned honest and revealed some errors. Never trust someone that refuses to admit they were wrong. If you can't recognize when you are wrong, you don't know when you are right.

    --
    excitingthingstodo.blogspot.com
  4. Re:Their "FLOP" section was blanked out. :( by Anonymous Coward · · Score: 2, Interesting

    The fact that the section exists kinda already shows they recognize their mistake(s). The fact that its blanked out only means they don't want certain people to know the specifics.

  5. Redacted, huh? by CyberLord+Seven · · Score: 2, Insightful

    Hmmmm. I will have to see if they screwed the pooch and made a mistake that has been so common lately with .PDF redactions.

    --
    We have always been at war with Eurasia!
    1. Re:Redacted, huh? by Anonymous Coward · · Score: 2, Informative

      No way! This is the NSA. Looks like they took scissors to it before photocopying.

      There is one little bit on page 12 where it looks like the bottom row of "pixels" of maybe one word can be seen. I wonder if David Naccache and Claire Whelan could figure out the word.

    2. Re:Redacted, huh? by Kadin2048 · · Score: 2, Informative

      They did not screw up this time around, at least as far as I can tell.

      It looks like the page was scanned, and then areas were redacted by pasting white over them. They look too neat to have been done with scissors and paper, but that's the general look of them: white polygons pasted over various areas on the page. The edges aren't quite square so it's like someone clicked with a mouse to define the vertices, rather than selecting lines. (I.e., they were doing it after rasterization and not before, most likely.)

      Then at some point after this, the document was OCRed. Hence, no redacted material in the text layer of the PDF.

      You can make out, at least in a few cases, the gist of what was blanked out from context. One of the first big redactions obviously describes the sigint capabilities of the Soviets at the time. Interesting to imagine why they're still concerned about that; someone must think that by knowing what we knew about them at a particular time, you could infer something that would be advantageous...

      --
      "Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
  6. Dan Brown by Arancaytar · · Score: 3, Funny

    It even concludes with a cryptogram puzzle for the reader!"

    Are you sure you didn't pick up Digital Fortress by mistake? :P

  7. Why was it classified by Techmeology · · Score: 4, Interesting

    Why was it classified? Given that all good security must be based on rigorous unbreakability, not secrecy, the analytical powers of many eyes would have been useful. Also, I'm opposed to governmental secrecy.

    --
    Excuse for why is your room always messy?
    1. Re:Why was it classified by FishWithAHammer · · Score: 3, Interesting

      Security through obscurity isn't security, but security plus obscurity is better security so long as the obscurity holds.

      --
      "You can either have software quality or you can have pointer arithmetic, but you cannot have both at the same time."
    2. Re:Why was it classified by QuantumRiff · · Score: 4, Insightful

      You are correct, however, sometimes you don't want to know about bad algorithms.. or more accurately, you don't want your enemies to know that you've cracked their codes.

      Sometimes, things are just politically sensitive.. ie, We cracked the code, realized that country X placed a spy into country Y, we notified country Y, and the spy for country X had a tragic accident...

      --

      What are we going to do tonight Brain?
    3. Re:Why was it classified by DerekLyons · · Score: 4, Insightful

      Given that all good security must be based on rigorous unbreakability, not secrecy

      That's commonly held belief of security amateurs. In reality, obscurity is a valuable tool in the arsenal of the security professional - because an attacker cannot be prepared to address a measure that he does know the existence of beforehand. For example - a visible set of VCR's in a place equipped with visible cameras... but they are dummies with the real ones (or a backup set) behind a nondescript door.
       
       

      the analytical powers of many eyes would have been useful

      The analytical power of many experienced and knowledgeable eyes - sure. But those eyes have clearances and access to the document. Just because the general public doesn't see it, doesn't mean that a lot of qualified people haven't.

    4. Re:Why was it classified by darkmeridian · · Score: 3, Interesting

      In the real world, knowing what people know is very important. Releasing what you know and what you know others to know would be a disastrous turn for a national security agency (NSA). Whether the bad guys fell for your double agent's lies, for instance, is a crucial fact. If the NSA has compromised a whole bunch of communications systems, we don't want the people using the systems to know that they're compromised!

      --
      A NYC lawyer blogs. http://www.chuangblog.com/
  8. Re:Noone Read TFA by SpaceLifeForm · · Score: 2, Insightful

    Yes.

    --
    You are being MICROattacked, from various angles, in a SOFT manner.
  9. Irony by this+great+guy · · Score: 2, Informative

    The PDF file seems interesting at first but many pages are [CENSORED] and even [CENSORED] which leads me to doubt of the usefulness of [CENSORED] notwhistanding [CENSORED]. Does anyone [CENSORED]. Or [CENSORED] ?

  10. So this is way below their lower limit by Vadim+Makarov · · Score: 2, Insightful

    Interesting reading. Probably beyond average slashdotter's patience, hence so few comments to the story. I've found the history of TEMPEST being the most fascinating... discovered, forgotten, rediscovered, never fully eliminated but considered adequately handled given the threat level assessment. It left me wondering what the status of TEMPEST is with current electronic computing devices?

    According to the book itself (see p. 128 bottom), this disclosure should not even come close to define the lower bound of NSA's today's capabilities. Umm, impressive then.

    --
    17779 eligible voters in a district, 17779 'vote' as one. This is Russia.
  11. PARKHILL by nsaspook · · Score: 2, Informative

    The info about PARKHILL is very interesting. That system was installed as a replacement for KG-13 and used for a very short time at our station. We had it for about a year before it was removed and replaced by something else. As noted on page 153 that system was not totally secure. The BLACK audio sounded like Donald Duck talking backward on acid. I suspect that someone found a way to break the code in near realtime. This was about 1982. No idea if it was fixed and rereleased for use.

    --
    In GOD we trust, all others we monitor.
  12. Breaking the rules. Sea story by nsaspook · · Score: 2, Interesting

    AP/UPI/TAS transmitted the news via HF rtty links long ago. To receive up to date news for the crew the Radiomen on the ship would connect a TTY normally used for classifed traffic to a RTTY demodulator. The problem was that per "RED/BLACK" (page 90 on the NSA doc), the TTY was RED and the RTTY demod was BLACK. It was totally forbidden to interconnect the systems and patch panels had to be so many feet apart and in separate rooms. Only a NSA approved crypto device could be used in the middle.

        So every shop would make a 20foot long patch cable for the connection. Our approved patch cords were only about 2 feet. Every NSA audit they had to hid this cable or be hit for a major violation. Everbody knew it was happening but looked the other way because the CO of the ship wanted his news.

    http://www.virhistory.com/navy/rtty-demod.htm

    --
    In GOD we trust, all others we monitor.
  13. I found some of the redacted text by Tracy+Reed · · Score: 3, Interesting

    So here I am reading the document linked in this story when I get to page 85 about tempest. I encounter the phrases "He sauntered past a kind of carport jutting out..." and "a carefully concealed dipole antenna, horizontally polarized." And I thought...I've heard these exact words somewhere else before. Where would I have encountered this exact wording from a document which has been declassified just in the past few days? I dumped the phrase into google and sure enough:

    http://www.nsa.gov/public/pdf/tempest.pdf

    Here it is in this document about tempest which was declassified 9-27-2007. It contains a lot more about the story in Japan and tempest etc.

    And I notice that this document contains what is certainly the redacted paragraph in the other document between the paragraph about the discovery of the antenna and the one that begins "Why, way back in 1954, when the Soviets published a rather comprehensive set of standards..."

    This paragraph is about how 40 microphones were found in the US embassy in Moscow and talks about a "large metal grid buried in the cement of the ceiling over the Department of State communications area" and that it had a wire leading off somewhere. Apparently such things were being found as far back as 1953 and the US did not know what their purpose was.

    The next paragraph puts the above into context when it says that in 1954 "the Soviets published a rather comprehensive set of standards for the suppression of radio frequency interference". So the previous paragraph reveals some details about what kinds of devices were found but the second paragraph goes on to imply that the Soviets may have been listening in on our unencrypted electronic communications for at least 10 years before the US figured out that it was possible to do so and took action.

    It's funny how something which would seem so obvious to us now in hindsight baffled the NSA for at least 10 years. It is also funny that it is possible to reconstruct redacted materials from declassified documents using Google due to the use of cut and paste from a document written back in 1973.