FC: Should Saddam have been using PGP? Iraqi crypto broken...

[Declan McCullagh <declan () well com>]

----- Forwarded message from Tim May -----

From: Tim May
Subject: Crypto in Baghdad--Jaguar and Saddam's Bunker
To: cypherpunks
Date: Tue, 8 Apr 2003 20:02:01 -0700
X-Mailer: Apple Mail (2.551)

I heard an intriguing story about 24 hours ago while channel surfing 
between CNN, MSNBC, and Fox. I came in late on a story where a woman 
reporter or anchor was explaining in detail how the U.S. and British 
had broken Saddam's supposedly secure communications system. I hear her 
mention "Jaguar."

This was in connection with the 4 2000-lb bombs dropped where he was 
believed to be staying.

Then the main anchor said something about this maybe being sensitive 
information.

I listened for a repeat of this story--usually the same reports are 
recycled ad nauseum, picked up by other networks, etc. I figured a 
reliable report that the "Coalition" (I hate that word, but I'm tired 
of saying "U.S. and Brits") had broken all of Saddam's communications 
would be interesting.

Nothing. At least nothing on the 3 satellite channels I monitor.

However, it looks like the story got picked up some in the press. And, 
sure enough, the Fox report is credited. Considering how Geraldo was 
chased out of Iraq for drawing a sketch in the sand, I wonder what will 
happen to the reporter who broke this story?

Needless to say, it reaffirms what we have long known about the dangers 
of buying crypto gear from First World countries, who only sell gear 
they know how to break.

Saddam should have been using PGP.

Here's an excerpt from the online story:

"But Fox News Channel reported that coalition forces were guided to the 
site after breaking into Saddam's coded communication system, known as 
a Jaguar security encryption system.

"He reportedly bought the system 20 years ago from the British, when it 
was guaranteed secure. But the Brits had since figured out how to 
infiltrate the system they designed - and passed on the information to 
the United States, Fox reported. "

<http://www.nypost.com/news/worldnews/72979.htm>

Other reports are saying it was a Racal Jaguar V, a system sold to Iraq 
almost 20 years ago. Some excerpts:

<http://www.guardian.co.uk/Iraq/Story/0,2763,932739,00.html>

--begin excerpt--
"On Monday, however, some outdated British technology was involved. 
Saddam's hunters zeroed in on an old communications system made by the 
British company Racal, which the Iraqi leadership bought during the 
Iran-Iraq war for sending encrypted communications among themselves.

At the time, the Racal Jaguar V was a sophisticated secure combat radio 
system, equipped with two main security mechanisms: encryption to 
scramble message content and frequency-hopping at the rate of up to 200 
times a second to make eavesdropping difficult and defeat enemy 
electronic jamming measures.

According to the New York Post yesterday, the British cracked the 
encryption code for the radios some time ago and passed the information 
to the Americans.

Steven Aftergood, a senior intelligence technology researcher at the 
Federation of American Scientists, said: "If it was really a 
20-year-old system, then one has to assume that the encryption is 
obsolete, that it has been penetrated."

Other military analysts said it was just as likely that the British 
government would only have granted Racal export licences for the radios 
if it had already been satisfied it could break the encryption.

Ruper Pengelly, the technical editor of Jane's, said: "All of these 
exports had to be approved by the government, particularly encryption. 
It was generally understood that only encryption up to a certain level 
would be licensed for export, so if they allowed it out of the country 
it was a safe bet that it was crackable, although that is something 
they could never say publicly."

The first consignment of Jaguar radios to Iraq was in 1985, says 
Kenneth Timmerman, a journalist specialising in the Middle East and 
arms sale networks. Four years later, the British government licensed 
the sale of 13 Jaguar radios at a cost of $360,000 (#225,000). In the 
same year, according to Timmerman, Saddam bought 2,000 Jaguar kits 
worth $48m, and $4m of encryption technology.
--end excerpt--


--Tim May
(.sig for Everything list background)
Corralitos, CA. Born in 1951. Retired from Intel in 1986.
Current main interest: category and topos theory, math, quantum 
reality, cosmology.
Background: physics, Intel, crypto, Cypherpunks

----- End forwarded message -----



-------------------------------------------------------------------------
POLITECH -- Declan McCullagh's politics and technology mailing list
You may redistribute this message freely if you include this notice.
-------------------------------------------------------------------------
To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
This message is archived at http://www.politechbot.com/
Declan McCullagh's photographs are at http://www.mccullagh.org/
Like Politech? Make a donation here: http://www.politechbot.com/donate/
-------------------------------------------------------------------------