Förderverein Informationstechnik und Gesellschaft

FC: Should Saddam have been using PGP? Iraqi crypto broken...

------- Forwarded message follows ------- Date sent: Wed, 9 Apr 2003 01:17:57 -0400 From: Declan McCullagh <> To: Subject: FC: Should Saddam have been using PGP? Iraqi crypto broken... Send reply to:

----- Forwarded message from Tim May -----

From: Tim May Subject: Crypto in Baghdad--Jaguar and Saddam's Bunker To: cypherpunks Date: Tue, 8 Apr 2003 20:02:01 -0700 X-Mailer: Apple Mail (2.551)

I heard an intriguing story about 24 hours ago while channel surfing between CNN, MSNBC, and Fox. I came in late on a story where a woman reporter or anchor was explaining in detail how the U.S. and British had broken Saddam's supposedly secure communications system. I hear her mention "Jaguar."

This was in connection with the 4 2000-lb bombs dropped where he was believed to be staying.

Then the main anchor said something about this maybe being sensitive information.

I listened for a repeat of this story--usually the same reports are recycled ad nauseum, picked up by other networks, etc. I figured a reliable report that the "Coalition" (I hate that word, but I'm tired of saying "U.S. and Brits") had broken all of Saddam's communications would be interesting.

Nothing. At least nothing on the 3 satellite channels I monitor.

However, it looks like the story got picked up some in the press. And, sure enough, the Fox report is credited. Considering how Geraldo was chased out of Iraq for drawing a sketch in the sand, I wonder what will happen to the reporter who broke this story?

Needless to say, it reaffirms what we have long known about the dangers of buying crypto gear from First World countries, who only sell gear they know how to break.

Saddam should have been using PGP.

Here's an excerpt from the online story:

"But Fox News Channel reported that coalition forces were guided to the site after breaking into Saddam's coded communication system, known as a Jaguar security encryption system.

"He reportedly bought the system 20 years ago from the British, when it was guaranteed secure. But the Brits had since figured out how to infiltrate the system they designed - and passed on the information to the United States, Fox reported. "


Other reports are saying it was a Racal Jaguar V, a system sold to Iraq almost 20 years ago. Some excerpts:


--begin excerpt-- "On Monday, however, some outdated British technology was involved. Saddam's hunters zeroed in on an old communications system made by the British company Racal, which the Iraqi leadership bought during the Iran-Iraq war for sending encrypted communications among themselves.

At the time, the Racal Jaguar V was a sophisticated secure combat radio system, equipped with two main security mechanisms: encryption to scramble message content and frequency-hopping at the rate of up to 200 times a second to make eavesdropping difficult and defeat enemy electronic jamming measures.

According to the New York Post yesterday, the British cracked the encryption code for the radios some time ago and passed the information to the Americans.

Steven Aftergood, a senior intelligence technology researcher at the Federation of American Scientists, said: "If it was really a 20-year-old system, then one has to assume that the encryption is obsolete, that it has been penetrated."

Other military analysts said it was just as likely that the British government would only have granted Racal export licences for the radios if it had already been satisfied it could break the encryption.

Ruper Pengelly, the technical editor of Jane's, said: "All of these exports had to be approved by the government, particularly encryption. It was generally understood that only encryption up to a certain level would be licensed for export, so if they allowed it out of the country it was a safe bet that it was crackable, although that is something they could never say publicly."

The first consignment of Jaguar radios to Iraq was in 1985, says Kenneth Timmerman, a journalist specialising in the Middle East and arms sale networks. Four years later, the British government licensed the sale of 13 Jaguar radios at a cost of $360,000 (#225,000). In the same year, according to Timmerman, Saddam bought 2,000 Jaguar kits worth $48m, and $4m of encryption technology. --end excerpt--

--Tim May (.sig for Everything list background) Corralitos, CA. Born in 1951. Retired from Intel in 1986. Current main interest: category and topos theory, math, quantum reality, cosmology. Background: physics, Intel, crypto, Cypherpunks

----- End forwarded message -----

---------------------------------------------------------------------- --- POLITECH -- Declan McCullagh's politics and technology mailing list You may redistribute this message freely if you include this notice. ---------------------------------------------------------------------- --- To subscribe to Politech: This message is archived at Declan McCullagh's photographs are at Like Politech? Make a donation here: ---------------------------------------------------------------------- ---

------- End of forwarded message -------