Friday, September 22, 2006

Israeli army's radio security flaws

Had the Israeli army used one of my encryption methods (see previous posts), Hezbollah's resistance might not have been so effective.

Mohamad Bazzi, a reporter for Newsday, disclosed in a Sept. 18 report that Hezbollah intelligence had broken into Israeli army security -- with important military consequences.
Israeli military radio, which uses frequency hopping and supposed strong encryption, was targeted by Hezbollah analysts who may have been using Iranian equipment. It was speculated that some of the radio security breaches occurred because of encoding mistakes by radio operators. Experts can sometimes use such errors to break into an encryption system.
(Search: Hezbollah cracked)

However, even with human error, a onetime keyworm system is highly resistant to timely cryptanalysis. So this suggests the possibility that the Israeli military was using a commercial-grade system, perhaps believing that it had high-grade security. But, I suspect that numerous commercial systems have back-doors required by the various national security agencies. Crypto-communists in the dark hearts of western governments would never permit use of uncrackable encryption systems.

On the other hand, Bazzi's story notes that Hezbollah made effective use of traffic analysis. Hence, Hezbollah likely used volume analysis and direction-finding triangulation to pinpoint command posts and areas of military concentration. In addition, analysts might have identified a few stock phrases appearing in transmissions and used these to identify units.

Overconfidence played a significant role in Israel's failure to score a knockout blow, a general told Bazzi. A raid on a Hezbollah signals intelligence unit came up with the cell phone numbers of Israeli commanders, leading one to wonder whether the commanders were violating signal security through use of cell phones. They are handy and fast, after all.


At 12:38 PM , Blogger Paulie said...

Bruce Schneir is skeptical of the Newsday report, suggesting that a disinformation effort is at work.
I am less skeptical because overconfidence has often proved costly in information security. The fact is that the Israelis encountered effective resistance that seems to indicate foreknowledge of some military activities.
Also, one needn't have a complete break-in of an encryption system in order to cull encrypted communications for valuable and timely clues.


Post a Comment

Subscribe to Post Comments [Atom]

Links to this post:

Create a Link

<< Home