Uncrackable email



Uncrackable part 1


Copyright 1998 Lee Adams.  All rights reserved.  Quoting, copying, and 
distributing is encouraged.  (Please credit us as the source.)  Links to our 
home page are welcome.  Names of characters, corporations, institutions, 
organizations, businesses, products, and services used as examples are 
fictitious, except as otherwise noted herein.  No resemblance to actual 
individuals or entities is otherwise intended or implied.


Assumption - You are a typical American.
Question - Is the FBI reading your encrypted email?
Answer - Probably not.
Now the same question, but this time a different assumption.
You are an American under surveillance by the FBI.
Question - Are they reading your encrypted email?
Answer - Yes. Absolutely. 

Dissidents pose no danger to the country. It is the conformist who poses the 
greatest danger to our freedoms.


How surveillance is triggered...

If you are involved in anything like advocacy, dissent, or protest, then you are 
inviting surveillance. Anything that challenges the status quo - no matter how 
mild - is viewed with suspicion by the authorities. Sometimes the simple act of 
expressing an honest opinion or writing a letter to the editor is all it takes 
for a security service like the FBI or BATF to start nosing around. Independent 
thought is becoming a rare - and dangerous - attribute in America. Bureaucrats 
don't understand that dissent poses no danger to the country. On the contrary, 
it is the conformist who poses the greatest danger to freedom.

There are thousands of regulations, prohibitions, rules, restrictions, laws, 
bylaws, codes, and statutes designed to regulate your behavior. It's common 
knowledge that any cop worth the badge can find something to arrest you for. 
More than ever, ordinary Americans are finding it necessary to shield their 
activities from a government whose red tape can prevent you from earning a 
living, developing your land, etc. etc. etc.

The Thought-Police. Once you're under surveillance, the simple act of encrypting 
your email is all it takes for the FBI to label you dangerous, perhaps a threat 
to national security.

Like many repressive regimes worldwide, the US government doesn't understand 
that people who want privacy aren't necessarily hiding anything. You put letters 
inside envelopes, don't you? Well then, doesn't it make sense to encrypt your 
email? Otherwise it's like sending a postcard. Anybody can read it along the 
way.

PGP is under attack. PGP is considered the best encryption software available 
for use with email. But despite its robustness, PGP is regularly beaten by the 
FBI. Surveillance teams routinely read PGP-encrypted email.

That's because most people aren't using PGP correctly. If you are one of them, 
you are vulnerable. The FBI possesses the means to mount a sophisticated covert 
campaign against you. They can choose from an arsenal of proven methods for 
cracking your PGP-encrypted email. Those methods are described in this document.

Assessing the threat. When the FBI succeeds at decrypting your messages, it is 
unlikely you will realize that you have been compromised. But having your email 
decrypted and read is not the prime threat. You face an even greater danger from 
an FBI surveillance team - especially if you are a member of a group that is 
targeted by the FBI.

The FBI has decades of experience. They have learned to wring every possible 
advantage from each situation. They play by Big Boys' Rules. The FBI's goal is 
not only to get you, their goal is to wreck your entire group.

How do they manage to do this? By deception. Once they've cracked your PGP 
email, they will begin to create forged messages. They will impersonate you. The 
FBI team will send bogus email messages that seem to come from you. They will 
systematically work to create confusion, suspicion, and paranoia throughout your 
group.

This is the real nature of the threat. If the FBI cracks your communication they 
won't stop at getting you. They want the whole group - or organization, team, 
cell, family, squad, or whatever it's called.

How they do it. In this tutorial you're going to learn about the different 
methods that the FBI uses to crack your PGP system. Some of these attacks may 
come as a surprise to you. Many of these attacks are also used by other agencies 
like the BATF, DEA, CIA, and even local police.

What you can do about it. This tutorial will show you different ways you can use 
PGP. These protocols reduce - and occasionally eliminate - the ability of the 
goons to crack your messages. And as a bonus, you're going to learn how you can 
use your email to conduct aggressive antisurveillance against the FBI - perhaps 
exposing a surveillance team that you didn't realize was watching you.. 


How the FBI cracks PGP email...

The FBI has resources and expertise. Their methods fall into four categories. 
Method 1 relies on their ability to break into your home or office undetected. 
Method 2 relies on their ability to bug your home or office. Method 3 uses 
electronic equipment that detects signals your computer makes. Method 4 is used 
in cases involving national security, where they rely upon the cryptanalysis 
capabilities of NSA.

Know where you're vulnerable. The weakest part of your email security is you, 
the user. The mathematical algorithms that form the underpinnings of PGP are 
very robust. It is the manner in which you use them that creates 
vulnerabilities.

The most vulnerable point is the manner in which you create and store your 
original plaintext message. The next weakest element is your passphrase. Next 
are the PGP files on your computer's hard disk. (From now on we'll refer to your 
hard disk drive as HDD).

In a typical surveillance operation, the FBI will utilize the attacks described 
here. The ten attacks are listed in approximate order of increasing difficulty. 
It is standard operating procedure for the FBI surveillance team to use the 
simplest attacks first. In practice, their choice depends on the circumstances 
of the case.


Attack #1 - Plaintext recovery. An FBI or BATF surveillance team will break into 
your home or office without your knowledge. Once inside, the agents will read 
the plaintext files on your hard disk, diskettes, or paper printouts. Local 
police also use this method. It is very effective.

If you're like most people, you're probably thinking to yourself, "Aww, there's 
no way they could get in here without me knowing. I'd spot it right away."

Yeah, right. That's exactly the attitude the FBI wants you to have. So dummy up. 
FBI penetration agents love people like you. You are the ideal target. Over 
confident. Easy to deceive.

This is important enough for us to pause for a few moments and talk a bit about 
how surveillance teams really operate. What you are about to read has never been 
published before. The government does not want you to know this.

Background - How they get inside. Many people are amazed to learn their home or 
office can be entered without their knowledge. And not just once, but 
repeatedly. A surveillance team often requires multiple entries in order to 
thoroughly pick through all your stuff.

Good quality locks on your doors and windows are generally useless. The 
penetration team ignores them. They've found an easier way to get inside. 
Perhaps an example is the best way to illustrate the point.

Top: Dislodged block, exterior wall.
Below: Cabinet against exterior wall.

Case Study. Ever since we launched Spy & CounterSpy, we have been involved in 
running battles with FBI surveillance teams trying to get inside our offices. 
Because of our experience we are not an easy target. Their operations were 
complicated by the fact that the FBI is operating illegally in Canada and must 
act covertly at all times.

The setup. Our former office was situated in an industrial park. We were located 
in a cindercrete masonry building equipped with high-security locks. We 
concluded it would be difficult for an FBI surveillance team to conduct a 
surreptitious entry without our knowledge.

Our building abutted a similar cindercrete building next door - a welding shop. 
The bathroom cabinet sink is located against this wall. The arrangement provided 
a perfect opportunity for surreptitious entry.

The photos tell the story. It's easy for FBI agents to enter a building next 
door and remove a few cindercrete blocks from two sets of exterior walls - and 
then enter our office through the back of the bathroom cabinet.

Repair experts. Most people aren't aware that surveillance teams routinely break 
in through walls, ceilings, and up through floors. This is standard operating 
procedure. The FBI's restoration specialists can repair a damaged area in under 
90 minutes using patch drywall, quick-drying compound, and special paint. 
Apartments and houses are a snap for these guys. This is your own government 
doing this to you, folks.

My first experience with this sort of entry was when I was helping Vickie deal 
with 24-hour surveillance by US Naval Intelligence. (Return to our home page and 
click on About Us for more on this.) I showed her how to seal her house - doors, 
windows, attic panel, everything.

But they tunneled over from the house next door. They came in under the driveway 
and broke through behind a false wall next to a fireplace in the downstairs 
family-room. They moved along a short crawlspace and entered the livingspace 
just behind the furnace.

Their cover was clever. They used a ruse of major renovations next door to 
conceal the sound the tunnel crew made.

Their mistake? Not enough attention to detail. They didn't match the original 
panel when they replaced the wall behind the furnace. Vickie and I had done a 
complete inspection of her house two months earlier. We both spotted the bogus 
panel immediately. She still becomes furious when she talks about it.

The reason the goons like to break in through walls is simple - it's extremely 
difficult to defend against. But simply being able to detect that you've been 
penetrated gives you an advantage, especially if you don't reveal you're on to 
them.

Now that you've got a better understanding of how resourceful and cunning these 
government agents are, let's return to the different attacks they use to crack 
your encrypted email. We've already covered Attack #1, plaintext recovery.


   Their goal is to grab your secret key and your passphrase so they can use any
   copy of PGP to read your email.


Attack #2 - Counterfeit PGP program. After breaking into your home or office, 
FBI agents will install a counterfeit copy of PGP on your HDD. Encrypted 
messages created by this modified program can be decrypted with the FBI's master 
key. It can still be decrypted by the recipient's key, too, of course.

A variation of this attack is the FBI's bot. Acting similar to a virus, the bot 
is a key-trap program. (Bot is an abbreviation of robot.) The bot intercepts 
your keystrokes without your knowledge. When the opportunity arises, the bot 
uses your Internet dial-up connection to transmit your passphrase to the 
surveillance team. FBI agents often hide bots in counterfeit copies of your word 
processing program, and so on.


Attack #3 - PGP's working files. After entering your premises in your absence, 
FBI agents will make copies of certain PGP files on your HDD, especially the 
files containing your secret keys. The agents will then attempt to find where 
you've written down your passphrase. They'll methodically search your papers, 
desk, safe, filing cabinets, kitchen drawers, and so on. They'll use deception 
to gain access to your wallet, purse, money belt, briefcase, and pockets.

Their goal is to grab your secret key and your passphrase so they can use any 
copy of PGP to read your encrypted email messages whenever they want.

If their search fails to turn up your passphrase, they'll use cracker software 
to deduce it. This works because most people use passwords and passphrases 
consisting of words and numbers with special meaning like birth dates or pet 
names. Unfortunately, it's a simple matter for the FBI to collect information 
about you like your birth date, your mother's maiden name, the number of a PO 
Box you rented 10 years previous, the license plate of your vehicle, names of 
pets past and present, and so on.

Here's how the FBI's cracker software works - it combines and recombines all 
these words and numbers and keeps submitting them to the PGP program. (They copy 
your entire HDD and do this work at their office.) They routinely crack the 
passphrases of PGP-users who fail to use random characters in their passphrase.


Attack #4 - Video surveillance. After breaking into your home or office without 
your knowledge, FBI specialists will install a miniature video surveillance 
camera above your work area. The lens is the size of a pinhead. It's extremely 
difficult to detect. The FBI surveillance team watches your fingers on the 
keyboard as you type in your passphrase. Local police and private investigators 
have also been known to use this method.


Attack #5 - Audio surveillance. This method is a variation of Attack #4. FBI 
technicians install an audio bug near your computer. The sounds generated by the 
keyboard can be analyzed. By comparing these sounds with the noises made during 
generation of a known piece of text, the FBI can often deduce your passphrase - 
or come so close that only a few characters need to be guessed.


Attack #6 - AC power analysis. Using equipment attached to your outside power 
lines, the FBI can detect subtle changes in the current as you type on your 
computer's keyboard. Depending on the user profile in your neighborhood, the 
FBI's equipment can be located some distance from you.


Attack #7 - EMT analysis. EMT is an acronym for electromagnetic transmission. 
Computer CPUs and CRTs operate somewhat like radio transmitters. CPU is an 
acronym for central processing unit. This is your Pentium chip. CRT is an 
acronym for cathode ray tube. This is your display.

The FBI surveillance team uses a communications van (or motor home) parked 
across the street to capture the electromagnetic transmissions from your 
computer. This threat can be eliminated by a shielding system called Tempest. In 
many jurisdictions you need a special permit to buy a Tempest system, however.


Attack #8 - Coercion. The previous seven attacks are quite easy for the FBI to 
implement. In fact, they use almost all of them on a routine basis. Even the 
local police in major US cities have access to vans that can pick up your 
computer's EMT.

From this point on, however, things start to get very time-consuming and 
expensive for the FBI in their attempt to crack your PGP-encrypted email. So 
they may decide to take a more direct approach.

They'll simply bend your thumb back. Until it breaks, if that's what it takes. 
Before they start, they'll make sure they've got enough biographical leverage on 
you to blackmail you into becoming an informant. Biographical leverage is 
spy-talk for blackmail information.

The main defense against this threat is deception. An appropriate strategy is 
discussed later in this tutorial.


Attack #9 - Random numbers. After breaking into your home or office without your 
knowledge, FBI agents will make a copy of PGP's randseed.bin file. PGP uses the 
pseudorandom data in this file to help it generate a unique block that it uses 
for creating a portion of the ciphertext. This type of attack borders on true 
cryptanalysis. It is time-consuming. It is expensive. It is generally worth 
neither the FBI's nor NSA's time, except in cases of national security.


Attack #10 - Cryptanalysis. It is ridiculously easy for anyone, including the 
FBI, to intercept email on the Internet. After collecting a sampling of your 
encrypted email, the FBI submits the data to NSA for cryptanalysis. 
Cryptanalysis is egghead-talk for using mathematics, logic, and problem-solving 
skills to crack an encrypted message. It's all done with computers - and NSA has 
some monster computers.

The best information available to us indicates that NSA can indeed crack PGP 
email, but a brute force attack is required. A brute force attack involves a lot 
of informed guessing. It's mostly just trial-and-error. Cracking a message can 
take weeks, months, years, or decades depending on the content, format, and 
length of your message. Later in this tutorial you'll see how to make your 
messages more resistant to this attack.

Very few domestic cases warrant the involvement of NSA. Besides, FBI agents are 
usually successful in cracking your email using one of the other attacks, 
especially break-and-enter. So NSA devotes its resources to cracking the 
messages of other countries' governments and their intelligence agencies. 


Thinking outside the box...

The preceding ten attack-scenarios are based on thinking inside the box. When we 
use this type of reasoning, we are staying within a set of fixed assumptions. We 
are, in effect, boxed in by our rigid assumptions - hence the phrase, thinking 
inside the box.

The preceding attack-scenarios make two assumptions. First assumption - You've 
got an authentic copy of PGP. Second assumption - NSA has not yet discovered a 
mathematical method for decrypting PGP ciphertext. Neither assumption is 
necessarily correct.

Counterfeit software. We have received one report about this. We must caution 
you that it is only one report, and we have been unable to verify it through 
other sources. Our contact says an FBI agent bragged to him that the CIA has 
been distributing doctored copies of PGP freeware over the Internet. According 
to our source, the FBI routinely decrypts messages encrypted with these doctored 
copies.

It is our view that if this happened it was not over a wide-scale. Many copies 
of PGP are digitally signed by the manufacturer, who is no dummy. We believe 
that the fragmentary and decentralized character of the Internet prevents this 
type of ruse from succeeding - especially against savvy targets like the folks 
at PGP.

Mathematical algorithm. It is unlikely that NSA has developed a mathematical 
algorithm for decrypting PGP ciphertext - not impossible, but unlikely. Because 
the algorithm and the source code for PGP are widely known and freely available, 
PGP has been subjected to rigorous testing and attacks by some of the brightest 
minds in the scientific community. This is called a review by your peers. It is 
a powerful method for vetting new ideas and methods. None of these bright 
scientific minds have come close to cracking the PGP algorithm, which is based 
on a complicated one-way math function. 


Sizing up your adversary...

Clearly, FBI and BATF surveillance teams are a force to be reckoned with. They 
possess a lethal arsenal of capabilities that they can bring to bear against you 
and your email privacy. Their methods range from the simple to the sublime. They 
can break into your home or office without your knowledge and use your computer. 
They can use sophisticated electronic equipment to read your keystrokes - over 
the AC electrical connection, over the telephone line, or over the airwaves. 
And, finally, if these types of methods fail - which isn't very often - NSA will 
be called in to crack your PGP-encrypted message.

Is the FBI difficult to beat? Yes. They've been at this game a long time. 
They've learned many lessons over the years.

Can the FBI be beaten? Yes, you can beat them. It is easy? No, not at first, but 
it gets easier as you build up self-discipline. Beating the FBI requires that 
you stop thinking inside the box.

Part 2 of this tutorial will show you how to stop the FBI from reading your 
PGP-encrypted email.





Uncrackable email part 2


In Part 1 of this two-part tutorial, you learned about the methods that FBI 
surveillance teams use to crack your PGP-encrypted email messages. Many of those 
methods involved breaking into your home or office without your knowledge. Some 
methods involved electronic devices in a communications van located a short 
distance from your home or office - across the street perhaps. (If you haven't 
read Part 1, you might want to go back and do so now before reading further. 
Return to our home page and click on Uncrackable Email 1.)

Uncrackable Email Part 2 describes ways to protect your email privacy - and the 
secrecy of your messages. These methods work against the FBI, BATF, DEA, and 
other government agencies, including state and local police.

You'll learn step-by-step protocols and countermeasures that you can implement. 
In some cases, these methods will stop an FBI investigation cold. In other 
cases, they will only delay it. Much depends on the circumstances of the case. A 
lot depends on your countersurveillance and antisurveillance skills.

Each solution described in this tutorial is a protocol. You can think of a 
protocol as a method, a set of guidelines, or an operating procedure.

Flexibility. If your goal is to absolutely prevent the FBI from cracking your 
PGP-encrypted email, the key to success is flexibility. The content of your 
email is what counts. The more incriminating the message, the more precautions 
you should take. 


When used properly, the firewall method can completely frustrate an FBI 
surveillance team.


Protocol 1: The firewall method...

The firewall method is centered on the way you use your computer. This includes 
where, when, and how you use your computer. Described here is a step-by-step 
method for obstructing the FBI. This is a very rigorous protocol. You likely 
won't need to go to this much trouble very often.


Step 1 - Get cleaned up. Scrub your hard disk. The FBI can read deleted files 
using an undelete utility. The FBI can read file slack, RAM slack written to 
disk, free space, garbage areas, and the Windows swap file using a sector viewer 
or hex editor. Return to our main page and click on Security Software for more 
on this. Although other packages are available, we use Shredder(TM). Then we use 
Expert Witness(TM) and HEdit(TM) to check the hard disk afterwards. (From now on 
we'll refer to your hard disk drive as HDD.)

If you have previously used your computer to work with incriminating data, you 
should wipe the entire HDD and reinstall the operating system, application 
software, and user files. If surveillance poses a risk to your liberty, you must 
install a new hard disk drive. Then disassemble the old HDD, remove the 
platters, and sand them with coarse-grit sandpaper.

Once you've got your computer sterilized, you'll want to keep it clean. Tidy up 
after each work session. Thereafter, don't leave your computer unattended.


Step 2 - Get unplugged. During sessions when you're working on secret messages, 
you should take measures to frustrate FBI surveillance. This means physically 
disconnecting your computer from the AC power supply and from the telephone 
jack. You'll need a battery-powered computer - a laptop, notebook, or 
subnotebook.

Remaining connected to the AC power supply is risky. Using equipment attached to 
your power line outside your home or office, the FBI can detect subtle changes 
in the current as you type on your computer's keyboard.

Likewise, remaining connected to the telephone line is risky. If the FBI has 
broken in without your knowledge, they may have installed counterfeit programs 
on your computer. Your computer could be secretly sending data to the 
surveillance team over your dial-up connection. Just imagine the damage if you 
were unknowingly using a doctored copy of your favorite word processing program.


Step 3 - Go somewhere else. In order to frustrate the FBI's electronic 
surveillance capabilities, you must relocate away from your usual working area. 
If you fail to take this step, an FBI video camera can watch your keystrokes. An 
FBI audio bug can listen to your keystrokes. An FBI communications van parked in 
the neighborhood can detect both your keystrokes and your display.

Suitable locations for ensuring a surveillance-free environment are park 
benches, crowded coffee shops, busy fast food outlets, on a hiking trail, at a 
friend's place, in a borrowed office, at a bus depot waiting area, in an airport 
lounge, at the beach, and so on. Be creative and unpredictable. The trick is to 
select a location difficult for FBI agents to watch without you becoming aware.

You may be surprised at what happens the first time you relocate. If you 
suddenly find people loitering nearby, you may already be under surveillance. 
(More about this later in the tutorial.)

During your first relocated work session, use PGP to create your secret key 
ring. Your passphrase should contain random characters. Do not write down your 
passphrase. If you must, jot down just enough hints to help you remember.

Save copies of the following files from the PGP directory to a diskette - 
Secring.skr, Secring.bak, Pubring.pkr, Pubring.bak, and randseed.bin. For 
safety, use two diskettes and make two backups. Keep the diskettes on your 
person. Delete the files from your HDD.


Step 4 - Get serious. From now on, you've got a new standard operating 
procedure. Whenever you need to compose and encrypt a secret message, you must 
first relocate to a safe area. (You'll soon begin to appear like a busy person 
who checks in often with your contact software or scheduling software.)

Save the encrypted document to diskette. Delete all working files. Return to 
your home or office. Then use a different computer to email the encrypted 
messages.

Using a different computer is vital. It acts like a firewall. It keeps your 
relocatable computer sterile. Do not connect your relocatable computer to the 
telephone line. Ever. Do not leave your relocatable computer unattended. Ever. 
If this means carrying your relocatable computer with you all the time, then so 
be it.

For ordinary working sessions, it's usually okay to connect your relocatable 
computer to AC power. However, don't do any sensitive work in this mode. Always 
disconnect and relocate first. But if absolutely watertight security is your 
goal, the only time you'll turn on your relocatable computer is when you've 
relocated. The only time you'll plug it in is to recharge the battery.

When you receive incoming encrypted email on your firewall computer, save it as 
a text file to diskette. Relocate. Check the diskette with an antivirus program. 
Load the file into your sterile computer. Decrypt the ciphertext and read the 
plaintext. Delete the plaintext. Return to your regular work location.


Summary. The firewall method involves nit-picking attention to detail. It is a 
methodical system for protecting the privacy of your PGP-encrypted email 
messages. It takes perseverance and patience to beat the FBI at this game. But 
it's preferable to the alternative. The firewall method will keep you out of the 
internment camps.

You'll read about other protocols later in this tutorial. But if you choose to 
use the firewall method, you must follow it rigorously in order for it to be 
effective. Slip up once and the goons will nail you. They'll snatch your 
passphrase. They'll learn where you keep your key rings. Then it's 
interrogation, arrest, indictment, conviction. Or maybe they'll just kick in the 
door an hour before dawn and ship you off to the camps.

The firewall method is watertight, but it only works if you use it. 


Protocol 2: The deception method...

Protocol 2 is based on liveware, not software. Liveware refers to you, the human 
element in the countersurveillance scheme. Protocol 2 takes a human approach. It 
uses deception.

Most people don't realize that FBI surveillance teams are vulnerable to 
deception. It's possible to mislead and confuse them. That's because most FBI 
targets are ordinary Americans with no countersurveillance training. In relative 
terms, only a few elite units within the FBI encounter hard targets. (A hard 
target is a trained operative who is actively maintaining secrecy and who will 
not reveal that he has detected the surveillance team.) So most FBI agents have 
never confronted a hard target. They never get any practice. They're accustomed 
to playing tennis with the net down.

Deception provides four ways for you to protect the privacy of your PGP email.


Deception method 1 - Decoy. This method involves duping the surveillance team 
into believing they have cracked your PGP email, when in fact they have 
uncovered merely a decoy. Your real protocol continues to run undetected in the 
background. This is called layered security.

The best underground activists worldwide operate in this manner, including 
guerrilla movements, freedom fighters, and resistance groups. Inside the USA 
this method is mostly used by criminal groups (so far).

The key to success is carefully and deliberately providing some mildly 
incriminating evidence for the FBI to find. This decoy data will often dissuade 
them from investigating further. The FBI will eventually downgrade the 24-hour 
surveillance to perimeter surveillance, then picket surveillance, and finally 
intermittent surveillance. They'll keep you on their watch-list and check up on 
you two or three times a year. They may drop you entirely. Here's how to 
implement this method.


Step 1 - Set up Protocol 1 and then forget about it.


Step 2 - Use your firewall computer as your primary computer. Create another set 
of secret keys. Leave the key ring files and randseed.bin on your HDD. This 
increases the chances the FBI will recover them during a surreptitious entry. 
Create and encrypt low-grade messages at your firewall computer. This increases 
the odds that the FBI will snatch your passphrase.


Step 3 - Use this second configuration of PGP as a decoy. Use it to send only 
low-grade messages. In effect, you are now running two layers of PGP. From time 
to time you will use Protocol 1 and temporarily relocate in order to encrypt or 
decrypt high-risk secret messages.


Step 4 - If you suspect or detect FBI surveillance, keep up the deception. 
Perhaps temporarily stop using your relocatable computer. If you use the 
technique of plausible denial, you increase your chances of completely 
concealing the fact that you've got a second PGP system.

The principle of plausible denial is well-known in intelligence agencies, urban 
guerrilla movements, and resistance groups. Plausible denial means cover. Cover 
is spy-talk for innocent explanation. You must take the precaution of having a 
plausible, innocent explanation for everything you do. Absolutely everything. 
Don't ever do anything until you think up a believable excuse for doing it.

Even if the FBI surveillance team discovers the second protocol, you will have 
purchased yourself some extra time. Use the time to encrypt, conceal, or destroy 
incriminating data. Use the time to warn other members in your group. Use the 
time to feed misinformation to the surveillance team.

When systematically applied, the decoy method provides a good first line of 
defense against an FBI surveillance team.


Deception method 2 - Thwarting cryptanalysis. When using Protocol 1, you can 
utilize deceptive techniques to reduce the chances of your message being cracked 
by NSA. If the case is serious enough, the FBI will provide NSA with a full set 
of your encrypted messages.

The cryptanalysis experts at NSA will use Statistical Probability Analysis to 
begin detecting commonly used phrases, words, punctuation, and layout. The more 
footholds you give them, the sooner they'll crack your email. Here are three 
ways to use deception to impede their progress.


Step 1 - Disguise the format of your message. Your goal is to camouflage the 
layout. Insert a random-length paragraph of nonsense at the beginning of each 
message. You do not want the salutation or other material to appear at always 
the same location. Your recipients should be alerted to ignore the first 
paragraph. You can also use a text editor to manually strip off the header and 
footer from PGP ciphertext. The recipient can likewise use a text editor to 
manually restore the header and footer so PGP will recognize the text as code to 
be decrypted.


Step 2 - Make your content resistant to heuristic analysis. Heuristic analysis 
involves informed guessing and trial-and-error. Deliberately run some words 
together, eliminating the space. Intentionally add or delete punctuation. 
Occasionally insert a carriage return in the middle of a paragraph. Deliberately 
introduce spelling errors into your text.


Step 3 - Write your message in a "foreign" language. You can do this by using 
homonyms such as "wood" instead of "would", or "urn" instead of "earn". Use 
"gnu" or "knew" instead of "new". Use "seas" instead of "seize". Use "mast" 
instead of "massed". Write numbers and dates out in full, such as "nineteen 
ninety eight" instead of 1998. Use code words such as competition instead of 
surveillance, competitor instead of FBI, market survey instead of 
countersurveillance, and so on. Use noms de guerre instead of real names.

When properly used, these and other anti-cryptanalysis techniques can greatly 
increase the amount of time it takes the NSA to crack your PGP-encrypted email.


Deception method #3 - Diagnostics. You can use PGP to detect the presence of a 
surveillance team. Countersurveillance experts refer to this as running 
diagnostics. When performed against pavement artists, it is called dry-cleaning. 
Here's how it works.

Deliberately encrypt a provocative, bogus series of messages. Your goal is to 
use content that will elicit an aggressive response from the FBI. If 
surveillance intensifies, your email may have been cracked - or the FBI may 
simply be reacting to your increased traffic. That's spy-talk for the frequency, 
volume, and timing of your messages.

On the other hand, you may notice that the surveillance team seems to know where 
you're going and who you're going to meet with. They arrive before you do. They 
break into your associate's home or office looking for items you've mentioned in 
your email. They're conspicuously nearby as you slip a written note to your 
contact, after mentioning the brushpass in your email.

All these are warning signs that the FBI is reading your PGP-encrypted email. If 
you're using a decoy setup, switch to Protocol 1 to send secure email. If you're 
already using Protocol 1, you and your correspondents should create new 
passphrases. If further diagnostics suggest the FBI is still reading your email, 
you and your correspondents should reinstall PGP and create a fresh set of key 
rings and passphrases. Exchange the key rings by face-to-face contact, through 
live intermediaries, or by human courier. 

Tip - Anonymous email addresses activated through a cyber café can be used, but 
only if you set them up before the FBI puts you under surveillance. Go out and 
do it tomorrow.

When properly applied, diagnostics can keep you one step ahead of an aggressive 
FBI surveillance team.


Deception method #4 - Spoofing. You should routinely send out bogus encrypted 
messages. Your goal is to mislead and confuse the surveillance team. If the FBI 
is reading your email, you have an opportunity to confuse and mislead them with 
misinformation. If the FBI hasn't cracked your email yet, the traffic in bogus 
messages will provide cover for your authentic messages. If a mission requires 
an increased number of secret messages, simultaneously reduce your bogus 
messages, and the FBI won't detect any increased communication activity.

When used systematically, spoofing can level the playing field between you and 
the FBI surveillance team.


You can boost your chances of stopping an FBI surveillance team from learning 
anything at all.


Summary...

Using deception, you can confuse, mislead, obstruct, and frustrate the 
surveillance activities of your adversary. Deception can be very effective 
against an FBI, BATF, or DEA surveillance unit. It is particularly effective 
against standard police surveillance.

If the deception techniques of Protocol 2 are used in combination with the 
firewall methods of Protocol 1, you boost your chances of stopping an FBI
surveillance team from learning anything at all.


   --original by: spy&counterspy, ascii conv. by: mrf