Easy to learn. Easy to play. Now, much easier to win.

AFRICOM’s Chinese Satellites: How To Lose At Mastermind

THIS ARTICLE WAS ORIGINALLY PRINTED ON MAY 3, 2013 AND IS BEING RE-PRINTED FOR “CHALLENGES OF INTELLIGENCE COLLECTION WEEK.”

Easy to learn. Easy to play. Now, much easier to win.
                                   It gets easier with practice.

For many, the game Mastermind is their first adolescent introduction to cryptology.  A code-breaker is given limited turns to discover the encrypted signal of the code-maker.  By choosing to put AFRICOM bandwidth over state-controlled Chinese satellites in 2012, the U.S. Defense Department decided to extend their PRC opponents exponentially more “rounds” to win the game.  The U.S> has won a tactical convenience at the cost of strategic peril.

Defense Department representatives claim the use of the satellites was secure due to the encrypted nature of the transmissions.  However, as in Mastermind, more exposure reveals more information, with which the code-maker can be beaten.  With an unrestricted treasure-trove of data, the cyber-battle proven Dirty Data Dozen of Chinese cyber-warfare will have plenty of material to compare and contrast until base patterns are found and exploited.  This vulnerability is especially worrisome in an area of responsibility rife with corruption issues and general penetration by state-associated Chinese assets.  That access to the satellite transmissions might be doubly useful because of the potential access to the pre-transmitted data, further easing decryption efforts.  This undermines force-wide communications, providing information that will end up not only in the hands of the Chinese, but the actors with whom their intelligence services cooperate.  The U.S. stands not only to lose one game of Mastermind, but most of the tourney.

You must accept that you won’t always have attractive alternatives. The Big Picture may demand tactical sacrifice.

It was only last month that the CNO, ADM Greenert, said that the cyber-EM environment isso critical to our national interests, that we must treat it on par with our traditional domains of land, sea, air, and space…”  The EM-cyber spectrum may be invisible, but they have the same space constraints as those traditional domains.  During the Cold War, if the berths at Bremerton were full, the U.S. Navy would never have requested berthing space in Vladivostok; if the U.S. Army found itself under-equipped, they would never request use of radio towers in East Germany to communicate with West German patrols.  Resources are limited and must be rationed; put simply by Raymond Pritchett, “If this wasn’t the point to tell someone ‘no’ when they ‘needed’ bandwidth, what point is?”  Refusing to prioritize the strategic long-term viability of U.S. communications security over temporary tactical comfort is the laxity alluded to by the CNO when he highlighted the need for a new attitude.  We can start with the lessons learned from a 1970’s board game.

Matt Hipple is a surface warfare officer in the U.S. Navy.  The opinions and views expressed in this post are his alone and are presented in his personal capacity.  They do not necessarily represent the views of U.S. Department of Defense or the U.S. Navy, although he wishes they did.

3 thoughts on “AFRICOM’s Chinese Satellites: How To Lose At Mastermind”

    1. I specifically used “opponents” rather than “enemies” and did not call it another “Cold War.” That said, I think their desire to muscle us out as a regional power and play the zero-sum game as illustrated by their industrial-scale cyber-realm espionage as well as their occasional conventional antagonism, you can safely call them opponents.

  1. Mr. Hipple,

    I think you are misunderstanding the nature of both cryptanalysis and SHF satcom communications. While I agree that the use of Chinese SATCOM assets is problematic, it is not for the reason you state. First on the issue of interception of SATCOM transmission SHF satcom is not a low probability of intercept communications path, if any thing it is a HIGH probability of intercept communications path, UHF is even worse and the problem applies to almost every RF transmission system in existence. When using ANY SHF or UHF satcom you must assume that any adversary who is so inclined will be able to intercept your transmission. This is just a consequence of physics and the way those satellites are built. Just take a look at the downlink beam footprints for any of the major commercial comms satellites on sat-beams.com. If you can put something in the beam you can listen to all of the traffic going over that beam. When you use SATCOM your signal is being retransmitted all over the globe. The use of a Chinese satellite does not meaningfully increase this exposure when compared to other commercial satellite resources.

    With regards to cryptanalysis it is nothing like mastermind :). The attack you describe of simply gathering a lot of data and analyzing it is a fairly simple one which is accounted for both in algorithm design and usage practices. In any competently designed crypto system it is ASSUMED that the adversary will have access to all the cipher text for statistical analysis. In fact this is the reason cryptography was invented in the first place and is the problem modern cryptography seeks to and purports to solve. An algorithm which leaks statistically significant information into the cipher text during proper use over a normal period of time is considered a very bad one. In fact one that leaks statistically insignificant information during proper use over an incredibly abnormal period of time would likely be rejected during the design stage. Still it is not impossible and clever cryptographic attacks do exist so the more information out there the more the cryptanalysis folks have to work with but that is why we use concepts like crypto periods (see NIST SP 800-57 ch 5.3) and if you are transmitting over SATCOM or almost any RF channel you simply need to be working under the assumption that everyone in the world is listening to your cipher text. If you still don’t trust your crypto system then you need to stop communicating and abandon the EM spectrum until you come up with a system you trust.

    V/R,
    Ben Ulfers