"Yes, but Clipper went nowhere and the civilian encryption cat is out of the bag. What is the NSA doing about it?"
"Short of some miraculous mathematical advance in factoring2 to crack RSA keys, or the construction of a quantum computer in the next five years, there is little they can do about it."
"So, I take it the NSA is . . . less than hopeful in our case?"
"They say that several things will likely make decryption impossible. One, they have no plaintext to work from; two, the message lengths are short, under 500 bytes; three, the symmetric key length is a robust 128-bits; and four, we may be seeing a regular change in keys."
"What do you mean by a 'regular change in keys'?" The Director braces himself for yet another avalanche of new information.
"NSA believes that these new Wyoming residents were given several different passphrases in advance, which have so far been used only once. The email subjects contain prefixes such as 'Adam' and 'Brian,' which likely signify which key was used. These keys are, in effect, 'single session' keys which makes them virtually impossible to crack, especially without any plaintext. Since 'Edward' is so far the highest letter name used, NSA hopes that a short stack of only five different keys — 'A' through 'E' — were provided and that the email receivers will at some point begin to reuse the earlier keys. Remember, these people are neither trained agents nor computer experts. They're just average folks so their comm network cannot be overly complex. I think the NSA is right, that they'll start reusing old keys for simplicity's sake. Their superiors are not likely to repeat the trouble of individually PGPing each of their new residents with new key passphrases.
"So, when they begin to reuse old keys the cumulative message length per key will increase, which will slightly ease decryption efforts. Even if the NSA does crack one of the keys, the messages encrypted with the remaining keys will remain unsolved."
The Director interrupts with a question. "What if the original stack of keys was not a short stack? What if the stack is twenty-six passphrases high from A to Z and we never see anything past 'J'?"
Good question! thinks Bleth. There may be hope for the man. "If there is no reiteration of key usage and message length is kept short, then brute force cryptanalysis will be unavailing. Especially if the passphrases were unusually robust."
"Explain."
"Let's say the recipient sees 'David' in the subject line, and thus knows to use the passphrase called 'David' from his list. If he cuts-and-pastes the passphrase instead of typing it in, then he bypasses the keyboard altogether, thus defeating keysniffing programs. We are quite concerned about that possibility. Use of the RAM buffer can sometimes defeat Magic Lantern3.
"The NSA also pointed out that if the cut-and-paste method of passphrase entry were used, then the passphrases could be very long strings of typographical gibberish, including the metacharacters. Such passphrases could not possibly be remembered, or even typed in perfectly. They would have to be cut-and-pasted. So, if metacharacters such as $ and % and * were used, that's a possible total of 95 characters including the numerals and upper and lower case letters. Even early versions of PGP support 79 character passphrases, which is a keyspace of 9579, or 1.7 times 10156. That's many times larger than the number of atoms in the entire universe."
"My God!" gasps the Director.
"And it could be even worse. They could be using more than just 95 characters in their passphrases. The total number of keyboard accessible characters is actually 256. By holding the Alt button and typing in certain numbers up to 256, characters such as ¢ and © can be used. A 256 ASCII passphrase of 79 characters would contain 25679 possible permutations, which is 1.78 followed by 190 zeroes. That number is 1034 times larger than using the 95 character field, which was huge enough by itself."
"Bleth, these numbers are incomprehensible. Who can grasp them?" says the Director, nearly whining.
Consulting his notes, Bleth replies, "I completely understand, sir. Think of it this way. Imagine the keyspace of 9579 to be a square inch, roughly the area of a postage stamp."
"OK. I can see where you're going with this. The keyspace of 25679 is the size of Texas or something, right?"
"Much larger, Director."
"North America?"
"Larger."
Taking a wild stab the Director ventures, "The surface area of the entire planet Earth?"
"Yes, sir. Times 3 trillion planet Earths."
The Director is speechless.
"Let's really put this in perspective. There are about 8.69 × 1069 atoms in the Earth. If the visible universe, which is a cube roughly 1.5 billion light years per side, were 100% filled with matter instead of its far less than a billionth of 1%, there still would be fewer atoms than 1.78 × 10190. That's how big a PGP keyspace can be if the user goes 256 ASCII and uses the PGP maximum length passphrase of 79 characters."
"Good God, I had no idea," says the Director wearily.
"The NSA analyst told me, 'If they're using long passphrases with 256 field ASCII characters, forget it; not in a trillion lifetimes.' Quite frankly, the NSA has very little optimism in a successful decryption effort. They feel that much more can be gained from the human element."
"For example?"
"The technical security of PGP and how it has been used through foreign remailers in this case was quite sophisticated. We are advised to probe what is always the weakest link in the chain, human beings. For example, the World War Two Ultra program to crack the Germans' Enigma encoding machine would not have been successful without the sloppy techniques of too many German operators. The Gestapo's Sicherheitsdienst in particular were quite helpful to the British as they usually used profanities in choosing their three letter key settings."
"So what do you have in mind?"
"Remember, IDEA passphrases perform both encryption and decryption functions. Conversely, the members could just as easily and securely send messages up the chain of command with the same passphrases. Symmetric encryption is a two-way street, and that's what we exploit."
"You're about to lose me here. What does this all mean?"
"It means that their scheme, though clever, has a flaw. All we have to do is a bit of DCS10004 traffic analysis of these new Wyoming residents. What they are looking for are emails encrypted with a symmetric key, versus with the much more common asymmetric method employed by nearly all PGP users. Asymmetric encryption is the raison d'etre of PGP. It is very unusual for somebody to send a PGP email that was encrypted merely with the IDEA algorithm a conventional symmetric algorithm, which means that the recipient knows the same passphrase as the sender. Such just isn't done these days; it dismisses the whole point of public key encryption. So, we merely look for IDEA-encrypted emails. Easy."
"Can DCS1000 differentiate between the two different encryptions?"
"Not directly. All encryption software packages append their file names with a unique extension, such as .asc or .two or .enc. After searching for key words in plaintext, these known file extensions are the next search priority. A shrewd user knows this and either renames the files with an innocuous extension, or simply ZIP compresses the files which take on the extension .zip.
"Even if the file extension has been renamed, there is the matter of plaintext software headers. Abi-Coder and Twofish have none, but all PGP files have a plaintext header reading 'BEGIN PGP MESSAGE' with a version designation, and a footer reading 'END PGP MESSAGE.' It's one of the few faults of PGP. A few other encryption software packages also have plaintext labels, such as VGP, Kryptel Lite, and Diamond PC-1. Unless these files have been ZIP compressed which garbles plaintext in the process of compression — DCS1000 easily flags them."
"Then why didn't these people use, what was it, Twofish? Then there would be no plaintext labels telling us that they used PGP."
"Probably because PGP is universal. Even though Twofish is easy to install and use, it's one more step for everyone to do and whoever planned this figured it just wasn't worth the bother. Personally, I dou
bt those folks in Wyoming bother renaming PGP files or compressing them or removing headers. I'd bet we'll find them sent as is. When they do, DCS1000 will try to open them up in PGP. If the file was encrypted with asymmetric RSA, then the PGP dialogue box will read that we do not have that particular secret key."
"Will the secret key have a name?" asks the Director.
"It must have some name; the key pair generation process demands it. This is so the PGP user can differentiate between keys on his secret keyring. But what the user names the pair is up to him. If these people are smart then they will not have given their key pair any identifying name. They could simply use alphabet letters or numbers."
"But you're not expecting this RSA encryption, are you?"
"No, sir. If the file was encrypted with conventional symmetric IDEA, then the PGP dialogue box will say so and ask for the password.
"It'll go down like this: Smith, a new resident in Wyoming, sends one of these unusually encrypted emails. While we won't know the content, we will have a brand new piece of information the IP5 address of the recipient. This will prove invaluable because the recipient is almost guaranteed to be higher in the chain of command than Smith. Smith is a buck private in the organization; he was induced to move to Wyoming. He won't be using this encrypted channel to chat with his enlisted men buddies. No, he will use it only to ask his sergeant for orders. Once we have the sergeant, we'll wait for him to query his lieutenant, and then the lieutenant his captain, and so on. Over time through traffic analysis, we'll roll up this group all the way to their general staff."
"Excellent. Fine work, Bleth. I suggest that for each area of immigration there are, what, five counties? — we focus on the first people to arrive. They likely work in some coordinating capacity for the later people, and so they'll be in more frequent contact with their command."
"That's a great idea, sir. We'll get right on it."
Bleth had already thought of this.
"Let me know the moment you get a break. I don't like the idea of 9,000 people all being part of some scheme directed by God knows who through encrypted email. Even if they haven't yet broken the law. The size and secrecy of this whole thing bothers me. Have you ever seen anything like it, Bleth?"
"No, sir, not outside the service. It resembles a military operation; a wartime invasion, actually."
"It does, doesn't it? We know who the troops are all 8,994 of them. Find their general, Bleth."
"Yes, sir. We will."
Natrona County, Wyoming
Preston Ranch
Spring 2007
"Folks, we have achieved our first legislative goal, a bit of constitutional 'prepositioning.' This will speed the passage of proposed amendments by virtue of a special election instead of waiting up to nearly two years for the next general election."
"Any expected opposition to ratification in 2008?" asks a white-haired jurist-looking fellow.
Preston answers, "No organized opposition, no. Perhaps 20 to 30% may oppose on the general principle of not tampering with their state constitution, but they will be insufficient to block ratification. As you well know, it is critical that such be in place by January 2015 of the 63rd Legislature, else our plan will have been mired in the mud of time, allowing opposition many months to organize. Little does this current government realize that they have been hoisted by their own petard."
The room chuckles heartily at this.
Preston then laid out the project's three sequential goals6 . . .
1) Acquire political control of 16 of the 23 counties by 11/2014.
This is home turf, where Life is lived. Over half the battle of Freedom is in controlling one's county government by electing the sheriff and county commissioners (who could effectively limit state and federal intrusion, as did Sheriff Mattis of Big Horn in the late 1990's). If you are free in your county, then you are generally free indeed.
The team recognized how vital employment would be to the project's success. As a successful entrepreneur, Preston understood the necessity of revitalizing depressed counties with an influx of new businesses. Such not only brought in hundreds of needed relocators, but gained them instant grace with the community. But they had to be carefully chosen businesses, i.e., noncontroversial industries which did not siphon away indigenous jobs and capital. Industries which made the best use of the counties' features. Niobrara County, for example, was a vast and empty prairie with over 500 acres/person. It was thus ideal for an aviation engineering and design firm, Maxwell Aviation, which produced homebuilt and production composite aircraft. They also made target drones for the US military, which were tested at nearby Camp Guernsey. Employing over 300 people, both the state and county governments did somersaults to lure Maxwell's relocation. Niobrara County also had the oldest median age (41.4) and the smallest average household (2.21). It was literally dying out. The influx of dozens of new families brought a desperately needed vitality to the entire county. Maxwell Aviation threw an Open House, and all of Niobrara showed up. Locals joked that it was the most interesting thing that had happened there since the western The Lawless Men was shot near Lusk back in 1923.
Similarly, Preston and his team analyzed what existed and what was needed in the other target counties, and packaged the relocation of people and businesses accordingly. Crook County saw the relocation of a midwest sporting goods factory, Johnson enjoyed two new firearm manufacturers, Sublette an alpine training academy for international athletes, and Hot Springs a national HQ for an insurance company serving retired military.
The calculated synergy was a Win-Win for everyone, which explained why things were working out so well. The success of the 2006 county elections had proven the concept. Wyoming was the contiguous 48's least explored, utilized, and industrialized state, and it was simply a matter of time before others would have figured that out. It had already begun to boom in its own right, but in that typical liberal fashion which had long ago ruined much of Oregon, Colorado, and Arizona. One Aspen or Sedona was enough.
2) Acquire a majority in both the House and Senate by 11/2014.
Such could see through the repeal of oppressive legislation and the introduction of beneficial constitutional amendments.
The Wyoming legislature is made up of 30 Senators and 60 Congressmen. All serve single-member districts which are reshaped every ten years from US Census data. Each Senate district had about 15,000 people and comprised two House districts of about 7,500 each. These districts spilled over county and even city lines. Fremont county, for example, was in five Senate districts and six House districts. Senate District 1 comprised all of Crook, Weston, and Niobrara counties, as well as 20% of Converse and Goshen. The larger cities of Casper, Rock Springs, Laramie, Gillette, and Cheyenne comprised their own Senate districts, as well as multiple House districts. Medium-sized cities such as Evanston, Green River, and Sheridan had their own House districts.
Therefore, it required a precise coordination of relocators. It was very tricky work, especially in conjunction with saturating the counties.
3) Elect the state executive officers in 11/2014.
This was, obviously, the plan's coup de grâce. A state governor backed by an allied legislature and judiciary could accomplish far-reaching reforms affecting all but the most federal of oppression.
Although it was a most ambitious project, it wasn't "all or nothing." If ⊂ did not happen, then at least they had most of the counties and the majority of the legislature. If ⊄ and ⊂ did not transpire, then at least most of the counties were in their hands.
Even if not all 16 counties were taken, at least several would have been. Accomplishing only "2½" of their 3 goals still would have created several thousand square miles of freedom in America. Aim at the horizon, and you'll just clear your feet. However, aim at the stars and you'll reach at least the horizon, maybe farther. In short, the project could not utterly fail. Acquiring even just one county was one county more than they had.
The whole thing suited Preston perfectl
y. He was a superb planner and organizer, one of those rare people who could zoom in and out of a concept. He neither got lost in the big picture nor mired in the details. His mind worked like a spreadsheet: change one value and he would instantly understand how it affected everything else. After three years of planning sessions, his colleagues grew in awe of his talents and called him "The Wizard."
But how to "herd stray cats"? First, Preston and his team had to learn more about their relocators. Many questions were asked of them:
In which election year could they move? 2006, 2008, etc.?
How many voting age family members would they total?
Are they financially independent (business, investments, etc.)?
If a business owner, how many jobs could they supply?
If not financially independent, what employment would they need?
Rural or urban preference of living?
If rural, which first 3 choices of counties? Last 3 choices?
If urban, which first 3 choices of cities? Last 3 choices?
What monthly rent/mortgage could they afford?
Home: hacienda, house, cabin, apartment, trailer, community?
Willing to take in renters? If so, how many and for how long?
So that the relocators could choose amongst the Wyoming counties and cities, detailed information was supplied. They got not only statistical abstracts, but digital videos of walking tours and even overhead flights, as well as interviews of residents explaining what they liked best and least about their area. Unpleasant facts were not glossed over folks got the whole picture, warts and all. For example, everyone knew that Niobrara county was Nebraska's topographical twin and used logging chains for windsocks which sort of helped to explain why fewer than 3,000 people lived there.
Molon Labe! Page 12