Stories
Slash Boxes
Comments
Search

News for nerds, stuff that matters

Slashdot Log In

Log In

Create Account  |  Retrieve Password

Mafia Boss Using Crook Crypto Captured

Posted by Zonk on Tue Apr 18, 2006 11:13 AM
from the never-heard-of-pgp-and-email dept.
Encryption Security Government The Courts News
boggis writes "Discovery is running a story on Bernardo Provenzano, the recently arrested 'boss of bosses' of the Sicilian Mafia. He apparently wrote notes to his henchmen using a modified form of the Caesar Cipher, which was easily cracked by the police and resulted in further arrests of collaborators. Discovery's cryptography expert describes it as a code that 'will keep your kid sister out'."
+ -
story

Related Stories

[+] Ask Slashdot: Cryptology Research for High School Student? 43 comments
John3 asks: "My daughter is enrolled in an Advanced Science Research (ASR) course, at the local high school. The students join the program in 10th grade, choose a research topic, and then locate a mentor to work with them on their topic until high school graduation. My daughter took a cryptology course this past summer, and now she has chosen cryptology for her ASR topic. Most HS students pick mainstream research fields (medicine, genetics), so her science teacher is a bit unsure of where my daughter might locate a cryptology research project appropriate for advanced high school students (especially one that doesn't require security clearance). I'm hoping my fellow Slashdot readers might know of current cryptology/cryptography research projects that offered opportunities for a high school student to participate."
[+] News: The Science of Secrecy 68 comments
Matthew Sparkes writes "Ever since the first codes and ciphers were developed, there has been a battle between those who want to keep their information secret, and those who want to read that information. It has been a purely intellectual war, but one that is often driven by motives from above that are far more violent. This book chronicles that battle, from it's inception, to the modern day, and outlines the techniques used to obfuscate information, and the fascinating history of the application of those techniques." Read the rest of Matthew's review.
This discussion has been archived. No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

Mafia Boss Using Crook Crypto Captured 25 Comments More /

 Full
 Abbreviated
 Hidden
More
Loading... please wait.
  • God, he used a simple (rot3) substitution Cipher, with not even a Vigenère keyword and didn't expect it to get broken?

    People have been using frequency analysis [wikipedia.org] for over a thousand years to crack substitution ciphers!

  • If only.. (Score:5, Interesting)

    by Ckwop (707653) * <Simon.Johnson@gmail.com> on Tuesday April 18 2006, @11:15AM (#15149340) Homepage

    You see, now if you want to do secure pencil and paper ciphers here's how you do it.

    • Get two decks of cards, including the jokers. You should have 108 cards in all.
    • Encode a face up card as one and a face down card as zero.
    • Find a dense primitive polynomial [wikipedia.org] of order 108.
    • Randomize the face up and face down cards in the pack.
    • Construct a self-shrinking linear feedback shift register [wikipedia.org].
    • The keystream you clock off is reasonably secure.

    Self-shrinking generators are broken but the best attack requires an insane amount of plain-text. Far, far, more than you could ever generate by hand. If Mr Mafia had used this instead of a crappy cipher from two thousand years ago then he might not have been caught.

    Throughout history lives have literally depended on the strength of the cryptography people have deployed. I find it exciting that these times are still with us and are not mearly confined to the history books.

    Simon

    • Re:If only.. (Score:5, Informative)

      by Redwin (805980) on Tuesday April 18 2006, @11:45AM (#15149696)
      Considering ancient cyphers, if I remember correctly the ancient Chinese used to write messages Ceaser cypher style messages on fabric that had to be wrapped around a pole. The pole had to be the exact length and thickness or the text wouldn't align up and the decyphering process couldn't be started. If anyone was stopped, they could hand over the fabric covered in text and it would be meaningless without knowing what kind of pole was used to algin everything up.

      • Re:If only.. (Score:5, Insightful)

        by anotherone (132088) on Tuesday April 18 2006, @12:51PM (#15150416)
        Trivial to break. Wrapping the cloth around a pole is just an easier way of looking at every x letters. It'd take about 2 minutes to brute force the value for x manually, a program with a dictionary could do it in milliseconds.

    • Re:If only.. (Score:5, Funny)

      by David Mazzotta (590711) <dzotNO@SPAMusa.net> on Tuesday April 18 2006, @12:14PM (#15150061) Homepage
      I'm just trying to imagine the look on Paulie Walnuts' face as you explain that.

      • Re:Wouldn't have helped in this case anyways... (Score:5, Interesting)

        by TubeSteak (669689) on Tuesday April 18 2006, @01:26PM (#15150801) Journal
        I think an appropriately shuffled deck of cards would be somewhat innocuous.

        If the police aren't looking for something like a deck-of-cards-as-key, then they won't find the key, all they'll find is a deck of cards.

        I only say this because I recall reading an article some years back about drug dealers storing their business information on USB thumbdrives & wearing them as necklaces or on keychains. The police would arrest the dealer, but since the police didn't know what they had, the thumbdrive was treated as any other possesion & sealed up till the dealer was released.

        You're still hiding your 'key', you're just hiding it in plain site & hoping no one sees it for what it is.

  • You didn't expect (Score:4, Funny)

    by WebHostingGuy (825421) * on Tuesday April 18 2006, @11:16AM (#15149356) Homepage Journal
    these people to be brain surgeons did you?

      • Re:You didn't expect (Score:5, Insightful)

        by qwijibo (101731) on Tuesday April 18 2006, @11:33AM (#15149537)
        A good leader would delegate tasks like communication security to someone who could do that well. However, I get the feeling that someone who dropped out of school at 8 and became a mob boss may not have been keeping up to date on the latest management training strategies. =)
  • He apparently wrote notes to his henchmen using a modified form of the Caesar Cipher

    To put that into computer terms, he ROT13ed the text. This sort of cipher was used by Caesar not because it was secure, but because most people couldn't read. Even those that could read undoubtedly lacked sufficient education to consider a cryptoanalysis of the text. But if someone does consider a cryptoanalysis, it is incredibly easy to break this cipher.

    Simply substituting the first letter with each letter of the alphabet allows for a brute force attempt at decoding by then replacing the rest of the letters with the exact same offset used on the first character. This method ensures that the message will be decrypted even if the alphabet has additional characters. (Either for purposes of obfuscation or additional information.) The only method that can be used to prevent an attacker from using this simple decoding method (you don't even need a computer!) is to mangle the alphabet somehow. For example, if the alphabet is backwards an attacker would have more trouble decrypting the cipher. Even then, however, a simple statistical analysis on the occurance of the letters would quickly decrypt the message and reveal the secret alphabet used.

    That being said, this particular mobster was smart enough to realize that a simple cipher like this would be insufficient to deter a decoder. So he attempted to confuse would-be attackers by using a number code to obscure names. I imagine that he thought that attackers would assume that he was using a codebook to keep track of the assigned names. Unfortunately (for him), his 8th grade education was obviously insufficient for him to know that his number sequences are very similar to compression techniques. Anyone with experience would note that the codes were far too long, and that the number 1 appeared quite often. Its appearance suggests that its a "trigger" for interpreting the next number differently.

    So there you have it, security through obscurity does not work.

  • High security. (Score:5, Funny)

    by Rob T Firefly (844560) on Tuesday April 18 2006, @11:22AM (#15149427) Homepage Journal
    Also seized from his rooms were records for bookies operations filling several Barbie diaries with real plastic locks, and hit orders folded tightly into paper origami footballs.

  • I AM.... (Score:5, Funny)

    by i_want_you_to_throw_ (559379) on Tuesday April 18 2006, @11:22AM (#15149433) Homepage Journal
    your kid sister you insensitive clod!

  • He should've at least read (Score:4, Interesting)

    by gregarican (694358) on Tuesday April 18 2006, @11:23AM (#15149445) Homepage
    this book [simonsingh.com]. I found it an enjoyable yet educational walk through the history of encoding/decoding. Cool stuff. I guess Sicilian mobsters typically aren't Mensa members...

  • OK , he doesn't know cryptography... (Score:5, Insightful)

    by Viol8 (599362) on Tuesday April 18 2006, @11:24AM (#15149452)
    ... but it still took the police almost 50 years to catch him
    so he must've been doing something right. I imagine the ceaser
    code was simply to prevent other knuckle dragging criminals from
    understanding the message, not a load of top crypto crackers
    at police HQ.

  • Keep my kid sister out!? Impressive! (Score:5, Funny)

    by 2short (466733) on Tuesday April 18 2006, @11:32AM (#15149535)
    "Discovery's cryptography expert describes it as a code that 'will keep your kid sister out'."

    Considering my kid sister is a mathematician at NSA... Hmm, maybe he meant a hypothetical kid sister?
  • Odds are if you were holding one of the Godfather's messages long enough to decipher it, that means you had to get it from someone in the mafia. They took these from him, which is one thing. Of course you can do that if you're the police/fbi/etc. and you've captured the boss. If you're just some shmoe, you can break the code all you want, the boss is still coming after you.

  • And the secret message is... (Score:4, Funny)

    by rehtonAesoohC (954490) on Tuesday April 18 2006, @11:37AM (#15149591) Journal
    Be sure to drink your ovaltine?!

  • Cryptography is not the important point (Score:5, Informative)

    by VincenzoRomano (881055) on Tuesday April 18 2006, @11:59AM (#15149868) Homepage Journal
    The (poor) cryptography used by Bernardo Provenzano [wikipedia.org] (more accurate infos in the Italian page [wikipedia.org]) was meant to be used only by himself to avoid possible sneakes by his waiters. That was enough.
    The important point is that he managed to stay at large, not as a fugitive, in the neighbourhood of Corleoni (Sicily, Italy) for almost 43 years without being noticed or identified and while still heading at full steam the Cosa Nostra [wikipedia.org]!
    So, as far as security and privacy is concerned, a good design can make poor technology rock!

  • Crude, maybe, but dumb, no way (Score:5, Interesting)

    by FishandChips (695645) on Tuesday April 18 2006, @12:09PM (#15149994) Journal
    We cannot be sure that Provenzano's crude attempts at a code were intended to foil the police. Why should he care? By now, several hundred Mafia informers (the pentiti) have already told the police just about everything you could think of. Besides, pencil and paper have turned out to be quite a good system, probably yielding a fraction of the information that electronic eavesdropping would.

    The coded notes are more likely have been intended to prevent his fellow mafiosi from getting too close and knowing too much. There was nothing dumb about this man's rule as a godfather. He evaded capture for forty years, rebuilt the organization after the disasters of the Riina years, retained power by remaining as invisible to his fellow mobsters as he was to the authorities, and simply survived into his 70s in a "profession" in which many are lucky to reach their thirties.

    Yes, it's good news that another gruesome killer is behind bars. But the more worrying question is why the godfather found it unnecessary to take more stringent precautions, suggesting that clearing out the Mafia-infested lands of Western Sicily and the corruption-prone "public works" economy still has a very long way to go. It's going to take more than a few smart remarks about cryptography to do that.

    • Re:Most interesting part... (Score:5, Interesting)

      by Sigma 7 (266129) on Tuesday April 18 2006, @02:01PM (#15151145)
      ...wasn't that he was using an obsolete code, but that the Italian alphabet is missing k, j, w, x, and y.

      Just how the heck can they express themselves without those letters? That must leave pretty big holes in their keyboards!


      For this, I turn to the advise of Mark Twain:

      A Plan for the Improvement of English Spelling
            by Mark Twain

      For example, in Year 1 that useless letter "c" would be dropped to be replased either by "k" or "s", and likewise "x" would no longer be part of the alphabet. The only kase in which "c" would be retained would be the "ch" formation, which will be dealt with later. Year 2 might reform "w" spelling, so that "which" and "one" would take the same konsonant, wile Year 3 might well abolish "y" replasing it with "i" and Iear 4 might fiks the "g/j" anomali wonse and for all. Jenerally, then, the improvement would kontinue iear bai iear with Iear 5 doing awai with useless double konsonants, and Iears 6-12 or so modifaiing vowlz and the rimeining voist and unvoist konsonants. Bai Iear 15 or sou, it wud fainali bi posibl tu meik ius ov thi ridandant letez "c", "y" and "x" -- bai now jast a memori in the maindz ov ould doderez -- tu riplais "ch", "sh", and "th" rispektivli. Fainali, xen, aafte sam 20 iers ov orxogrefkl riform, wi wud hev a lojikl, kohirnt speling in ius xrewawt xe Ingliy-spiking werld.


      He is completely correct - there's no need for letters if they sound like others. Bekause of this, I suggest that we should follow in his footsteps.

    • Re:IT Consultant (Score:5, Funny)

      by Motherfucking Shit (636021) on Tuesday April 18 2006, @10:39PM (#15154547) Journal
      I wouldn't think it'd be too hard to find a bent IT guy to give advice on security, encryption, what can be recovered from a hard drive etc.
      Hmm.. you're right..

      Hello, mafia! For $250K/year, I am an IT guy who can give advice on security, encryption, what can be recovered from a hard drive etc. In addition to IT, I enjoy pasta, Chianti, parmigiano, and pitted olives (preferably all in one night). Salary is negotiable if you can provide an "Italian woman," something I keep hearing about but, being a geek, haven't figured out the details of just yet.

      References available upon request.

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2009 Geeknet, Inc.