April 20, 2006

Is Provenzano a Kindergarten Cryptographer?

I wasn't going to write about the crypto angle of Mafia Boss Bernardo Provenzano because it just seemed more popular science than serious financial cryptography. But the Mafia Boss needs some defence, not for his murders and brutalities for which I'm sure the Italians will do the right thing and incacerate him forever, but for the suggestion that he didn't know what he was doing.

He knew precisely what he was doing. First off, a report on the recent capture of the Mafia Boss of Bosses in Italy, copied from the cryptography list (edited for style):

It seems not everyone has gotten the message that monoalphabetic substitution was broken many hundreds of years ago. Excerpt:
The recently arrested "boss of bosses" of the Sicilian Mafia, Bernardo Provenzano, wrote notes using an encryption scheme similar to the one used by Julius Caesar more than 2,000 years ago, according to a biography of Italy's most wanted man.


The article is interesting and well worth reading:

Also known as "Binnu u tratturi" (Binnu the tractor) because of his reputation for mowing down people in his youth, Provenzano had been on the run for more than 40 years, many of them spent writing cryptograms on little pieces of paper, known in Sicilian dialect as pizzini. The Italian police found about 350 pizzini in Provenzano's hideaway. A few dozen of these notes contained requests to his family, such as having lasagne on Easter. All the others, featuring orders to his lieutenants, displayed numeric sequences that concealed the names of people.

What's going on here? Why isn't he using better stuff? Indeed:

"Looks like kindergarten cryptography to me. It will keep your kid sister out, but it won't keep the police out. But what do you expect from someone who is computer illiterate?" security guru Bruce Schneier, author of several books on cryptography, told Discovery News.

Indeed, no high-tech ran the Mafia network under Provenzano's rule. Top Mafia businesses were conducted on an obsolete Olivetti Lettera 32 typewriter. Pizzini were delivered by a chain of messengers. The fact that the boss code was rather straightforward may be explained by Provenzano's lack of education. It stopped when he dropped out of school at about eight.

Well, clearly the guy was a schmuck and could only just manage a manual typewriter ... but wait! There's one final clue. Back on the cryptography list, another post tries to analyse an older mafia case:

and a second data point, not everyone in the mafia chooses good passphrases;

a few years ago the government got a black bag warrant (once and a renewal) to install some still undescribed keystroke monitoring technology on nicky scarfo jr's pc, to find out the pgp key of a spreadsheet of a smalltime mafioso whose hard drive they'd already taken a copy of.

it turned out to be his father's federal prison number.

The password was clearly good enough to force the Feds to go for the black bag operation, so it did its job. However, the real clue here is that because Scarfo put all his reliance in PGP, he was vulnerable to an attack on his PC. The PGP was perfect, the algorithm was uncrackable, but all that falls to dust the moment the feds get in and take over the machine. Your agent is perverted.

Which takes us back to Provenzano. He knew that the use of secure ciphers brought in a new risk - it makes him vulnerable to whoever knows more about the PC and the software than him. Which is numbered in the millions, when you come to think of it.

On the other hand, if he used pencil and paper, his risks sink right down: he knows and controls the pen and the paper. He can destroy the pen, and instruct recipients to eat the message. His only risks then are the delivery system and the recipient, both of which are securable with simple strategies.

Provenzano knew his threat model. It included his kid sister which explains the use of the simple codes. Obviously he didn't want the people in his household, nor his messengers, gaining too much information by reading the pizzini they might have found. His kid sister wasn't going to copy the pieces of paper because if she was caught with the evidence she'd become his ex-kid sister. But she could memorise names, and hence Provenzano used a simple code to futz with the memories of those around him.

Italians are noted for making simple things into works of art. Like a real italian pasta dish, Provenzano had a perfect understanding of his threat model. It worked for him for 40 years ... and even the occasional breach, as posted on the Internet, did not seriously impact his operation.

He may have been using kindergarten cryptography, but he was a maestro of security.

Posted by iang at April 20, 2006 09:11 AM | TrackBack

Reasonable doubt thats all one needs. Are they rants of a mad man or coded messages? Now prove that beyond any doubt. In hiding for fourty years due to his lost mental state to guard his family from the shame associated with mental illness or coded messages from a master mind of criminal activity. Run the code and see if all the messages have significance or the person fro whom the message was drafted for had that understanding. So even if they are coded messages it has to be proven in court and in that lies the case of a Mafia Chief or a crazy old man hidden to reduce the impact of shame on his loved ones. Prove the murders and theft, just because someone is in hiding does not mean the state has made a case. Omerta cuts two ways it leaves doubt.

Posted by: Jimbo at April 20, 2006 10:10 AM

Evidence derived from crypto is worthless in court unless a direct result can be tied to the information. But the code breakers forget one thing if one event tied to a coded message deviates from the decoded messages instructions then the theory applied to the coded message is in question. Unbreakable code is no where to be found but misdirecting the intent of the message is fairly easy. So if Vinny gets a message from Vito to kill Guido and he buys a ham sandwich instead of killing Guido the intent of the decoded message might have meant to buy a ham sandwich. Kill Guido could easily be an inside joke and understood to mean that a sale of quality pork products was availible and should be exploited.

Posted by: Jimbo at April 20, 2006 10:26 AM

> The recently arrested "boss of bosses" of the Sicilian Mafia, Bernardo
> Provenzano, wrote notes using an encryption scheme similar to the one
> used by Julius Caesar more than 2,000 years ago, according to a
> biography of Italy's most wanted man.

Sicilian mafia also uses mobile phones that change their IMEI numbers on every call (like it really does something)... and they paid a lot of money for them too. Apparently they "don't believe in encryption".

Posted by: Ruptor at April 20, 2006 02:05 PM

I wouldn't call him a security maestro: he failed to destroy the pizzinis. Why would he keep them around?

Posted by: Daniel A. Nagy at April 21, 2006 05:31 AM

Daniel, certainly that is an open question, and it would be good to study the system in more detail. One would think that if he hadn't seen the danger in that after so long, then there might be a reason why he didn't destroy them. Maybe as Jim suggests, he was deliberately leaking them to see what happens...

Another open question was the use of the old typewriter. As we know, all typewriters have "signatures" ... It's an interesting problem to speculate on what the best method is to send a written message across a leaky channel.

Posted by: Iang at April 21, 2006 05:44 AM

Doing a mobile phone version where you could pre-load a series of prepaid sim cards (i.e. extract whatever needed to emulate the presence afterwards!) so that after each call you could change sim cards without having to do so physically, would be a big challenge. Being reachable while changing sims and imei all the time would be the biggest challenge, I guess...

Posted by: BM at April 21, 2006 05:46 AM
Post a comment

Remember personal info?

Hit preview to see your comment as it would be displayed.