New technologies, especially the pervasive proliferation of advanced computer systems and networks for creating, storing, processing and communicating information, are undoubtedly cause for concern to those responsible for national security. However, the fact that information is critical to national security and must be protected, and that the failure to do so may have profound consequences for nations and the course of geopolitical history, is anything but a new problem. Security affairs analysts have, in fact, understood the importance of information security for centuries. Aeneas the Tactician of Greece described in one of the earliest books on military science, On the Defense of Fortified Places, a system of cryptography. The Spartans used military cryptography as early as the Fifth Century B.C. Later, Julius Caesar tells in his Gallic Wars of using enciphered messages, and Suetonius implies that secret messages were routinely exchanged by the Caesars.¹

Military history between the Gallic wars and the World Wars cites thousands of examples of the use of cryptography and many, many cases that illustrate the power of cryptanalysis in resolving battles, crises and even the course of wars. Consider the fall of Rèalmont to Henry II of Bourbon, Prince of Condè. When, during his siege, Condè had a secret message from the town intercepted and decrypted that reported the town's desperate need for munitions, he simply returned the deciphered message and the town surrendered. The incident captured the attention of Cardinal Richelieu, who found cryptology to be admirably suited to the political and diplomatic games in which he engaged on behalf of the French Court. This led to the hiring of Rossignol by the King and the renaissance of modern cryptography as an enabling technology for geopolitical intrigues well as military victories.²

For the United States, information security has played a key role³ since even before the birth of our country. Dr. Benjamin Church, Jr., a Boston physician, friend and colleague of our founding fathers, and the Director of Hospitals for the newly formed nation, was apprehended in late 1775 using a monoalphabetic substitution cryptosystem to send information on the "American ammunition supply, on a plan for commissioning privateers, on rations, recruiting, currency, a proposed attack on Canada, artillery that he had counted at Kingsbridge, New York, troop strength in Philadelphia, and the mood of the Continental Congress."⁴ Church had been spying for some time, for it turned out that information he provided, undoubtedly in encoded form, to General Thomas Gage, the then British Commander, led to Gage sending troops to capture the American stores at Concord and arrest John Hancock and Samuel Adams. Paul Revere and William Dawes were enlisted by Dr. Joseph Warren, who had learned of the British plans, to ride to Lexington and Concord and warn the citizens. Revere reached Lexington first and Hancock and Adams were taken to a safe hiding place while the minutemen made ready to fight the British. The battle of Lexington that followed began the American Revolution.⁵

Failures of information security practices and procedures have had a profound influence on the development of the United States and on the role of our country in the evolution of world order. President Lincoln and Major General George B. McClellan successfully used a transposition cipher created by Anson Stager and improved by Samuel H. Beckwith to protect messages during McClellan's successful campaign in West Virginia and later as commander of the Army of the Potomac.⁶ In contrast, the Rebels let each commanding officer chose his own codes and ciphers, some of whom actually chose Caesar substitutions to protect their orders. The most used cipher among Southern commanders was the Vigenère, which, while theoretically sound, is plagued by practical problems caused by transmission errors and is susceptible to intuitive cryptanalysis.⁷ The Confederacy's problems were compounded by their senior command authorities using only three keywords throughout the entire war.⁸ Union cryptanalysts enjoyed a significant amount of access to what the Confederates hoped and believed were secret communications. The South's failure to protect critical information undoubtedly contributed to many Yankee victories.

Days earlier, on the 13^th of September, two Union soldiers, Sergeant John M. Bloss and Private Barton W. Mitchell, discovered an envelope containing three cigars wrapped in a piece of paper lying in the grass.⁹ The document turned out to be a copy of General Robert E. Lee's orders for the Invasion of Maryland. It was not encrypted.¹⁰ The order, issued on the 9^th of September following a conference among Lee, Jackson and Longstreet, was addressed to General D. H. Hill, and the order probably was carelessly used by one of his staff officers to wrap his cigars which then fell from his pocket and was lost. As a result, McClellan knew precisely the location of the pieces of Lee's separated army. With that information, he could push through the South Mountain passes and destroy Lee's army before they reunited. McClellan wired President Lincoln on the same day, declaring, "I have all the plans of the rebels...."

Strategically, on the other hand, Antietam was a disaster for the South. It ended Lee's first serious attempt to bring the American Civil War to the North. It also gave Lincoln the victory he needed to issue the crucial Emancipation Proclamation, and probably doomed the Confederacy's hopes for European recognition and support. After the Seven days' and Second Mannassas battles, England and France had been on the verge of openly declaring their support for the South. England especially had always been sympathetic to the Southern cause. A decisive victory for Lee on Northern soil could have won them over. By signing the Emancipation Proclamation, Lincoln changed the agenda of the war from the preservation of the Union to the eradication of slavery. England and France had recently abolished slavery, so they could not very well openly support the pro-slavery Confederacy.¹¹

Had the writer of the order, Lee's Adjutant-General Col. Robert Hall Chilton, properly encrypted it, McClellan would not have been as sure of himself and consequently would have been even less aggressive than he was. Lee, having been rejoined by Stonewall Jackson after the fall of Harper's Ferry and being well-screened by Jeb Stuart's cavalry, might have arrived unmolested at Gettysburg with plenty of time to take the best positions and set up favorable fields of fire, drawing the ever-hesitant McClellan into a battle there on Lee's terms. A decisive victory for the South could have earned European diplomatic recognition and convinced a majority of voters in the Northern states to repudiate the Lincoln administration in the elections of 1862, ending its policy of restoring the Union by force. Confederate independence might have been secured, and today you might need your passport to travel from Maryland to Virginia, all as a result of poor information security.¹²

The information security failure at Antietam, however fortunate for the Union, is not an isolated incident in history. The Russian failure at Tannenberg in August of 1914 saw the complete destruction of two Russian armies by a single German army half their combined size. This decisive victory was the direct result of the intercept and exploitation of Russian communications, which were broadcast totally in the clear as the battle progressed. The German commanders knew exactly what the Russian plans and orders were, often before the Russian officers received them from their own command. The Russians had failed to distribute military ciphers and the associated keys so that neighboring units within each army could not communicate securely, much less could the two armies coordinate a complex pincher attack unheard. In the end, 30,000 Russians were killed or missing, 100,000 were captured, one of the two Russian armies was devastated and one simply ceased to exist, all at the guns of the smaller but more mobile German army with its infinitely more secure communications. David Kahn says, "The case was clear-cut. Interception of unenciphered communications had awarded the Germans their triumph."¹³ The message of Tannenberg to security analysts could not be more clear, "Be sure of your information security or you lose!"

As at Antietam, more than the battle was lost at Tannenberg. Despite the Tsar's attempts to dissuade Germany from war, when the German advances made war inevitable the Russians had hoped for a quick victory, rapid penetration of Prussia, and "victory by Christmas." The response at home to their staggering loss at Tannenberg was anything but salutary. Every day In St. Petersburg at the office of the Russian General Staff, long lists of the dead were posted and great crowds of women gathered to read and weep.¹⁴ "The numbers of dead rose within the first five months of the war to the highest in modern warfare, creating an ever-widening circle of war widows and war orphans, of bereaved parents and grieving relatives and friends."¹⁵ The demoralization of both the troops in the field and the populace at home created a fertile ground for the Bolsheviks to till.

The Bolsheviks mounted a massive campaign against participation in the war. One Russian Army report said that 'super-human efforts' were required to keep the men from deserting. General Poplivanov, the Minister of War, said "Demoralization, surrender and desertion are assuming huge proportions."¹⁶ The Germans began to help by picking out the revolutionists from the prisoners of war, there being by August of 1915 over one and a half million from which to choose, and sending them home with money and false passports to cause trouble. In September, there was a riot of wounded soldiers in Odessa who were to be returned to the front when their wounds healed. That same month, the International Socialists, meeting in Switzerland, issued a manifesto that demanded peace and promoted class warfare throughout Europe. Prominent among the Russian delegates were Vladimir Lenin for the Bolsheviks and Leon Trotsky for the Mensheviks. Other antiwar protests were stirred up by the communists in Rostov-on-Don, Astrakhan, and St. Petersburg.¹⁷ As 1916 arrived, the Germans gave a million rubles to the Bolsheviks to be used in spreading antiwar propaganda throughout Russia.¹⁸

Every setback contributed to the antiwar sentiment and fueled the communist cause. At Nikolayev and St. Petersburg ports were shut down because of workers' strikes. By October and November, there were strikes throughout the Rodina demanding an end to the war. The Russian Army was by this time incapable of further offensive action.¹⁹ Back at home, the Duma tried desperately to shore up the collapsing support of the citizens for the war effort through patriotic speeches and bills designed to reduce the corruption characteristic of Russian officials.²⁰ But nothing worked and by 1917, the government was using troops to suppress antiwar demonstrations. Munitions workers stuck in Petrograd in March (February 18^th by the Russian calendar). There were riots in the streets and panic over roumors of food rationing, and more strikes. When Cossack troops were ordered to disperse the demonstrators, they refused to do so. Other troops did open fire and civilians were killed. On March 12^th (February 27^th) the soldiers of Petrograd joined the rioters and control of the capital was lost. On March 15^, 1917, the Tsar was faced with complete loss of any control over the government or the army. The last domino fell in the sequence that had started with the information security failure and consequential loss at Tannenberg, and Nicholas abdicated, effectively bringing to an end a dynasty begun in 1613²¹ and laying the groundwork for the formation of the Soviet Union.

The Japanese objective in June of 1942 was to completely destroy the American carrier fleet and assure their control the Pacific. For their purposes, Midway Island, with its two tiny islets, had little intrinsic value, but its strategic worth was incalculable. Winning Midway would have given the Japanese a naval base from which they could control the central Pacific. Moreover, in taking Midway, Admiral Yamamoto sought to lure out and destroy the remainder of the American fleet, which had been seriously enfeebled at Pearl Harbor. A victory would have further emboldened Japan, and left Hawaii and the West Coast vulnerable and panic stricken. President Roosevelt and General Marshall would have had to reconsider their "Germany First" policy, and could not have undertaken the offensives they planned in the Pacific. A more defensive strategy on the part of the United States would have left Japan free to advance southward and isolate Australia, securing her access to the riches of conquered territories with an impregnable defensive ring. Had their plan worked, the course of the War, if not its final outcome, would have been drastically altered.²²

Fortunately for the United States, Japanese policy stressed the importance of communications security, but their practices and procedures implementing that security were slipshod. American cryptographers had broken the Japanese codes and were even capable of manipulating Japanese communications to increase understanding of Japanese plans. On May 20, 1942, the Japanese plans for an attack were intercepted by the Americans and over the next few days were deciphered. The actual location of the attack was given as "AF" in the message, which the cryptanalysts believed was Midway. But the very existence of the American fleet and the course of the War were to serious to risk on less than a sure thing, so the Americans had a plaintext message transmitted indicating that the fresh water distillation plant had broken down on Midway Island. Two days later the Japanese obligingly reported in their transmissions that "AF" was short of fresh water, and the locale of the battle was fixed.²³

Because of the Japanese failures at information security, and the American successes at cryptanalysis, Admiral Nimitz had detailed knowledge of the Japanese plans for the battle of Midway. Nimitz was able to use the advantage of surprise that Yamamoto depended upon but lost to American cryptanalysts, which cost the Japanese a contest that could have been the completing victory for the Japanese in the drive begun at Pearl Harbor to control the Western Pacific, forced them to shift from an offensive to a defensive strategy, and turned the tide of the war. John Keegan says that Midway "restored a Naval equilibrium in the Pacific in 1942."²⁴ RADM Edwin Layton says, " Midway proved to mark the beginning of the ebb tide for Japanese naval power in the Pacific."²⁵ Kahn calls Midway a cryptologic victory "more crucial to the course of history than any other [cipher] solution except that of the Zimmermann telegram."²⁶

5 See Kahn, Codebreakers, pp. 176 and http://library.advanced.org/10966/data/lexnton.shtml.

DanRyan@danjryan.com

This web site is designed to provide authoritative information with regard to the subject matter covered. You may make one copy only of the materials presented here for your personal, non-commercial use. For commercial use, including using the materials presented here as part of a course you teach, contact me for royalty information. The information on this web site is provided for your information only and should not be relied upon as legal advice. Nothing transmitted from this web site constitutes the establishment of an attorney-client relationship between you and Daniel J. Ryan, Esquisre. Please remember that laws may differ substantially in individual situations or in different states, so you should never rely on legal or other materials from this or any other website without first seeking advice about your particular situation from an attorney licensed to practice in the appropriate jurisdiction. I cannot and do not guarantee the accuracy of any information you find by following the links you will find on this web site. Nothing contained at this web site should be construed to constitute a recommendation or endorsement of any company or firm, product, service, or web site.

Copyright Dan J. Ryan 1991 -- 1999 All Rights Reserved

    Web Design By

   Julie Ryan, Inc.