Cryptography during the French and American wars in Vietnam (P.2)

Phan Duong Hieu and Neal Koblitz Original article published in Cryptologia magazine, Volumn 41, Issue 6.

P1: Cryptography during the French and American wars in Vietnam (Part 1)

3. The American War (1961-1975)

In studying the history of cryptography in a war one must distinguish among different types of questions:

• Offense (SIGINT). What was the level of signals intelligence on all sides? To what extent were they able to benefit from intercepted communications of their adversaries?
• Defense (COMSEC). What was the level of cryptographic knowledge and practice on all sides?
• Strategic communications, which took place between command centers and major bases and were generally not very time-sensitive. How secure were the strategic communications of the different sides in the wars?
• Tactical communications, including real-time battlefield communications and preparations for battle. How secure were they?

3.1. U.S. COMSEC vs Vietnamese SIGINT.

Brian Snow started to work at the NSA in 1972, and eventually rose to be Technical Director of COMSEC (which at the NSA was later called the Information Assurance Directorate, IAD). In responding to questions about NSA policy on COMSEC during the war in Vietnam (Snow 2015), he stressed that IAD always used a worst-case — never a probable-case — analysis. They would not have made the mistake of underestimating Vietnamese cryptanalytic skills. Even without any confirmation that the Soviet Union or China was giving substantial help in cryptanalysis or that the Vietnamese on their own had developed high-level capabilities in SIGINT, the COMSEC people at the NSA would always assume the “worst,” and would insist from the beginning that the U.S. military use advanced cryptographic protection. This worked fine for strategic communications; the Vietnamese were never able to penetrate the strong encryption that the NSA provided.

Figure 3. The NSA’s NESTOR encryption device.

3.1.1. The tactical dilemma.

In about 1965 the U.S. started deploying an encryption device called NESTOR that had been developed by the NSA for battlefield use. However, NESTOR worked badly in the heat and humidity of southern Vietnam. In practice, most American battlefield communications were unencrypted or were informally encoded using jargon, ad hoc word and phrase substitutions, etc. Although many in the U.S. military believed that the Vietnamese would never be able to understand American jargon and informal codes in real time, in reality the NLF was often able to exploit insecure tactical communications by the U.S. military.

In a 1982 book by U.S. Army Lt. Gen. Charles R. Myer (the cryptographic sections were reprinted in Cryptologia (Myer 1989)), he tells of a raid on an NLF installation on 20 December 1969 that resulted in the capture of 12 cadres and large quantities of documents and communications equipment. By examining the equipment and “interrogating” (Myer’s word) the prisoners, the U.S. learned that with the help of “English linguists who were]an integral part of Viet Cong and North Vietnamese units,” they could “monitor and exploit virtually all nonsecure voice and manual Morse code communications.” Captured documents contained “extensive instructions on proper intercept techniques and detailed analyses of the communications procedures and exploitable weaknesses of U.S. and allied units.” When Gen. Creighton Abrams, commander of all U.S. forces in Vietnam, was briefed on this, he stated, “This work is really rather startling; the attention to detail, complete accuracy, and thorough professionalism is amazing. These guys are reading our mail, and everyone will be informed that they are.” But despite the efforts of the command to get U.S. troops in the field to use strong security for tactical communications, they continued to be very resistant, in part because of the tremendous difficulties they had with the KY-8, KY-28 and KY-38 NESTOR encryption devices. Myer concludes:

Signal security, particularly in voice radio transmissions, was a major problem area throughout the period of combat operations in Vietnam… All users of communications facilities were more or less aware of their vulnerability to enemy intercept, analysis, and decoding, and of the need for authentication and encoding. The gap between this knowledge and actual practice was immense, and in Vietnam it seemed at times an insurmountable problem.

Concerning the need for authentication, Myer explains that there were “numerous instances on record” of the NLF sending false messages. “In one case the enemy tapped the internal telephone lines of a defensive base and diverted reserve forces from the area where he [the NLF] attacked.”

Myer also tells of a case when a U.S. operator removed the cover of a KY-8 NESTOR to allow ventilation and cooling (since overheating was the biggest problem with these devices). “That improved the operation of the KY-8 but violated security by exposing the equipment to view and giving the enemy an opportunity to intercept intelligible signals.” The suggestion that the NLF was probably able to take advantage of a side channel in the NESTOR is “startling,” to use Gen. Abrams’ word. Imagine a halfcentury ago, in a guerrilla encampment hidden deep in the hot and humid jungles of southern Vietnam, an NLF SIGINT unit exploiting side-channel vulnerability of an NSA encryption device, and listening in on supposedly encrypted U.S. tactical communications!

3.1.2. Human intelligence.

As mentioned above, the Vietnamese were not able to cryptanalyze the strong encryption that the U.S./RVN used for strategic communications. (RVN stands for Republic of Vietnam, the name of the regime in the south that remained in power because of the American occupation.) Rather, the Vietnamese circumvented the whole problem by having a large network of secret agents with access to key sources of strategic and tactical information in the RVN military and security services, and even in the U.S. intelligence services, especially the CIA.

3.1.3 Phạm Xuân Ẩn (1927–2006).

After World War II the United States emerged as the superpower opponent not only of the Soviet Union, but also of left-led liberation struggles around the world. In particular, by the early 1950s the U.S. was heavily involved in supporting the French in Vietnam with money and mat´eriel. The leaders in Hanoi anticipated that once they defeated the French, they would have to deal with the Americans, who would not sit idly by and allow the unification of Vietnam under communist leadership. To be sure, the Geneva Accords of 1954 provided for nationwide elections to be held in 1956 to determine the composition of the government of a unified Vietnam. However, U.S. intelligence estimated that in such an election Hồ Chí Minh would win 80% of the popular vote (Eisenhower 1965). The elections were never held.

Although in 1946 Hồ Chí Minh had appealed to U.S. President Truman for support for Vietnamese independence, by the early 1950s the Vietnamese leadership was not so naive as to think that the U.S. would allow them to unify the country through elections. Rather, they knew that they had to expect the French war to be followed by an American war. They decided that it would be invaluable to prepare for this by having a highly-placed source of accurate information on American strategic and tactical thinking. They chose the young Việt Minh sympathizer Phạm Xuân Ẩn for this task. Ẩn became the most famous spy in the history of Vietnam.

In 1953 Phạm Xuân Ẩn was inducted into the Communist Party of Vietnam by Lê Đức Thọ. (who twenty years later was offered the Nobel Peace Prize along with Henry Kissinger for negotiating the Paris peace agreement; Tho. declined the prize). Ẩn was told to refrain from any activities that would identify him as pro-communist. In 1957 Ẩn was sent to the United States to study journalism, after which he went to Saigon as a key figure for the U.S. news media, especially during the crucial years of the war, when he worked for Time magazine. He was trusted by top CIA people as well as by key officials of the South Vietnam regime.

Ẩn’s career as a deep mole working for NLF and DRVN intelligence lasted 15 years, from 1960 to 1975. In secret he received sixteen medals for extraordinary service. On one occasion, after receiving Ẩn’s reports, General Võ Nguyên Giáp and President Hồ Chí Minh said, “Now we are in the Americans’ war room.” After the war, in 1976 Ẩn was named “Hero of the People’s Armed Forces of Vietnam.” He later rose to the rank of Major General, and when he died in 2006 he was given a war hero’s funeral. For more details about his life, see the two books in English (Berman 2007, Bass 2009), which make the case that he was possibly the most masterful and successful spy of the twentieth century in any country. We will return to the story of Phạm Xuân Ẩn when we discuss Vietnamese encryption.

3.1.4. Nguyễn Đình Ngọc (1932–2006)

Ngọc was a mathematician who worked under cover in Saigon and also rose to the rank of Major General (in his case this was a police rank, not a military one). He had several math and engineering degrees (all from France). In the 1980s he helped organize seminars in algebra, topology, and other areas. He was also a friend of the families of both authors.

During the American war Ngọc, who was fluent in English as well as French (in 1983 he translated the first public talk in English that the second author gave in Vietnam), circulated widely in the foreign community in Saigon and acquired valuable intelligence from them. He also had a brother who had a high rank in the RVN military. We do not know whether Ngo. c used his mathematical and engineering knowledge to strengthen Vietnamese cryptography. It is not even clear that he encrypted his own reports. One source (Phượng 2016) has suggested that he probably had a personal contact in Saigon (another spy) to whom he gave his reports orally, and then that person was responsible for transmitting them to Hanoi.

There were many, many other human intelligence sources working for the NLF and the DRVN. For the Vietnamese the main method for strategic intelligence gathering was through their extensive network of undercover agents, not through any cryptanalysis of the high-level ciphers that the U.S. used for strategic communications.

Figure 4. Photo on left: Phạm Xuân Ẩn (right) with General Võ Nguyên Giáp; photo on right: Nguyễn Đình Ngọc

3.2 Vietnamese COMSEC vs U.S. SIGINT.

3.2.1. Vietnamese encryption.

Merle Pribbenow, who wrote the report (Pribbenow 2014) cited above, retired in 1995 after 27 years working for the CIA as a Vietnamese language specialist. In an email (Pribbenow 2016b) he summarized the state of Vietnamese encryption during the American war as follows:

North Vietnam sent cryptographers and radio operators south … in the early 1960s … to upgrade the security of their communications with the South. The Vietnamese used several different systems during the course of the war, and upgraded their encryption systems several times. By the end of the war at least they were using a double encryption system, involving the use of substitution codes from a code book and then enciphering the coded message using a one-time pad.

In a follow-up telephone conversation he added: “The Vietnamese used both Morse code and voice for ciphertext, reading Vietnamese words by radio to stand for letters, much like the U.S. military’s use of Alpha, Bravo, Charlie,… for A,B,C,…”

A visit to the Cryptographic Museum in Hanoi provided some details. The Vietnamese moved through three general techniques during the three decades of war, denoted KTA, KTB, and KTC (here KT is the abbreviation of the Vietnamese word for “technique”). KTA was a conventional encryption scheme based on permutation and substitution, whereas the different variants of KTB and KTC involved some kind of double encryption. By the start of the American war KTC was being used; by the end of the war the Vietnamese were using KTC-5, where the 5 indicates the block length.

In the first stage of KTC-5 a word was encoded by dictionary look-up; a copy of such a dictionary is on display in the museum. A dictionary would be shared by many users, and when one was captured by the U.S., a new one would be issued immediately. In the second stage the encoding was encrypted using a one-time pad. This was a book, shared by only two users, that was printed in very small type, requiring a magnifying glass to read. The tiny book could be easily destroyed when there was a danger of capture. Printing these books was beyond the capability of Vietnamese presses, and so it was done in the Soviet Union.

The dictionary look-up method is especially suited for Vietnamese, because in Vietnamese all words naturally subdivide into component onesyllable words. For example, the word “attack” in Vietnamese is tấn công. The first step, using the dictionary that’s on display in the Cryptographic Museum, is to map tấn to the block afhbv and công to the block wxess, resulting in a 10-letter encoding for “attack,” which is then encrypted using a one-time pad. From our sources ¹ it is clear that the U.S. never could read KTC-encrypted traffic.

3.2.2. Invisible ink, and some questions.

During the years 1960–1975, when Phạm Xuân Ẩn was sending secret information from top U.S. and RVN sources, out of a total of 45 couriers employed for his messages 27 were captured and killed — and presumably tortured before they were killed. Yet the enemy never learned who the source of those messages was. At first one would think that this meant that all of his messages must have been strongly encrypted. However, we learned that, because Vietnam’s strong encryption was a slow and lengthy process, this was not the case.

According to our sources (Berman 2007, Bass 2009, Tư Cang 2016, Phượng 2016), what typically happened was the following. Ẩn would write his reports in rice-starch invisible ink on paper which he would then wrap around egg rolls. In a market he would give the egg rolls to his first courier, a woman by the name of Nguyễn Thị Ba, who also survived the war and in 1976 was named “Hero of the People’s Armed Forces of Vietnam.” Couriers would take the messages to the NLF center in the tunnels of Cu’ Chi, not far from Saigon. There NLF intelligence would apply an iodine-alcohol solution to make the ink visible, and then rewrite the text in invisible ink in two sections. One section would be a relatively short time-sensitive report; the other would consist of longer, less urgent reports. The first part would be carried to a broadcast installation and sent by strongly encrypted radio link to NLF headquarters in Cambodia. The second section would be carried on foot to the Vietnamese leaders in Hanoi.

This leads to an interesting question. Why was U.S. and RVN intelligence unable to determine the source of the unencrypted reports of the captured couriers? Could they have been unaware that the NLF was sending messages in invisible ink? On the contrary, according to Pribbenow (2016b), “The CIA and the South Vietnamese were well aware that the Vietnamese communists sent messages by courier using secret writing (invisible ink) and that these messages were usually unencrypted. The French had similarly been aware of the same thing during their earlier war against the Việt Minh.”

One possible answer to this mystery (Phượng 2016) is that the couriers could easily destroy the messages in various ways when they were on the verge of capture. This is a partial explanation. However, the year, location, and circumstances of capture of the couriers varied considerably, and it is hard to believe that in all 27 cases they were able to totally destroy the messages.

Another explanation might be that the first, highly sensitive section of the message perhaps was never captured. That was the part that was carried on foot only as far as Củ Chi and a nearby radio transmitter. The second part of the message was of a nature that was less likely to point toward a particular source — gossip about conflicts and changes within the RVN political and military establishment, general assessments and planning by the Americans, tensions in U.S.-RVN relations, political and military vulnerabilities, and so on. Such information could have been traced to many different possible sources, and U.S. intelligence was well aware that the RVN military and intelligence services were riddled with spies.

3.2.3. The tactical dilemma.

According to Pribbenow (2016a), the NSA and the cryptographic branches of the Army, Navy, and Air Force never broke any of the high-level ciphers that the Vietnamese used for strategic communications. However, the Vietnamese tactical communications were either unencrypted or weakly encrypted and easy for the NSA to read.

The problem for the Vietnamese was that encryption was very slow, and so could not be used if either (1) a vast amount of information had to be sent, as, for example, in 1967–1968 when personnel and mat´eriel were moving south in preparation for the Tˆe´t Offensive, or (2) information had to be sent extremely fast, as in the case of air defense. The NSA history (Hanyok 2002, Chapters 6 and 7) describes two key areas where SIGINT gave the Americans tactical benefits. First, starting in 1967, they were able to accurately estimate the numbers and destinations of liberation forces moving south on the Hồ Chí Minh trail. At the same time SIGINT traffic analysis was able to give the Americans a tremendous tactical advantage in the major battles in the Central Highlands that were preliminary to the Tết Offensive, notably the battle of Đắk Tô that lasted through most of November (Borrmann et al. 2013, pp. 40-42). (Actually, NSA officials claimed that, starting about two years earlier, they had been able to predict the date, target, and attacking units for most major NLF offensives through a combination of direction-finding and painstaking traffic analysis (Hanyok 2002, p. 539).)

Second, during the air war, signal intercept operators were often able to alert U.S. bombers about threats from North Vietnam’s air defense. By the late 1960s that air defense was a formidable network of air warning and tracking stations (visual and radar), anti-aircraft artillery (AAA) and surface-to-air missile (SAM) stations, and MiG’s. A complex web of communications had to be coordinated through the air defense headquarters at Bach Mai Airfield in Hanoi. As explained in the NSA history (Hanyok 2002, p. 237), “most messages passing over the communications system used low-grade encryption or encoding systems or were in plain language. This latter situation was due to the need for getting information quickly through the air defense system.” By the later years of the air war, U.S. SIGINT had become very efficient at analyzing Hanoi’s air defense communications and using that data to help American bombers get through. Vietnam did manage to shoot down many U.S. bombers. But they would have destroyed many more if they had been able to encrypt their air defense communications. Unfortunately, this was impossible.

During the Tết Offensive and during the air war, American SIGINT allowed the U.S. to inflict greater casualties and suffering, but of course this did not alter the outcome of the war

3.3. Conclusion: A surprising symmetry.

In the Introduction we commented that a common view of the American war in Vietnam is that, despite overwhelming technological superiority, the Americans lost the war because the “hearts and minds” of the people were on the side of their opponents. In view of the assumed vast technological inferiority of the Vietnamese, it is somewhat surprising that in a crucial realm of military technology — communications security and signals intelligence — there was a type of symmetry between the two sides. In both cases COMSEC worked well for strategic communications, but was woefully inadequate for tactical communications. The Vietnamese had, on balance, successes and failures that were similar to those of the Americans.

The Americans’ NESTOR encryption devices were well constructed to achieve the desired cryptographic functionality; they worked fine when tested at Fort Meade. But they worked poorly in the heat and humidity of southern Vietnam. The Vietnamese double encryption system was well designed and, it seems, was never broken. But it was too slow for tactical communications that had to be encrypted and decrypted in real time, and it could not be used to send large volumes of information.

We have also seen how the human element so often stands in the way of good communications security — the smug self-confidence of local American commanders who thought that the NLF linguists would never be able to understand American military jargon and informal codewords, the naïveté of the Việt Minh commandos who happily included the keyword as the first block of ciphertext. In retrospect, the huge disparity between the level of cryptographic knowledge at the command centers and the realities of tactical deployment in the field should not have surprised us, since we see the same type of disparities in the modern world of commercial cybersecurity. There is a fundamental reason why cryptography sometimes serves to level the playing field. Cryptography, like pure mathematics, is cerebral — there is no need for large capital investment. To have good cryptography, you don’t need to be rich; you only need to be smart. In mathematics, even in the unimaginably difficult conditions of the French and American wars, Vietnam has had a strong tradition (Koblitz 1979, 1990, and 2011), as exemplified by the eminent mathematicians Lê Văn Thiêm, Hoàng Tụy, and the Fields Medalist Ngô Bảo Châu. Given the high value that Vietnamese culture places on pure thought, it is not so surprising that they were able to come up with ciphertext that the NSA could not break.

Figure 5. Lê Văn Thiêm (photo on left), Hoàng Tụy (center), and Ngô Bảo Châu (far right).

4. An Unusual Story of Morality among U.S. SIGINT Operators

In a footnote in his book about Nixon and Kissinger (Hersh 1983, pp. 628– 629) the American journalist Seymour Hersh tells a remarkable story he learned from interviews with former United States airmen. The story was again reported (with only a few additional details) in an unredacted part of the declassified NSA history (Hanyok 2002, p. 418).

During the United States Air Force (USAF) “Christmas bombing” of Hanoi in 1972, a large group of intercept operators at two U.S. military intelligence stations — one in Udon, Thailand, and the other in Okinawa, Japan — conducted a “nil heard” protest over a 36-hour period. “Nil heard” is USAF jargon for “I hear nothing,” that is, “the intercept operator would claim that he could not hear the transmission of the station he was assigned to copy” (Hanyok 2002, p. 418).

As Hersh explains, from their vantage point in U.S. intelligence the men knew that, after Kissinger’s October 1972 statement that “peace is at hand,” Hanoi had started demobilizing air defense (the MiG’s), and was preparing the city for a big celebration of peace. In those circumstances, the Nixon– Kissinger decision to resume air attacks — presumably in order to terrorize Vietnam into making some last-minute concessions in the peace agreement — infuriated the men. They were so disgusted by the U.S. bombing of civilians that they refused to relay the intercepted communications between the air defense stations and their command. As mentioned before, real-time SIGINT by the USAF was a crucial strategy to reduce Vietnamese success in shooting down American bombers. The action of these men helped the AAA and SAM stations defend Hanoi.

According to Hersh’s sources, some time later secret courts-martial of the protesters were conducted in Taiwan (but the USAF to this day declines to confirm this and keeps its information about the incident classified).

The second author recalls his first visit to Vietnam in 1978, just three years after the end of the American war. He and his wife Ann were moved and saddened by an exhibit they saw on Khˆam Thiˆen Street that showed the total destruction of homes in the Christmas bombing. On 26 December 1972, 283 civilians died on that street alone. It was one of many horrible atrocities committed by the USAF.

The protest action by the USAF intercept officers probably prevented the number of people killed in the bombing raids from being even greater than it was. Those SIGINT workers faced a difficult moral choice: help save the USAF pilots from the anti-aircraft artillery and surface-to-air missiles, or help defend the innocent people of Hanoi from the bombs. They chose the second. There has been a lot of interest in recent years — especially since the Edward Snowden revelations — in moral and ethical issues connected with communications intelligence. Snowden himself is often seen as a rare example of moral courage of someone working “in the belly of the beast.” We now know that there are much earlier precedents for people making a bold decision at great personal risk. Almost a half century after the Christmas bombing of Hanoi we should pause to salute the SIGINT operators who showed morality and courage at a moment when brutal atrocities were being committed against innocent people.

Figure 6. Khâm Thiên Street soon after the Christmas bombing by the U.S. Air Force. We see what Gen. Curtis LeMay meant by “bomb them back into the Stone Age.”