 Thank you for the introduction, and I want to thank the organizers for inviting me to speak on the subject. This is joint work with Professor Fan Zong-hyo from the University of Limoges, and we'd both like to thank this group of people, this list of people for valuable insights and information on this topic. But I also want to say that in this talk I'll be expressing some opinions that are entirely my responsibility. Neither any opinions I say or any errors I might make are the responsibility of anybody named on this slide. Okay, now the first question is why speak on this topic at Asia Crypt? It's quite unusual to have an invited talk at an IACR conference on a historical subject. So that's the first question I want to answer. I'll give several reasons. Now modern cryptography has been U.S. dominated, and it's very common, especially in the developing world, to simply follow the United States and import cryptography from the U.S. And there's a lot of reason to think this is really unfortunate. Most obviously the Edward Snowden revelations show the danger in trusting everything that comes from the United States. And I think on the positive side these revelations show the importance and the value in developing independent expertise in independent commercial products in other parts of the world. So for that reason it's useful to be aware of strong cryptographic traditions that exist in other parts of the world. I think you could say that knowing about these traditions can give other countries in this region in particular the self-confidence needed to break free of U.S. domination and cryptography. That's one reason. There's another reason not to rely on the United States for anything. Starting next month, look who'll be running the U.S. government. Okay, so a second reason is that there are valuable lessons from history. For example, the importance of the human element and the importance of details of implementation as we heard from Nagya's invited talk on Monday went into a lot of detail about this. Historically, of course, there's from World War II, there's the example of the enigma machine whose design was actually quite good, but because of poor implementation and the human element it led to disaster for the Germans. Another valuable lesson of history is the importance of avoiding arrogance and overconfidence. I think that's especially necessary in our era where there's so much self-promotion and hype and we're under pressure to get grants and under pressure to publish a whole lot of papers. I think often scientific research communities, including the cryptographic research community, forget the lesson of history and need to be reminded of the need for humility. Third reason to study this is that a basic theme in modern cryptography, especially in the work of pioneers of public key cryptographies such as Whit Diffie and David Schaum and also John Gilmore of the Electronic Frontiers Foundation and Phil Zimmerman of Pretty Good Privacy. A big motive for them is the idea that cryptography can defend the ordinary person, the little guy, against powerful government agencies and giant corporations. So here, this is a sort of optimistic viewpoint about cryptography that it can be like in the biblical story of David and Goliath. It can be like the slingshot that David used to bring down the giant Goliath. And it's particularly relevant when we meet here in Vietnam because in the 20th century probably the best example of a David and Goliath situation was the Vietnamese victory over France in 1954 and over the United States in 1975. In her memoirs, Nguyen Thi Binh, perhaps the most famous living woman in Vietnam right now, she was Foreign Minister of the Provisional Revolutionary Government of South Vietnam and was the lead negotiator of the Liberation Forces in the South at the Paris Peace Talks. And in her memoirs that recently appeared, she refers to the story of David and Goliath and says that our friends admired the determination and sacrifice coming from a small nation standing up against a colossal empire and then she compares our narrative to the biblical story of David and Goliath. Okay, so let me start with the French War. Now, at first, in the early years, Vietnamese crypto was very primitive. It was not even up to normal visionare ciphers, it was sort of weakened version of them. But there was a lot of effort in the late 1940s to increase cryptographic knowledge among the Viet Minh. The Viet Minh was the national front fighting against French colonialism. There was a book that had appeared in Paris a decade earlier that was studied extensively by the Viet Minh in the late 1940s. And they put out their own training manual on cryptography, that was basically fundamentals of cryptography. Oh, for Vietnamese people, please, I apologize for my terrible pronunciation of Vietnamese names and words. I'm sorry about that. I've been visiting Vietnam since 1978, but I still have terrible pronunciation. That book is on display in the Ban Co Yo cryptographic museum in Hanoi. Ban Co Yo is the name of the Vietnamese government cryptographic agency, the analog of the NSA here, and they have a museum which displays this book. Now, one thing that was to the advantage of the Viet Minh is that French crypto in Vietnam in those years was also very primitive. It was also not very strong versions of visionare. That's kind of funny because, of course, visionare himself was a Frenchman and did very good work for his time, but that was 400 years earlier. So one has to wonder why didn't the French come up with something better to use on the battlefield in 400 years. So that's the first interesting question. One possible reason is that in those years Vietnam was very remote, very far from Paris in every conceivable sense. And the forces, the French who came here to fight against the independence movement were not the greatest intellects that France possessed. There's also human resistance using good crypto, in part laziness of course, but in part also because it was so slow. And we see, here's an example that my co-author Hugh found in the Paris Military Archives where he uncovered quite a bit of interesting documentation that at the end of 1953, still during the war there, the French military conducted a comparison of the time needed to encrypt a sample message using six variants of visionare that they were considering. And the time ranged from 17 to 44 minutes, so they recommended using the shortest of the six variants. And notice that the recommendation was based on speed, not security. So, the admin and French crypto were roughly the same level at this time, especially in the early years of the French war. Many secrets were captured and read. Now, at later stages, there were efforts to improve their security and at least the most high priority secret messages were usually sent securely, although many others were not. A leading expert on the French war, Professor Christopher Gosche in Montreal who was a good source of information for us, comments in his work that the Viet Minh was the only anti-colonial guerrilla force in the 20th century that had high level communications and intelligence. And that includes crypto in the sense that maybe not high level from our standpoint today, but at the time it matched and often exceeded those of the colonial power's forces. So that, for example, in Algeria, the liberation forces could not compete with the French, but here they could. However, in the middle years of the war, around 1950, even though there was a growing knowledge of crypto among the Viet Minh cryptographers at the center, at the central command, this was not always successfully transmitted to people in the field. I went to, last year, I went to visit the Hanoi Police Museum, which had a very interesting exhibit. The police museum includes material that in the West we would not think of as belonging in a police museum, such as information about the liberation struggle against the French. And one of the exhibits shows an action of Viet Minh commandos that in September 1950 destroyed the French ship Amiens Donville, which, and that thwarted a major French attack on the Tynewa Gheon, Hatin Liberated Zone of central Vietnam. So they were able to effectively defend the Viet Minh controlled, those three provinces that were largely Viet Minh controlled at that time, they could defend that against this attack. Now, the exhibit showed the cryptography they use, the actual instructions on cryptography, and I examined that for a few minutes and then thought, oh no, you know, this is terrible. So here, let me show you. It's not easy to read, but let me tell you, the first column has the Vietnamese alphabet, which is a modified Latin alphabet. Then at the very top, you might or might not be able to read the keyword, the visionary keyword is tin-hot, T-I-N-H-A, and then the five columns, label one through five, show the shifted alphabet using those letters. And then on the right, you have a sample message, 17 letters, the Vietnamese words run together, run to 17 letters, padded with O-O-O, so you have four plain texts on the bottom left here, and then the corresponding ciphertext over there on the right, the four five-letter blocks. So this is just like when I teach elementary crypto, just look what we do. Okay. And then, so this is what I described there, and then the next slide will show the next sheet of instructions that show the resulting ciphertext highlighted in a rectangular box. The first block of transmitted ciphertext is the keyword. Okay, so oops. Well, and it's nicely spaced, so you can easily see the keyword length. So, well, at least they didn't have a problem of key distribution. So, okay. But, okay, so we're laughing at, of course there's reason to laugh, at this blatant neglect of Kirchhoff's principle or any other principle of cryptography, but the fact remains that their attack on the French is one of the great successes of a secret guerrilla commando cell in the mid-20th century. So what's the explanation? Why didn't their poor use of cryptography lead to discovery and defeat? So one possibility is that the French never captured any of their communication, so they didn't really need cryptography at all. They could have just sent the plain text. Or maybe the French did capture something, but they're so ignorant, the French who captured were so ignorant they didn't know what they were looking at and they couldn't crack a visionare cipher even when given the key. In any case, I think it's clear that we can't conclude from the level of cryptography used in the field at that time by the Vietnamese commandos and the local French. We can't conclude much about the level of cryptographic knowledge at the command centers because they were so isolated there and it might have been that the problem was that the knowledge of cryptography at the command centers was not disseminated to the field. In 1990, the Vietnamese government wrote a long report on the history of cryptography. It was sort of leaked to the west. I don't think it was officially declassified in Vietnam, but it was leaked. And the NSA translated with the title, Essential Matters. I bought an e-book form on Amazon, which was a mistake because NSA, with all of its technological brilliance, does not know how to format an e-book. It's virtually unreadable, the formatting is so bad. I've never seen an e-book that bad. But there were some interesting things in it, not technical details about the cryptography they used, but more the people who were involved in the institutions and the importance that the leadership attached to cryptography. So a couple interesting facts that come out of this book. One is that the cryptographic branch of the People's Armed Forces of Vietnam was formed ten days exactly after the Declaration of Independence by Ho Chi Minh. It was a top priority. Another thing, in the late 1950, the year 1950, just a little bit after that incident with the blowing up the Am Yod Dambil ship, the Vietnamese sent their cryptographers to China for six months of training, and this greatly improved their technical level according to this report. Now, at this time in 1950, the Chinese experience was a great model, a great inspiration for the Vietnamese, and just a year before, the Chinese communists had defeated a Western-supported regime in an incredible guerrilla war. It was a major event in this part of the world, obviously. But there were differences in communications, because in the case of Chinese, the words first have to be either translated or transliterated somehow to a standard alphabetic language before encryption, where Vietnamese is written in a modified Latin alphabet, as we saw in that earlier slide, and so it can be encrypted directly, but not exactly the same way that some modifications were needed. And this was something that the NSA dealt with. There's a declassified report from the NSA called Vietnam Asigin Paradox that explains this question of the Vietnamese alphabet. They point out the Vietnamese cannot be transmitted by using standard international Morse code because of the peculiar letters and use of accent marks, so the NSA cryptolinguist had to learn what the Vietnamese had done to express the features of their alphabet in Morse code before tackling translation. They gave the example that the hooked O was rendered as O-W before put into Morse code, and the hooked U is translated into U-W. The letter W does not exist in the Vietnamese alphabet, so it could be used for a special purpose. And the NSA report went on to say that because the U-hook-O-hook combination occurs very often in Vietnamese, for example, my co-author's name, a lot of other names. It's very common, so they would abbreviate U-W-O-W to simply wow. So that was the first step before rendering it into Morse code and then encrypting it. But that's the closest that the NSA report comes to anything technical. And I should say that the NSA-declassified histories have been very useful to us, but they talk about other things besides technical details related to cryptography. So sometimes they're very useful for determining context, but not really for technical things. Another interesting thing that NSA report is that they conclude that as early as 1961, which was the very beginning of the American War, NSA analysts knew that our opponents were good at the cryptologic trade and maintained a healthy respect for the cryptologic abilities of the North Vietnamese. Well, in the 1950s, the main foreign help came from China until the late 1950s when the Soviet Union replaced China as a source of advice and assistance. But I don't want to minimize the role of China as a source of help in other areas. China continued to assist Vietnam in other areas, especially in air defense. And one thing that I didn't know about before doing research on this topic was that according to U.S. intelligence estimates that in the air war, in 1965-1973, over 5,000 Chinese advisors either killed or wounded by the U.S. Air Force. Pretty incredible. This was really a horrible time for Vietnam because of these air attacks. And in fact, there's a famous statement by the U.S. Air Force General Curtis LeMay said that he wanted to bomb the Vietnamese back into the Stone Age. And in this... There were quite a few Chinese advisors who were among the victims. Let me just make a brief statement here about this because, as I say, I didn't know about this earlier. It seemed that perhaps the history of the period that I'm talking about, the period of the French and American wars when Vietnam and China were close allies gives reason to hope that despite actions by China in later years it will be possible to find a peaceful diplomatic solution to regional tensions and restore relations of friendship and cooperation between those two neighboring countries. At least that's a fervent hope that I have. Okay, so back to the crypto and back to I want to continue with the Soviet assistance. That was a big project over a two-year period. In the late 1950s the leadership in Hanoi asked the Soviet Union for assistance in this area. The State Security Committee, the KGB supplied a lot of equipment and training over a two-year period. This project was called Vestok in Russian, which means East, and Phung Dong in Vietnamese. It was very successful by all accounts. And our primary, one of the main sources for this, emphasized this. It was a big project. Mural Pribanow has written about the relationship between Vietnam and the Soviet Union and especially and less about the relation with China. And he discusses that there was some tension and mistrust in both the Vietnam-USSR and the Vietnam-China alliance. And for this reason, partly for this reason, in cryptography the Vietnamese also used their own ideas and materials. He said that they were not dependent on the Soviets or Chinese. And this actually created problems for the NSA and the cryptographic branches of the US armed forces because of course they had for many years been analyzing and studying Soviet and Chinese cryptography. And when the Vietnamese carefully sort of tweaked it this made life more difficult for the cryptanalyst on the other side. Also, another thing he says is that the Vietnamese tended to upgrade their implementation rather frequently and this also created problems for the NSA. This is his report, Soviet-Vietnamese intelligence relationship during the Vietnam War. The Vietnam War is the American term for the American War in Vietnam. Subtitle is cooperation and conflict. Okay, so let me go on to the American War. When you study a historical question cryptography it's natural to separate offense and defense. So from the standpoint of offense were the Vietnamese able to intercept and read US messages or on the other hand defense were the Vietnamese able to send their own encrypted messages securely. Now for encrypted strategic communications by the US it's likely that the answer to the first question is no. They were not able to read US messages for two reasons. The first reason is the NSA's high estimation of the cryptographic level of the North Vietnamese government and the National Liberation Front in the south and this would have caused the NSA to instruct the US military that it must use a high level of communication security. Another source that confirms this is Brian Snow who's a retired NSA official. He started to work at the NSA still during the war the American War in Vietnam and he rose to be technical director of the NSA's information assurance directorate. I asked him when I was preparing when I was doing research on this subject I asked him whether during the American War in Vietnam the NSA might have assumed that the Vietnamese were technologically primitive and so the US military would not need state of the art encryption devices. Now he can't talk about specifics but basically he said no. He said his division of NSA always assumed worst case analysis and would insist the US military used the most advanced cryptographic protection in Vietnam. So that's the first reason to doubt that Vietnam broke enemy codes that it would have been technically very difficult to do so. But that's really just one side of the story. Brian Snow is a very good source. He's a person of great integrity and I think what he was saying was basically correct as far as it goes. However, there is another side of this and the other side is actually revealed in some of the declassified history by the NSA which is that in battlefield communications US communications were generally either unencrypted or were formally encoded using military jargon and slang and ad hoc word substitutions and phrase substitutions and that sort of thing. Now the reason for this is that this wonderful voice encryption device that the NSA supplied to the US military in 1965 called the Nestor device worked badly in the battlefield conditions in Vietnam and the southern provinces of Vietnam it's hot and humid most of the time and the devices were well designed formally speaking, I mean you could prove their security but they out in deployment they could not withstand, I'm sure they could withstand the weather conditions in Langley, Virginia but they could not withstand the weather conditions in the south of Vietnam. Here's a picture of it. Now many in the US military believe that there's sort of smug about this they believe that the Vietnamese would never be able to understand American jargon and slang and informal code substitutions in real time. However, in reality it became known that the NLF, the National Liberation Front was often able to exploit insecure tactical communications by the US. There's a very interesting book about this by Lieutenant General Charles Meyer that appeared in 1982. He talks about a raid on a liberation forces installation in December 1969 that resulted in capturing 12 guerrilla fighters and large quantities of documents of communication equipment and this was thoroughly analyzed by US intelligence. They analyzed the equipment and tortured the, well he used the word interrogate, that interrogated the prisoners. The US learned that with their equipment they also had English linguists by which he means Vietnamese working for the liberation forces who had extensively studied American English slang and jargon and American military slang and with the help of those English linguists who were an integral part of Vietnamese units they could, quote, monitor and exploit virtually all non-secure voice and manual Morse code communication. Captured documents, according to Meyer, contain extensive instructions on proper intercept techniques and detailed analyses of the communications procedures and exploitable weaknesses of US and allied units. The commander of all US forces in Vietnam, General Creighton Abrams, was briefed on this and concluded, you see a certain sort of grudging respect for the enemy here. This work is really rather startling, the attention to detail, complete accuracy and thorough professionalism is amazing and then he gave orders that US forces must improve their communication security. Well, despite his orders, US troops continued to be resistant to doing that because of the practical difficulties of using cryptographic equipment in the field. General Meyer concludes that although on the one hand all users of communication facilities were more or less aware of their vulnerability to intercept by the National Liberation Front analysis and decoding, end of the need for authentication and encryption, but the gap between this knowledge and actual practice was immense and in Vietnam it seemed at times an insurmountable problem. He tells of numerous instances on the record of the NLF sending false messages. So in one case, the Liberation Front tapped the internal American telephone lines of a US defensive base and diverted American reserve forces from the area where the National Liberation Front was going to attack by sending false messages. So this is a good explanation of the importance of authentication. Now here's an interesting case that Meyer tells about. A US operator removed the cover of a KY-8 model Nestor device to allow ventilation and cooling and this made sense because overheating was the biggest problem they had. However, that improved the operation but it violated security by exposing the equipment to view and giving the enemy an opportunity to intercept intelligible signals. In other words, a successful side channel attack. And this I find amazing. Just visualizing your mind's eye a half century ago hidden deep in the hot and humid jungles of southern Vietnam a signals intelligence unit of the National Liberation Front is successfully exploiting side channel vulnerability of an NSA encryption device and then listening into top secret US military communications. I think this is just really cool to think back that they did this. NSA also had a problem with side channel. Okay, now in contrast the National Liberation Front probably did not break the high level encryption that was used for US strategic communications. There's a second reason to think that breaking strategic encryption was not done and that's that the Vietnamese didn't have to do it. They had extremely good human intelligence sources. The most famous example of this is the master spy Pham Chuan Anh. And here's a photograph. He's on the right. On the left is the commanding general of all Vietnamese forces in that time General Vogue Nguyen Giang. He was inducted into the Vietnamese Communist Party Pham Chuan Anh was inducted into the Vietnamese Communist Party in 1953. Actually he was inducted personally by Le Duc To who about 20 years later was offered the Nobel Peace Prize along with Henry Kissinger. Le Duc To refused the prize. Henry Kissinger should have refused the prize. But anyway, so no one less than Le Duc To inducted him into the Communist Party was ordered to refrain from any activities that would reveal his communist sympathies. He was sent to the United States in 1957 to study journalism and then he went to Saigon as a figure in the US news media during the crucial years of the war. He was trusted by top CIA people. He was very close to some leading CIA people in Saigon as well as key officials of the South Vietnam regime. His career as a deep mole working for National Liberation Front and North Vietnamese Intelligence lasted during the entire American War. And in secret, it later became known actually quite recently that he had received 16 medals upon his death in 2006. It was revealed that he had received 16 medals for extraordinary service in secret. There is reported from people from the Central Committee of the Communist Party in Vietnam that after receiving An's reports General Vau Nguyen-Zamp and President Ho Chi Minh said, quote, now we are in the American's war room. In 1976 he was named Hero of the People's Armed Forces of Vietnam. He rose to the rank of Major General and was given a war hero's funeral when he died. There are two nice readable books about his life in English and they basically make the case that he was probably the most skillful and successful spy of the 20th century I also want to mention a mathematician who worked undercover in Saigon and also rose to the rank of Major General although in his case it was a police rank Professor Gwending Gauck who in his youth he studied math and several subjects of engineering in France. He spent many years in France in his youth but in the 1980s when I met him he was organizing seminars in Algebra and Topology and other things in Hanoi. He was a friend. He was actually a wonderful source of opinions and insights and information about what was happening in Vietnam in that time during my early visits to the country. During the American War, Gauck who was fluent in English as well as French he actually translated the first public talk I gave in Vietnam which was in 1983 was translated from English into Vietnamese by Gwending Gauck. Brilliant at languages. During the war he circulated in the foreign community in Saigon and acquired a lot of intelligence from them. He also had a brother who had a high rank in the South Vietnam military. But one thing I don't know about Gauck because during his lifetime he never, of course, never mentioned to me anything about his activities during the war. I don't know whether he used his training in mathematics and engineering to help the Vietnamese improve their cryptography. I don't know whether he played a role or not in the history of cryptography in Vietnam. There were many others. Perhaps An and Gauck are among the best known but there are many others. The second reason for doubting the Vietnam broke U.S. strategic codes is very simple. With spies like these, who needs cryptanalysis? Okay. With spies like these, they didn't want plain text messages from their spies captured and read. During the year, 15 years in Pham Chuan An was sending secret information from top American and South Vietnamese sources, there were a total of 45 couriers used to bring his messages to the command. 27 were captured, tortured, and killed out of 45. And yet Pham Chuan An himself, of course, was never discovered as the source of those messages. So that made me think at first that the Vietnamese must have used good encryption for his messages, right? Well, it turns out not really. And we have several sources. One thing that you and I went to a lot of effort to try to get opinions on and get as much information as we could because it seemed like a contradiction that people were telling us, no, they weren't encrypted and yet how could they have not been encrypted? Well, from what our sources it seemed that typically what happened was the following. First of all, Pham Chuan An would write his reports in a type of rice starch invisible ink on paper and then wrap them around egg rolls. He would then take them to the market where a woman named Nguyen Thi Ba who later became very famous after the war, in fact her pictures in the Vietnam Women's Museum, she was his first courier. In fact, she survived the war. She also lived, was able successfully to continue her work as a spy during the entire 15-year period. So the first courier he gave it to was the woman in the market. And then, this isn't quite, it's not that courier. She would then take it outside Saigon and other couriers would take it farther to the Coochee Tunnels, not too far from Saigon where Liberation Forces Intelligence had a place there and they would apply an iodine alcohol solution to the invisible ink to make the report visible and then they would recopy it also in invisible ink but dividing it in two parts. The shorter, most urgent, time-sensitive part and the more general strategic analysis and the part where Saigon on could be quite wordy and quite go into a lot of detail. So the urgent part was sent by strongly encrypted radio link from a nearby secret radio transmission station to NLF headquarters in Cambodia. The rest, the non-pun-sensitive part was carried on foot to the Vietnamese leadership in Hanoi. One thing about those radio broadcasts into Cambodia that I learned from Privenau was that what the Vietnamese did was they used words to stand for letters very much like the military uses U.S. military use Alphabeta Charlie or there's now a popular movie out called Whisky Tango Foxtrot in the name of that movie which at first might seem like a strange name for a movie that's just the military way of saying WTF. I won't say what that stands for. During a long telephone call in February I asked Privenau various questions. He told me about this and he also confirmed that the NSA and the cryptographic branches of the Army, Navy and Air Force never broke any of the high level codes that the Vietnamese used for strategic communications. However, Privenau said that the tactical communications were either unencrypted or else they were weakly encrypted and easy for the NSA to break. So there's a big contrast here between the strategic and tactical situation and that was already clear in the case of Pham Chuan Anh's reports that only some, a short only short part of his of his report would be encrypted. Most of it was not. So the question I was interested in was why was U.S. intelligence unable to determine the source of Anh's unencrypted reports given that 27 of the couriers were captured? Now one first question was were they unaware that the NLF was sending messages in Invisible Ink? Here the answer is no, they knew that perfectly well. Privenau said that the CIA and even the French before them were very much aware of the use of Invisible Ink by their opponents. Were the couriers able to destroy the messages quickly enough on the verge of capture? Well probably most of the time or perhaps most of the time, but it's hard to believe that all 27 were able to successfully do that before they were captured. Another possibility that might be the most likely answer is that none of the captured reports had elements that pointed directly at Pham Chuan An or gave clues to narrow the search. That is the unencrypted messages might have been of a sufficiently general nature, you know, sort of gossip about what was going on in the U.S. and South Vietnamese high circles in Saigon and things of that sort that there could have been a lot of possible sources and in fact U.S. intelligence knew that the South Vietnamese military and intelligence services were riddled with spies. So it was hard to narrow down the source. And the part that was transmitted by radio to Cambodia was never broken by the U.S. So if that urgent part of the message contained things that might have pointed to Pham Chuan An, that the U.S. was never able to determine. The source, by the way, Merle Pribbenow, he retired from the CIA in 1995. He worked for 27 years as a police language specialist for the CIA. And this is his summary of Vietnamese cryptography during this time. North Vietnam sent cryptographers and radio operators south in the early 1960s to upgrade the security of communications with the south. So they used several different systems during the course of the war and upgraded their encryption system several times. By the end of the war at least they were using a double encryption system involving the use of substitution codes from a code book and then in ciphering with a one-time pad above that. Now the cryptographic museum that Ban Co Yeo has displays such a code book and the way it worked was that each syllable of a Vietnamese word was converted to a five-letter block in the Latin alphabet. Vietnamese lends itself toward that because Vietnamese words break into syllables that are written in a clear cut way. So for example attack which is Tan Cong the first syllable was put in the code book that you studied at this museum into AFHBV basically random letters in the Latin alphabet and the second syllable into five other ones. Then a one-time pad which was shared just between two users was used. So the code book that told how to convert Vietnamese word into the random five-letter blocks that was shared among many users. That was distributed to many users. When a code book was captured by the US it would be immediately replaced by another one. But that did not have the highest level of security. However the one-time pad was just shared by two users and it was manufactured so that it could be swallowed if someone was captured. And it had to be printed in the Soviet Union because Vietnamese presses could not handle the printing job. And also it had to be read with a magnifying glass just a tiny type. There's an NSA history called Spartans in Darkness a nice title and it's available online. It has some very interesting information although the parts dealing with cryptography are heavily redacted. It gives to summarize the information in it it gives two key areas where signals intelligence gave Americans tactical benefits. First of all these are the two most important areas during the American war where the US got an advantage. Starting in late 1967 US obtained accurate estimates for the numbers and the destinations of liberation forces that were moving south on the trail in preparation for the Tet offensive of February in 1968. And during the air war they could intercept messages and alert US bombers about surface terror missiles that were approaching and approaching MiG so that they could take evasive action and break through the air defense around Hanoi and other targets. Now the problem for the Vietnamese was that encryption was very slow with the primitive technology. So tactical communications could not be sent securely if either a vast amount had to be sent which was true in the period when personnel and materiel were moving south in 1968 or when information had to be sent extremely fast as in the case of air defense. So that was really the fundamental problem. So Vietnam did manage to shoot down many bombers but they would have shot down more if they'd been able to encrypt all of their orders to the MiG pilots and the surface terror missile operators which unfortunately was not possible. So this meant that during the time of the Tet offensive and also during the time of the air war American signals intelligence allowed the US to inflict much greater casualties much greater kill. The tremendous number of liberation fighters were killed during the Tet offensive. It was a strategic victory for Vietnam but it was a very very costly one. Probably one of the reasons why it was so costly was because of US SIGIN and similarly during the air war the US relied heavily on intercepting surface terror missile communications especially. So to summarize the picture despite the technological superiority of American forces communication security was really approximately equivalent in the sense that it was good for strategic communications and bad for tactical communications on both sides. So in a sense you can say that crypto was leveling the playing field in the sense that Vietnam with photography sort of leveled off. So why was this? That cerebral. For good crypto you have to be smart. You don't have to be rich. And in mathematics Vietnam had a strong tradition exemplified in the 20th century by professors Levan Kim and Phuong Thuy and in the 21st century by Fields Medalist professor and Go Bac Chau. So given that Vietnamese culture has places such a high value on things like pure math. It's a very high value on pure thought it's not really so surprising that they could come up with ciphertext that the NSA could not break. And Gauche mentioned that among the anti-colonial wars in the 20th century the the French war for example was unique in that respect. And finally judging from last year's there's interest at Asia Crypt in the moral character of working cryptography. Now I'm not going to talk about that I don't consider myself to be an expert on moral issues and I think it's not always appropriate to lecture one's colleagues on what's moral and immoral anyway so I won't do that. But what I do want to do is conclude my talk by talking about something moral I found to be an inspiring example of the highest level of moral behavior among people working in communications intelligence. So I want to tell that story. This was revealed in two sources there's a book by a very famous American journalist named Seymour Hirsch the books about Kissinger and Nixon it's not about anything related to cryptography but there's a long footnote in it that reveals the story there's also a lot about this story or fair amount in a declassified 2002 NSA history of cryptography in the war although that's heavily redacted and there are only a few details added to Seymour Hirsch's account. So here's what happened during the U.S. Air Force Christmas bombing of Hanoi December 1972 with a large group of U.S. Air Force intercept operators at two intelligent stations one in Udon Thailand the other in Okinawa Japan they conducted what's called a nil-herd protest over a 36 hour period nil-herd in Air Force jargon means that you say I can't hear anything nothing's coming through from the station that they're assigned to monitor. These men were so disgusted by the U.S. bombing the war crimes that their government was committing that they refused to report the intercepted traffic they were hearing from the Vietnamese surface to air missile station. This is pretty incredible I knew I was amazed at this. According to Seymour Hirsch some of the men were so disgusted by what their country was doing that they cheered when they heard that a B-52 bomber had been shot down by the Vietnamese. Now there were reports. Now the U.S. Air Force continues to classify everything connected with this episode. But there were rumors or reports from Airmen that there were secret military trials of the protesters in Taiwan. Now the action of these men who were low ranking U.S. Air Force men they helped the surface to air missile stations defend Hanoi. And when I read about this it brought back some vivid memories of the first trip to Vietnam by Anne and me in 1978 just three years after the American war ended it was still you could see the devastation from the war. In fact, Noi Bay Airport where we all landed, the International Airport, at that time it was just a little airstrip. Around it you could still see the bomb craters that were at that time filled with water. When we drove in to town you could see the trees had white paint around them, a strip of white paint. We asked why the white paint. The reason was the moonlight reflecting off the white paint could guide the trucks because the trucks couldn't use light because it would reveal their location to the enemy so just thinking about this we also went to Ham Kien street now Ham Kien street toward the center of Hanoi about five kilometers from here to the south and now of course long ago it was completely rebuilt. When we went, I don't know if it's still there but in 1978 there was an exhibit that showed the total destruction of homes on Ham Kien street as a result of the Christmas bombing just on that street alone 283 civilians died on the day after Christmas in 1972 one of many many horrible atrocities committed at that time. Here's a picture taken soon after. You can see what General Curtis LeMay meant by bombing them back to the stone age. Okay now of course many of the bombers got through despite the Vietnamese air defense and many people were killed but I would it's reasonable to assume that the protest action by the US Air Force officers that resulted in more planes being shot down, more bombers being shot down must have prevented the number of people killed in Hanoi from being even greater than it was and think about this those signals intelligence workers in the Air Force, US Air Force faced an incredibly difficult moral choice. Either help save their pilots from the surface-to-air missiles or help defend the innocent people of Hanoi from the bombs. They chose the second. We were meeting in the same city 44 years later. I think we should pause to salute those men for their courage and morality at a time when war crimes were being committed against the innocent civilians. Thank you. Thank you Nile for the fascinates of it. Any questions or comments? One of the most famous incidents in the American war was the attempted rescue of prisoners of war by the Americans. They raided the ship where they thought that the prisoners of war were located but it had been emptied before the raid. Do you have any indication that cryptography or cryptanalysis played any role in this failed attempt? But it was not due to the Vietnamese breaking American codes that they evacuated the camp. For the broadcasted intelligence for the strategic stuff was it the case that they would transmit from locations from the north to Cambodia and then they had effectively location anonymity for receiving? How was it actually organized in terms of sending messages? With couriers it's clearly one person going to another person but with the radio transmissions when they're encrypted did they move locations before broadcasting? Well I would assume that the broadcasters must have moved must have been mobile broadcast units. They couldn't have possibly stayed because that can be easily traced by the enemy. In Cambodia I think they were relatively stable. It was until the US invasion of Cambodia later on they had essentially sanctuary in Cambodia. So I think they had a relatively stable location there. But I'm not sure. So remember last when you had conversation on this subject you asked yourself the question as to how the Vietnamese intelligence realize mean be aware when the message is deciphered by the American side. Would you have a question for that answer for that question now or is it unknown? Whether the Vietnamese intelligence was aware that when the Americans had broken the codes well as I said the high level codes were not broken but apparently they usually were able to figure out when the code books were captured. That was the main thing they had to worry about because the code books would be one step. If they could capture the code books and then they had couriers they could capture the one time pad so that must have they must have been able to get reports on that usually and quickly issue new code books but as far as breaking strongly encrypted Vietnamese messages that just didn't happen. But I'm not sure about how they would go about being sure to get to replace the code books quickly. I did have a series of questions that I prepared for people from Ban Co Yo last year and got some answers and the answers that I did get from them and from other sources are incorporated here but I didn't get answered to all possible questions. In the liberation struggle in South Africa the USSR also had helped a little bit with the math using modular addition essentially we did one time pads and what they constructed were little teeny booklets that had an explosive residue around them so they could light them on fire and explode them before they were captured by the South Africans and you said that it was very small in this case and they used magnifying glasses I wonder if you one know where in the USSR they were produced and maybe if the USSR made copies and two if they also used some kind of self-destruction mechanism that you got to see them. Well that's a good thought. I didn't get any information that would indicate that I assumed that they would swallow them but there's nothing in any source that I saw that indicated that it's a self-destruction mechanism but again that doesn't mean that there wasn't I just didn't discover that and yeah and I don't know where in the Soviet Union they were printed. It was just a technical thing the Vietnamese simply couldn't do it. It wasn't that other than just having better printing presses or more miniaturized printing presses in the Soviet Union there wasn't any other reason why it was sent to the Soviet Union to be printed. I just have a little question. If there is a war now do you think that Vietnamese would be able to match? Pardon? Well I think we've seen that my own opinion is that people often overestimate the capability of big powerful enemies like especially the U.S. I think one of the lessons to me of the Edward Snowden revelations in fact when I talked to Brian Snowden he soon answered that the first question I asked him wasn't he surprised that this was even technologically possible to study to steal 1.7 million top secret documents from the NSA? He said he was absolutely stunned he was just stunned by it and I think the most surprising thing about the Snowden revelations is that it was possible just imagine the level of incompetence of an intelligence agency for it to be possible for a consultant from outside the agency to just walk away with that number of secret documents and that fact I think should be encouraging to people in other parts of the world not to be too intimidated or not to overestimate the power of the NSA or anybody else and I think this story you know the NSA builds this Nestor encryption device it's wonderful cryptographically it has all the necessary functionality it wasn't broken it just mechanically was not suitable for the climate in Vietnam and that resulted in side channel attack so when you hear these stories I think it makes a little bit more confident that the NSA or similar organizations in other countries are not impossibly strong adversaries we can have confidence that even a relatively poor country or a country that doesn't have the infrastructure the U.S. has can be competitive in many areas even of military technology have the questions, comments please there are none let's take speaker again for the wonderful talk