OCR of the Document

View the Document >>

National Security Agency, Cryptolog Vol. 11, No. 2-3, February 1984

OJUJUV0OJUJ k l BlDli3DU UJ l W B r D BU B $ D B B $ B OO $ D $ f OO D B l1 DUl 1B1 U JI1 J l 5 rnw D1J0D4 ---_ _-----_ _-------_ _------------- ADMIRAL A 1 NEPENIN FATHER OF MODERN '1 RUSSIAN NAVAL INTE LIGENCE U ooooooooooooo THE CRYPT BUG U 1 ooooo ooo 2 USER-FRIENDLY WRITING U o ooooooooo 3 NATIONAL SUPERCOMPUTING RESEARCH CENTER o oooooooo 6 SHELL GAME TIME SHELLS U ooooooooooooooooooooo W E S oooooooooooooooooooooooo 9 David H WiUiq' ns 12 NSA-CROSTIC NO 53 AUTOMATED INFORMATION SECURITY U ooooooooooooo 1ooooooooo 15 CRYPTOLOG 1983 INDEX U oooooooooooooooooooooooooooooooooooo o iooooooooooooo 21 1 U kjBBliliQ i BBiSI SSIFY S l NBA M l d Sf i in4t in hgeae 's QeeeFsiaaeiea 8 wiF@Q Declassified and Approved for Release by NSA on 10-16-2012 pursuant to E O 13526 MDR Case # 547713 ern 4009895 Published by PI Techniques and Standards FEBRUARY-MARCH 1984 VOL XI No 2-3 PUBLISHER BOARD OF EDITORS Editor Asst Editor Production I 963-30455 J 963-1103 $ 1 963-336 s 1 Collection Computer securit y 1 Cryptolinguistics 1 Data Systems Information Scienc e 1 1 963-3961s j I 859-6 044 963-1103s 963-4953s 1 I 963-5711s Mathematics 968-8518s Puzzles o av d H wiIIiamd963dl03s Special Research Vera R FilbYc 96 -7119s Traffic Analysis Robert J Hanyok 968-8418s 1 L n n % i al' V J Editoria' As an agency we Ii ve today on yesterday's discoveries Today's output which pays the bills around here is based largely upon technical breakthroughs made sometime in the past Most of our people are working to produce today's results but here and there most 1yin back rooms there are a few scattered people doing the discovery work We used to call them break-in artists They are busy making tomorrow's production possible and in a very real sense making it possible for tomorrow's bills to be paid Once in a while one runs across I whole cluster of this discovery work It is s if a renaissance had broken out in one particular shop A whole group of people seem to be bubbling over with invention intuition and discovery It is an exciting place to be when it happens There used to be one or two managers who seemed to have such a renaissance around them wherever they went They seemed to have the knack of creating an atmosphere that fostered discovery that encouraged breakthroughs P L 86-36 To submit articles or letters by mail to PI Cryptolog via PLATFORM mail send to cryptolg at bar1c05 bar-one-c-zero-five note no '0' in 'log' Contents of Cryptolog should not be reproduced or further disseminated outside the Nat ional Security Agency without the permission of the Publ isher Inquiries regarding reproduction and dissemination should be directed to the Editor I can remember studying those managers to see if I could emulate their evident ability to stimulate the discovery process I can remember going to manage ent courses and reading various books on the latest fads in management styles looking for clues about how to generate the atmosphere that discovery and creati vity seem to need I can't remember finding much that was useful it seemed to be easier to talk about things that were easier to count or measure For an outfit that depends so much on break-in artists we ought to worry about finding grOWing and managing tomorrow's crop Perhaps we already are '0' ' ' ' ' ' aCID 4009895 Felt BFFIelJlrb 6SE BUb ADMIRAL A 1 NEPENIN FATHER OF MODERN RUSSIAN NAVAL INTELLIGENCE U P L 86-36 by I he history of Russian military affairs has been one of incompetence mixed with flashes of brilliance The brilliance has usually been in the form of individual military shakers and movers who have risen to the occasion with determination and forcefulness to carry through their goals come what m iY to the end One might include Marshals S6vorov and Zhukov or Admirals Senyavin and Gorshkov in this category However there is one individual although he is little known in the West who as a shaker and mover might be said to be the father of modern Russian naval intell igence Admiral Adrian Ivanovich Nepenino W Nepenin in his capacity as Chief of the Baltic Fleet's Communications and Intelligence Service both prior to and during World War I built the naval intelligence organization into a formidable arm of the Russian Navy and ultimately established ioots which have carried over into the Soviet era Adrian Ivanovich Nepenin was born 21 October 1871 in Pskov Province Russia He entered the Russian Naval Academy in 1885 and graduated in 1889 In 1898 he was assigned to the Far East Fleet In December 1904 Captain 2nd Rank Nepenin was assigned to command the destroyer STOROZHEVOJ at Port Arthur During the war with Japan Nepenin was captured and spent the last part of that war as a POW in Japan Between 1905 and 1910 Nepenin held various ship commands in the Baltic Fleet Feb 84 li'QR Originally prepared as an Appendix to the author's article on Communications Intelligence and Tsarist Russia which appeared in the Jan 84 issue of Cryptolog In 1910 after much thought Nepenin sent a plan for reorganization of the Communications and Observat ion Service of the Bal t ic Fleet to Admiral Nikolaj Ottovich von Ehssen Commander-in-Chief Baltic Fleet Admiral von Ehssen liked Nepenin's energetic idea for the Communicat ions Service and in 1911 appointed Nepenin as Chief of the Communications Service Nepenin probably made Captain 1st Rank at this time Over the next few years under Nepenin 's guidance and direction the Communications Service--almost alone within the Russian Navy --achieved a high esprit de corps among all its personnel By October-l9lS Nepenin had achieved the rank of Rear Admiral for his efforts His admirers included not only his own men but even foreign allies assigned to Russia during the war During a visit to a Communications Service airbase in the Baltic in 1916 Admiral' Sir Richard Phillimore British Naval Representative to Russian General Staff Headquarters STAVKA 1915-16 was quoted as telling the Communications Service officers and men CRYPTOLOG Qli'FISh Page liSE QUY y aCID 4009895 FOR 8FFISlhb YSK QHbi Everything is excellent in our British Navy ooo except that we do not have such an Admiral as your Nepenin who knows everything l On 6 September 1916 largely on the basis of his Communications Service record Nepenin was offered and accepted the command of the Baltic Fleet along with the r ank of Vice Admiral Nepenin' s time as CINC however was brief with little opportunity to carry out his ideas on reorganizing and revitalizing the spirit of the Fleet On 15 March 1917 while on his way to meet with a group of disgruntles sailors near the Helsingfors Railway Station Nepenin was killed by a shot from behind by either a mutinous sailor according to the Soviet version or a German agent dressed in the uniform of a Baltic Fleet sailor Russian emigr version 2 Al though Nepenin' s period on the stage of History was brief he left an indelible imprint on the development of Russian naval intelligence in the 20th century ' I I I I I I I I I I I I I I I I I by I I I I I I P L 86-36 I I When all good folks are sound asleep I And all the rest are counting sheep I He concentrates on cipher text I And contemplates ways most complex I To render an approved solution FOOTNOTES 1 2 Apparently Sir Richard forgot in his remarks about Admiral Reginald Bl inker Hall of Room 40 OB fame Dudorov Rear Admiral Boris Petrovich Dudorov in the emigr journal Morskie Zapiski The Naval Records New York See also The Russian Navy in War and Revolutionby G K Graf Munich R Oldenburg 1923 pp 119-121 and The Russians at Sea by David Woodward London WillGm Kimber 1965 pp 181-182 For the traditional Soviet negative view of Nepenin from 1916 as suppressor of the Revolutionary in the Baltic Fleet see Pavlovich N B editor Flot Pervoj Mirovoj Vojne The Navy in World War 1 2 vols Moscow Voenizdat 1964 Vol I p 241 I I I I I I I I I I Of some obscure substitution While all the world is sleeping snoring Loud enough to rip the flooring He derives much satisfaction From the spatial interaction Of poly-graphic frequencies And isomorphic sequences Of characters on paper slips Better know as sliding strips I I Slides them West and tries the Chi test I Slides them East and tries the Phi test I Clamps his pipe tight in his mouth I I I I I I And grimly slides them North and South And if success eludes him then Tears them up and starts again Meanwhile the clock ticks on and on Until at long last comes the dawn ' I As the milkman rattles by I He is heard to heave a sigh I I I I I Slowly piles the work sheets higher Calmly throws them on the fire Having proved one simple fact There can be do doubt of that-As suspected all along I Everything he did was wrong I I I I I I from Signal Corps Bulletin No 109 July December 1940 I I Feb 84 CRYPTOLOG Page 2 aCID 4009895 Human Factors USER-FRIENDLY WRITING U _________lpI3 W e have seen and heard a lot lately about our writing Our Director has made a special point of urging us to write more clearly and directly A hard-hitting article on the same topic may be found in the November 1983 issue of CRYPTOLOG pp 13-18 A number of services are available to help us improve our communication Skills including courses at the School and the new Write-Line The quality and effectiveness of our writing and speaking is far more important than many of us seem to realize in spite of these management initiatives Unfortunately our writing will only get better if we care about it and feel that it matters I am not going to launch into a long article about good writing or how to improve our writing That has been done already by many others I will mention two sources that I have found particularly useful But I feel that good clear writing is an important human factors issue and I'd like to say a few things about it in these Tech Notes P L 86-36 As a reader I am a user of your paper or report jus t 1ike a user of any other tool The paper probably says something I need to know or I wouldn't have picked it up If you create long intricate sentences choked with jargon you are putting major obstacles in my way You are making me spend far too much of my time and energy to get your meaning Sometimes your sentences are so compl icated that you lose your own way through them so how can you expect me the reader to understand them I know that you don't set out to mystify the reader on purpose I believe that scientific and technical writers have certain basic misconceptions about writing some or all of these they probably learn from their teachers at colleges and technical schools many of whom are also apall ingly bad writers Let 's take a look at some of the faulty assumptions that may give rise to the bad writing technical people so often produce If I say it simply people will think I'm uneducated I read a lot of technical papers and research reports and I edit my office's Monthly Research Summaries I am sorry to say that I have seen a great deal of very bad writing It is bad because it is not userfriendly I am going to direct my comments to anyone out there who writes the kinds of prose I have to fight my way through each month in our Research Summary Feb 84 People in technical fields have gotten so used to a certain very heavy convoluted style of writing that simpler writing just sounds inappropriate and anticlimactic to them Even if they are just telling us that they debugged a program or checked out some minor electronic gadget they feel they must sound like a candidate for the Nobel prize CRYPTOLOG Page 3 FSR SFPlSfkb eBB SUb 4009895 P6ft 6PFfefA-b eSB 811b verb further away from the reader until the meaning disappears in a comfortable mist I have seen some cases where the subject and main verb never arrive at all In many cases the writer has forgotten whether the subject was singular or plural or even what the subject started out to be by the time he gets to the main verb It's a real help to the reader when you put the main subject and verb at or near the beginning of the sentence Don't get into the habit of writ ing English as if it were German If I say it simply people won't know it's important Many people seem to think that the length of their words and the complexity of their sentences are a direct measure of the importance of the topic I use a Kleenex to blow my nose but I utilize the computer because the computer isa lot more expensive and important than a Kleenex or my nose I might make it easie ' for the cat to use the litter box but I feel I must facilitate user accessibility to project X If I say it simply I won't be able to hedge and fudge Technical and scientific people are masters of the art of hedging their bets To some extent this is necessary and justified we have a professional obligation to specify the degree of significance of a result the reliability of a statement or the statistical context of an event We have to convey these matters to our readers at those times and places where they are important and appropriate Unfortunately the hedging gets to be a habit so that it infects all our writing and shows up in lots of places where it serves no purpose I suspect that the long sentences starting out with endless strings of subordinate clauses arise in this hedging habit Each subordinate clause is like a safe little fence to push the bald direct subject and Feb 84 A frequent error I see in technical writing is the dangling participle The long string of subordinate clauses at the beginning of the sentence often starts with a participial phrase that does not refer to the real subject of the sentence Strunk and White reference 2 below say A participial phrase at the beginning of a sentence must refer to the grammatical subject po 8 As the reference states sentences violating this rule are often ludicrous for example Being in a di1apidated condition I was able to buy the house very cheap Even when they aren't ridiculous dangling participles are confusing and sloppy This kind of writing doesn't impress a careful reader with the quality of the writer's thinking My readers are all experts in my field and know the jargon Perhaps this is true if so I think the writer is making a mistake What about managers in other organizations that might make use of his ideas They may be familiar with the field at a global level without knowing all the buzzwords and abbreviations he tosses off in his report What about technical people in related fields They may have a similar problem with some of the jargon Finally I maintain that jargon and alphabet soup are far too often a lazy substitute for thinking If we understand what we are doing we should be able to express it clearly with a minimum of jargon When I am talking to someohe who throws a lot of alphabet soup and jargon at me I make a point of asking pol itely for one or two definitions or expansions Very often I get a blank look a silence then Well gosh now that you ask I don't know CRYPTOLOG Page 4 F8R 8FFIS1 o' BeE 8U15 ern 4009895 Oh EVERYBODY knows what that means The remarks in paragraph 4 apply to this one too I came across the phrase repartitioning the functionality in a recent research summary I very much doubt that everybody knows what that might mean and I'm sure that some simpler clearer way could have been found to express the idea whatever it was If I simply say 'somebody did thus and so ' I am leaving somebody's posterior alarmingly uncovered We seem to think it is much safer for all concerned to use the passive voice Nobody DID it It just happened It was done That also sounds much more impressive like an act of God it rained there was light We've also had it hammered into us throughout a technical or scientific education that we must always be objective The worst sin in the world is to be personal or sub jec tive That's another reason why we avoid the active voice like the plague and prefer passives or impersonal constructions like there were indications that and it is apparent that These constructions make our sentences needlessly complicated right at the start harder for us to write and harder for the reader to read At their worst they can totally obscure the meaning In closing I'd like to stress one final point writing matters It matters HOW something is expressed Engineers and mathematicians know that the formal systems they use mathematical and scientific notation models and methods are powerful tools Computer systems people hold up certain standards for writing good code and for the efficient economical use of programming languages Technical people respect those tools and appreciate the value of elegance and economy in their use Natural language is another tool jus t as powerful and deserving of respect Unfortunately too many technical and scientific workers tend to ignore or look down on natural language They don't think of English as a tool that can and should be used with elegance and skill Their mathematics may be beautiful and their programs may be clear and economical but if their writing is messy their minds are likely to be a bit messy too The exercise of stating something clearly and directly in good plain English can often clear up the mess for the writer as well as his readers References Just Plain English Department of English US Air Force Academy Colorado 80840 no date Strunk W Jr and E B White The Elements of Style New York Macmillan 197-2- Here's a sample of user-unfriendly prose to illustrate the needless syntactic tangles and sloppy semantics of bad writing In addition to examining the use of and designing a gadget for a frammus for project GLITCH the use of a widget for project Foa was also studied Exercise find the subject of this sentence Here's a better way of saying it We designed a gadget for a frammus for project GLITCH and examined its use We also studied the use of a widget for project FOO I am still unhappy about the vagueness of studying the use of gadgets and widgets Does the writer mean tryout the gadget to see how useful it is Or does he mean observe operators using the gadget and study how they use it Maybe he means perform various experiments to see if there is any point in trying to use the gadget When we look closely at this sentence we see that it doesn't convey much meaning to the reader unless he already knows all the intimate details of the projects and equipment Feb 84 i'oa CRYPTOLOG Page 5 OFFIGL J Q8El8UbY 4009895 FQR QFF1S1tk HSS QNhY NATIONAL 1Q 9 Q 9 SUPERCOMPUTE RESEARCH I CENTERu 1 1 b P L 86-36 Introduction U A Nat ional Supercomput ing Research Center is important to NSA because it will help us to solve many future supercomputing problems The word supercomputing simply means the intelligent use of the most powerful computational tools currently available Such a center will probably solve these problems better than we have done before and in a way to help other national defense efforts as well It will do this with outside people and outside money But we need to fight for it a In-house NSA Highly classified special projects b Defense Parallel Processing Laboratory DPPL Medium-level classified work on massively parallel processing for national security in the next decade c NSRC largely unclassified lab for percomputing hardware and software research with special emp1iaSis on support of d Regional Computational Facilities RCFs An unclassified program to provide supercomputer access to academic researchers 'Background U The Chief Scientist of NSA Mr Kermith Speierman was asked by DIRNSA to formulate NSA recommendations for DoD regarding supercomputer initiatives The Speierman Committee was formed to develop those recommendations and reported to the Director in the autumn of 1983 urging four functions for a federal supercomputing initiative to help supercomputing Feb 84 U The in-house function is already being performed and will continue If no other initiatives are acted on RCFs will be partially done by the National Science Foundation NSF and the Department of Energy DoE laboratories under existing plans The really new features are the DPPL and NSRC But the DPPL seems to be on its way to receiving acceptance Therefore this art ic1e is dedicated solely to justifying the NSRC CRYPTOLOG Page 6 oP8ft 6PPlelkC HSE 61fhi ' aCID 4009895 FSR SFFleIl 8S SN The vendors typically supply poor operating systems and FORTRAN After all operational software is not their main interest and something really sophisticated is quite beyond their current capability The result is that the users either get substandard performance from their machines or have to develop new operating systems and languages usually different from anybody else's Possible Objections to the NSRC U The major objections to a new independent NSRC are four 1 No need because of current open research 2 The DoE labs could do this and they want to 3 An intense open research program would transfer information and techno logy to the outer world and 4 Suggestions for an NSRC would arouse opposition from DoE or the President's Office of Science and Technology Policy OSTP and thus possibly imperil the whole initiative U I believe that objections 1 and 2 are essentially false as stated and that 3 and 4 are true but can still be handled Objection 1 D The DoE labs have developed their own operating systems with a line editor and complicated user commands that would be unsuitable for NSA The NSA supercomputing environment--i e the I Isystem and IMP language--is powerful and easy to use Yet it cannot be the general supercomputing standard for various technical reasons In addition it is difficult to transfer to different machines If we soon have a wide variety of supercomputers it will be impossible for us to maintainl lIMP on all without a great increase in the number of systems programmers DNIX C may become the de facto standard since it will soon be available on almost all supercomputers However we see it as having inherent inefficiencies that make it difficult to use the full power of the computer when we wish to P L 86-36 D One possible response is to put this problem in the DPPL or keep it in NSA by using more people But the systems programming problem is essentially unclassified How much better to free up NSAers and DPPLers for classified work and put systems software in the NSRC where it will be serving an independent need anyway support of the regional centers Driven by a variety of applications from academia with a few clever interns from the labs and NSA bringing the best of their methods the NSRC could have a resounding success Specifically they might well develop once and for all a portable easy powerful environment that could be used by all and enhance the vendors' products at the same time And the really great thing is the leverage we get by having this work done by other people with others' money Similar statements could surely be made in the other areas of NSRC emphasis besides languages and operating systems Le algorithms hardware technology architecture numerical analysis artificial intelligence and graphics U This objection is that no radically new efforts in unclassified supercomputing research are necessary because of existing work in government industry and academia However a look at specific examples e g operating systems and software shows how inadequate the current efforts really are Feb 84 CRYPTOLOG 6ft 6FFIElltlJ h SB Page 7 SUbY 4009895 FSR SPPISlkb HSS Sll'bY Objection 2 Objection 3 U Los Alamos National Labs would dearly love to have the functions o the NSRC However even a casual glance at their record must produce skepticism inasmuch as U The Speierman federal init iative would result in some information transfer to outside However since the outside world is no longer very far behind us the real question is what will be the marginal increase in harm as opposed to what would happen anyway weighed against the potential benefits to us Since the in-house programming and the DPPL are classified the only threat comes from the regional centers and the NSRC The regional centers should provide only computat ional access at the end of a telephone line and that only by grant Thus the foreign graduate student in astrophysics could get time to study galactic structure but he could not dump critical software and he would have to break the terms of his grant to study cryptography on the sly The NSRC itself should be physically restricted to US nationals since it will have at least company proprietary and possibly classified information The problem with the NSRC is that useful hardware and software work will eventually become public After all the people there will be developing very powerful unclassified operating systems My contention is that the outside world is catching up anyway It is far better to have them trying to get up to the level of our unclassified base a few years after us than for us to have an unclassified base behind that of other countries and to try to build our classified technology from it they get relatively poor performance from their Crays the current standard supercomputers l they have a clumsy operating system l they discourage assembly language modern high-level languages and they have relatively few experts partly because they have not encouraged as NSA has scientific personnel to become relatively sophisticated and U Maybe they will change if the labels on their doors are changed but I doubt it And I doubt that even safeguards written into new terms of reference or even a change of location would really change their modus operandi If Los Alamos gets the NSRC then I predict that the whole effort will be irrelevant to NSA and we will be back to having to use many NSAers and DPPLers to do unclassified work Objection 4 U If the NSRC is worth having it's worth fighting for We should not regard it as a political chip to be bargained away for DoE support for the whole initiative The best approach is to keep trying to persuade the interested parties especially DoE that the NSRC is in their best interest too They also will get leverage from having the NSRC solve their problems Feb 84 CRYPTOLOG Page iOi Qi'FI L'1m HSS SinN 8 CID 4009895 iOB Qiil l b HSB 6NbY SHELL GAME byWES TIME SHELLS U ou may not have noticed but the time function on our UNIX systems has been converted to GMT or ZULU time The other day the phone rang and the voice at the other end said The boss would like to see you at 2 45 today II Since I was on the system and probably would be for most of the day I typed in remind 2 30 See boss at 2 45 and finished with a control-D Then being a cautious sort remind has sometimes had a mind of its own I typed in 'delrem' and looked at what the system thought i t was going to do By now you have guessed that the system operating in the time zone of the mythical kingdom of ZULU had stored away my ' wake up call as 1430Z So much for modern efficiency date %H I t expr $t - 05 I t date TIME %H %M %S ZULU $t %M EST What 1 had n' t real ized was how much the 'date' program had changed since UNIX Version 6 Since Daylight Saving Time runs from the last Sunday of April to the last Sunday of October I added some commands and the shell now looks like this date %m I a date %d I b date %w I c expr $b - $c - d switch $a 'standard time' 11 Now 1 don't really mind using ZULU time but it's just three more things to remember the summer difference the winter difference and which are we in right now Frankly I'm still trying to remember all my PIN numbers how many bank cards do you have and all the password s to the various sys tema and a couple of door combinations and ooowell you get the idea Every time 1 get another one of these important things to remember I forget something trivial like a birthday or an anniversary So I went looking for some way to get the system to keep track for me What I found were two shells one short and sweet and the other much more involved Here is the first one called tyme Feb 84 CRYPTOLOG 12 01 02 03 e S f 05 breaksw 'last Sunday in April change' 04 if $d -ge 24 then e D f 04 breaksw else e S f 05 breaksw end i f 'daylight saving time' 05 06 07 08 Page 9 Fea eFFl81tm HSB 8Nb7 PQ QPPiSlhh GSK QNb DOCID 4009895 09 goto start Bob Jones P14 3369-s 5741-s -- 04 Mar 83 See list of variables at end of file start date %H t date %d d date %j I c expr $t - 5 I 1 expr $t 3 I m expr $t 09 I k expr $t 11 I f if $k -gt 23 then expr $k - 24 1 k expr $d 01 I a expr $c 1 I b else expr $d a expr $c 0 I b end if if $f -gt 23 then expr $f - 24 I f expr $d 01 I g expr $c 1 I h goto skip else expr $c 0 h g $d expr $g 0 g end if skip if $g -It 10 then g O$g else end if if $ i -It 10 then d O$d else end if if $h -It 100 then h O$h else end if if $b -It 100 then b O$b else end if if $f -It 10 then f O$f else end i f if $k -It 10 then k O$k else end i f if $a -It 10 then a O$a else end if if $1 -It 10 then I 0$1 else end i f if $m -It 10 then m O$m e D f 04 breaksw 'last Sunday in October change' 10 if $d -ge 25 then e S f 05 breaksw else e D 04 breaksw f end if endsw date %H I t expr $t - $ I t date TIME %H %M %S ZULU $t %M E$eT 0' At the other end of the LS '1C' a l e -'_I f q 1Junnd p 1t h4 e shell ' timel' written by JI It begins in the following cofumn P L 86-36 L The original version of Bob's shell uses reverse video to set up a rather startling display on the screen It will also clobber your terminal if you try to use it across the network If you get the original version you could insert a test to see whether the terminal of the user WaS a network terminal something like switch $t X-Z change to net-friendly version ooo endsw depending upon how the network terminals labelled on your host Then all you need second version of those lines that have verse video replacing them with whatever artistic heart desires are is a reyour After some discussion we decided to print the shell without the inverse Video in the interests of minimizing the chaos around the TSS community Feb 84 CRYPTOLOG peR epPi8ilfb aBE Page 10 eN 1 aCID 4009895 else goto rundate end i f rundate pump -G date echo date echo date echo date echo date echo pump LOCAL--- DATE %Ii %h %y TIME $1 %M EST JULIAN DATE %y%j ZULU---- DATE %Ii %h %y TIME $t %M Z JULIAN DATE %y%j MOSCOW-- DATE %Ii %h %y TIME $m %M C JULIAN DATE %y%j KOREA--- DATE $a %h %y TIME $k %M I JULIAN DATE %y$b FIJI---- DATE $g %h %y TIME $f %M L JULIAN DATE %y$h -G exit 'VARIABLES- refered to as $t $m etc --t or $t system hour d or $d system ' 'date c system Julian Day l local time m Moscow time k Korean time 'f Fiji Time The following are computed if the time is after 2400 -- ' 'a Korean Date b Korean J Day g Fiji Day and h Fiji J day ' 'Other computations such as 'if $m -It 10 then' place a zero in front of ' '$m' This and the statements such as 'if $h -It 100 then' are' 'required because the math functions will drop leading zeros ' -G -- Rings Terminal Bell' Bob also has a version of this that runs on the IBM PC in living color I'm sure he would be happy to let you have a copy of either version These shells are more for than anything else and that is which they are presented here the first shell does not add a When the local hour is less than demonstration the spirit in For example leading zero ten and will Feb 84 PeR probably do something weird if the local hour is less than 5 The third shell doesn't quite understand what to do at the end of the month and the 31st day in the land of ZULU may become the 32nd in some other time zone If some reader comes up with a good fix we will be happy to print it CRYPTOLOG 6FFE6EL S6S Page 11 QN 4009895 FQR eFFISEtH eSE 6lftJY P L 86-36 N 1 -Qtrusttr # 53 Feb 84 CRYPTOLOG Page 12 In case you were born on February 29th -Leap Year Day -- well then Happy Birthday to you too OCID 4009895 P L 86 36 Feb 84 Page 13 aCID 4009895 FeR eFFISIlrbijSS SUbY BE PART OF THE PROCESSing CRYPTO-LINGUISTIC ASSOCIATION LANGUAGE AUTOMATION COMMITTEE presents Translator Transcriber Work Station Are you uow using computer power in your language activities Will you be using it soon Feeling frustrated intimidated or uninformed about language automation in your office At the TWS Work Shop you can learn about current and future computer systems express your ideas share your concerns 4 - 7 June 1984 2W087 0830-1100 1300-1530 1300-1500 Monday Tuesday Wednesday repeated at Thursday Wrap-up All interested Green-Badge personnel invited See you there Feb 84 CRYPTOLOG Page 14 i aCID 4009895 I Computer Security Guidance This article is extracted from the Department of Defense Computer Security Center's 000 CSC responsetotHe' I1SMC The Marines had requested colliputersecurity guidance and evaluations of several architectural plans That pa erwas authored by Chi ef of the Applications EVi3Juatjons Systems Office with aid from IChief Scientist 000 Computet Security Center and Col o USAf Deputlj Di rector 000 Computer SeCurity Centei the CONSEC policy procedures and 9vidance were supplied CONSEC Doctrine and Threat Assessment oOffice A Policy Requirements C omputer security requirements derive from the need for the informat ion processing system to control access to classified information These requirements are described more fully in the DoD CSC Trusted Computer Sfstem Evaluation Criteria 15 August 1983 1 Briefly such systems are required to implement the following I I _ I byll MARKING - An ADP system which is used to process or handle classified or other definitely categorized sensitive informa tion shall clearly store and maintain the integrity of classification or other sensitivity marking labels for all information The system shall assure that the classified or other sensitive information is accurately marked when included in output from the ADP system I I CONS C Standards Evaluations Office and L o Jr COMSEC Applications Office for this publication minor editing and revisions mostly to delete USHCspecifics were done byl Chief Operational Systems Evaluation Division 000 Computer Security Center I been determined to have for the information MANDATORY SECURITY - The computer system must enforce the formal system of information control reflected in the security lassification designation and special handling restriction set associated with the sensitive information handled or processed by the ADP system together with the clearance set associated with the individuals who may request access to the information DISCRETIONARY SECURITY The computer system must enforce access limitations placed on classified or other sensitive information based on identified individuals or groups of individuals who have Feb 84 anj a Need-to-Know ACCOUNTABILITY - An ADP system which is used to process or handle classified information must account for usage on a named-individual basis whenever classified information is generated or accessed CONTINUOUS PROTECTION - Security-relevant portions of a trusted computer system must be maintained under configuration control to assure that unauthorized changes have not been made which could possibly subvert the system's ability to control classified information CRYPTOLOG Page 15 4009895 FeR eFFlelkh 85ft eHtY These policy requirements form the basis for defining security requirements at the system level as well as for the hardware and software components of the system They also determine procedural requirements to support the continuous protect ionp'ol icy and assure the operational effectiveness of technical safeguards The degree to which a system must comply with these requirements either in the use of specific security features or in the degree of assurance that the features are effective is a function of risk of exploitation This risk depends upon motivation capability and opportunity of an opponent to exploit the system's protection controls and mechanisms These factors in turn are influenced by such things as the most sensitive information in the system the least restrictive clearance of system users or those associated with its development and operation the hostility of the environment and time B System Requirements A primary system requirement is to have a clearly defined security perimeter that includes a suitable combination of manual and automatic trusted processes to control access to classified or sensitive data in the system Each such process is designed and operated to implement a well-defined interpretation of DoD security policy e g minimally information that is labeled SECRET will not be accessible by personnel holding less than a SECRET clearance The perimeter may be entirely defined by environmental i e physical personnel and operational security controls as is the case in a dedicated mode of operation It may require hardware software and COMSEC controls in addition to the environmental controls For example electrically connecting two different computer systems requires hardware and software controls over the interfaces between systems operating at different system-high levels These controls must ensure for example that the integrity of classification labels on internal files is proted ed and that information flowing from one system to another is classified no higher than the maximum authorized for the receiving system This in turn requires assurance that the integrity of classification labels on internal files is protected in the computers In the multilevel mode one relies very heavily on controls internal to the computer to enforce applicable security policy and thus the computer hardware and software controls become an even more critical element of the security perimeter Feb 84 The specific security requirements both technical and environmental to be enforced by a computer systems application are prescribed by the Designated Approving Authority DM in accordance with DoD Directive 5200 28 or DCI Computer Security Directive Security of Intelligence Information in Automated Systems and Networks formerly DCID 1 16 while the requirements for determining the technical efficacy of the system's security controls and mechanisms are stated in the Center's Trusted Computer Systems Evaluation Criteria The DM is then required to make an explicit decision to use the system operationally when convinced that these security requirements are satisfactorily met We elaborate below on the computer hardware software certification and accreditation process to support this C Hardware Requirements Computer systems that are trusted to enforce a security policy employ a combination of hardware and software mechanisms The hardware mechanisms of concern are those that simplify and optimize the implementation of access control over the subjects and objects as defined in the formal security policy model abstraction Below we list desirable features worth considering in the selection of a hardware architecture Note that these features while helpful do not supplant the need for a security kernel However they may improve performance throughput significantly over the pure use of software controls Virtual Memory - This hardware feature is essential It can be realized in either a page- or a segmented-based organization and would provide an effective environment for multiple processes Both require address mapping circuitry that automatically provides access checking during address translation Execution Domain - It is minimally essential that the hardware support two execution domains preferably three where one domain is privileged and protected from the less privileged domain Security kernel software runs w thin the most privileged domain and untrusted user software executes within the less privileged domain s Controlled Access to I O Devices - It is essential that computer architecture provide some mechanism that enables a security kernel to maintain control over accesses to input output I O devices A sufficient solution is the notion of CRYPTOLOG Page 16 FeR 8FPlelkh 85ft 6NWI 4 aa 9 B 9 5 POll OPFtSIJrb eSE QUIorY privileged I O operations Here I O is performed only by a process executing in the appropriate privileged domain The kernel must control access to this privileged state Multiple Processes - Many users normally share concurrently the available resources of a general-purpose computer system therefore the base computer architecture must provide support for an efficient multiple-process structure The minimal hardware support necessary is the capability to save and restore process definition information Additional information may be found Technical Report No ESD-TR-78-l70 puter Architectures For Effective Kernel Implementations by John D dated October 1978 in MITRE MinicomSecurity Tangney Because of the reliance one has on these controls there are several security concerns to be addressed in the acquisition and use of this hardware One concern is correctness Assurances must be given to show that the hardware mechanisms have been designed and built to function correctly A second concern is reliability Failures in the hardware must not weaken or eliminate the security controls that are implemented in the hardware itself or in the software which in turn requires correctly functioning hardware A third concern is integrity Configuration control measures during hardware design implementation operation and maintenance must deter accidental or deliberate modifications of the hardware that can cause security controls to be bypassed or weakened The degree of concern in each area and the corresponding steps Feb 84 FQR taken to reduce the risk is applicationdependent Although exploiting such avenues of vulnerability is possible one must consider them in the context of other areas which could be more susceptible to attack e g software In those cases where the hardware will be used in a periods processing mode it should permit rapid and reliable eraSure of all internal memory e g primary storage nonremovable secondary storage and buffers It must also support the capability for a physical disconnect from those other devices in areas with a lesser degree of protection There is ongoing research as part of the consolidated DoD Computer Security R D program to develop a job stream separator which automatically and reliably performs all necessary color change procedures In those cases where the computer will simultaneously process or store information of different classifications the hardware should support internal labeling of files with the appropriate security classification and these internal labels should be used as the primary basis for access control dec isions This is particularly the case if the system users are not all authorized access to all of these files e g as in the controlled or multilevel mode of operation A similar requirement may exist for systems which process personnel proprietary or other sensitive unclassified information Individual hardware components must meet TEMPEST requirements cODDl1ensurate with their operational environment current pol icy and the perceived threat of exploitation CRYPTOLOG QFFIQI Page 17 eSE QNbY aCID eR eF Ielkb ess eStY 4009895 D Software Requirements E Procedures Software that must enforce DoD security policy must be designed implemented and documented to permit credible evaluation and verification that it in fact correctly enforces that policy This requirement would have to be applied to all system software including the operating system system utilities data base management systems DBMS compilers or appl ication software Such evaluation would be difficult and lack credibility if the security-relevant mechanisms are complex and scattered throughout the software One simply cannot determine that an unstructured collection of these mechanisms correctly implements the policy and cannot be circumvented Thus the Center requires that in trusted computer systems all security-related functions be implemented in well-defined portions of software firmware and hardware the totality of which is called the trusted computing base TCB The TCB must be designed and implemented so that its security controls are always invoked and are tamperproof that is the controls cannot be modified or bypassed by the remaining untrusted portions of the system and that they be of sufficiently simple design as to be subjected to thorough test and analysis During its design and development the TCB is subjected to specification and design analysis verification and testing to assure that these properties are indeed satisfied The DoD CSC Trusted Computer System Evaluation Criteria amplify these requirements further The continuous protection requirement is primarily satisfied with procedures to control and monitor access to hardware and software security components during their design and implementation and then during their operational life cycle Such procedures are a critical part of gaining assurance that the security mechanisms are designed and built to meet stated requirements and then maintained and used to remain effective Specific requirements include Determining the specific requirements for software controls and level of assurance Le the evaluation class for a particular application must reflect the level of risk and degree of trust required of the hardware and software One indicator of this is security range that is the difference between the classification of the most sensitive information and the least restrictive user clearance Thus for example a Class C2 system may provide adequate trust for a system-high application A multilevel mode application would on the other hand normally be expected to meet the criteria of a Class B2 or higher system depending on its security range Feb 84 clearing system support personnel to the highest level of data in the system clearing maintenance personnel commensurate with the sensitivity of information to which they could get access and developing and maintaining software which protects sensitive information in an environment consistent with the sensitivity of the data being protected and with a level of risk that is acceptable to owners of sensitive information In systems which involve periods processing accreditable procedures are needed to change processing classification levels Procedures include removing sensitive data from the system disconnecting or reconnecting peripheral devices and remote terminals and rebooting the appropriate operating system at the new processing level F Classified Software The security mechanisms and their implementation in trusted system hardware and software are generally unclassified However as noted earlier this software may be treated as if it were classified to meet the continuous protection requirement There may be instances in which security-related software is classified e g if it implements a classified cryptographic algorithm or security-related software contains classified data e g the routing tables in a message system Such software must be protected like any other classified information while it is stored in the computer There may be multiple copies of it in primary and secondary storage all of which must be labeled and protected as must all hardcopy printouts of it CRYPTOLOG Page 18 iOR OiiICIAl U i QIIIIs 4009895 F911 9FFI8lMs Q8B 91atY G General It is DoD policy that all ADP systems which process classified information will be accredited that is there will be an explicit decision that the system adequately protects information and can be used operationally This accreditation is frequently based upon a technical evaluat ion of the system to determine how well it meets predefined requirements However unless the system is designed and built to be evaluated as is NOT the case with most existing computer systems the technical evaluation consists almost entirely of looking for flaws in the system or conducting tests of the system's ability to withstand penetration Neither case gives assurance that the system is secure because such exhaustive testing never finishes Thus it is vitally important that security requirements be identified early in the system's development It is equally important that the system security architecture identify trustworthy mechanisms to control the flow of information into out of and within the system One can then determine explicitly the policy model which each trusted hardware and software' component of this architecture must enforce and theappropriate Trust Class as described in the Criteria One can then specify implement ify and certify that those enforcement mechanisms that are implemented correct ly enforce the policy To assist with this there is a growing collection of formal design and verification methodologies which can be used These include SRI's Hierarchical Development Methodology University of Texas' GYPSY system and SDC's Formal Development Methodology The C organization is undertaking an effort to make these tools more easily available to and usable by system developers as well as by NSA and DoD system test and evaluation organizations ADP Security Certification Accreditation Planning Guide reference #2 provides additional information on the critical steps in the certification accreditation process Further direct interaction with the user designer and C2 could follow the reading of this literature and enable C2 to work on recommended recommending or final izing a secure system II Telecommunications A well-defined layered architecture is needed that Feb 84 security 1 addresses all the threats of concern to the user and 1 is consistent with or is at least not incompatible with the security architectures of networks to which various users are connecting ver Computer vendors Le DEC UNIVAC Honeywell etc have developed or are developing trusted systems which might meet long-range requirements Addit ionally software houses are developing add-on packages to provide a little increase in software security i e SKK's ACF2 IBM's RACF CGA's Top Secret etc In Section III below we note other possible uses of trusted systems as part of the security architecture Thus a first step in developing the architectural strategy and planning for using trusted systems would be to determine what the long-term security requirements are i e will multilevel security become an operational necessity and if so ' over what range of classification and user clearance network is desirable to have a single layered inter-network security architecture that can be deployed across all DoD certified nets An ambitious DoD effort is under way to achieve this initiative It III Policy Electrical Interfaces - Electrical interfaces between systems operating at different classification levels must ensure that only appropriately classified information flows from the more sensitive to the less sensitive system It must also prevent users of the less sensitive system from making unauthorized changes accidentally or deliberately to data in the other system or from disrupting its use A manual interface has until recently been the accepted method However trustworthy devices for controll ing such interfaces have been proposed for several systems One such device currently in development will use the Honeywe 11 SCOMP as a bas is for implementing a GUARD to allow SECRET users to access SECRET data bases on the US Army Forces Command's Top Secret system-high WWMCCS computer There is another approach which uses a cryptographically derived cryptographic check to verify the releasability of information when it is being electronically transferred between security perimeters reference #3 CRYPTOLOG Page 19 ern 4009895 FOR OHlelkt eSI i BilbY -Property 2 - DoD security policy for ADP systems was discussed in Section I above The -property is one part of the Bell La Padula 3 policy model for mattdatory security It is more conservative than DoD policy as it relates to paper documents but it precludes the success of Trojan Horse attacks Data Aggregation - DoD policy for correct classification and handling labels for data elements alone or in aggregate should be implemented in data processing systems This requires reliable labels on internal files and on output giving the classifications or other special handling instructions as determined by the owner of the information at the field record file or data base level as appropriate Data Encryption Standard DES Present policy requires that NSA approve on a caseby-case basis any proposed use of DES to protect classified communications With respect to the use of DES to protect unclassified national security-related communications recently issued national policy requires that Services Departments and Agencies determine the risk of exploitation of their unclassified communications either in consultation with or based upon prior guidance from NSA in accordance with Federal Standard FS 1027 Where there is high risk of exploitation NSA will prescribe or approve the cryptographic system used on a case-by-case basis For all other applications commercial cryptographic systems to include DES may be used if they have been endorsed for general application by NSA IV General There will be additional costs associated with implementing using and maintaining physical emanations personnel and procedural security safeguards Some of this additional cost e g for physical and emanations safeguards is part of the capital investment On the other hand the costs for personnel and procedural safeguards are part of the operational costs The actual costs for a facility depend upon the level of protection required for the information being processed in a given threat environment There will also be additional costs associated with acquiring and using trusted computer systems Designing security into the system can lower these costs and have a beneficial payoff through improved reliability and maintainability which results from a well-structured software design and implementation We note that there are two key aspects to be considered in estimating the cost of safeguards in these security areas They are l what level of protect ion is required and 2 how must these safeguards be used and maintained to ensure their continued effectiveness Doesn't protection of and products require this sources EFS methods Footnotes 1 This and the other referenced papers can be obtained from the DoD CSC Technical Library C422 2 Pronounced star property 3 I Iwas rec ently hired as Deputy Chief of C3 P L 86-36 Bibliography 1 2 3 Trusted Computer System Evaluation Criteria CDC-STD'-OOl-83 15 Aug 83-rs 225 711 ADP Security Certification Accreditation nning Guide undated On the Feasibility of Connecting RECON to an EXternal Networ 1 dated 16 Mar 81 P L 86-36 I Feb 84 CRYPTOLOG Page 20 FeR eFFISlhb ges eH Y 4009895 S88aKT EO 1 4 c EO 1 4 c P L P L 86-36 86-36 The following is a cumulative index of CRYPTOLOG Vol X 1983 and is in three parts by title by author and by keyword Items in multiple issues JanuaryFebruary 1983 for example are indicated by the first month i e by Jan 83 CRYPTOI OG 1983 EO 4 c P L 86 36 Cumulative Index 1974-1982 Part 1 Authors Mar 83 Cumulative Index 1974-1982 Part 2 Titles Apr 83 86-36 Cumulative Index 1974-1982 Part 3 Keywords May 83 DCLi The Direct CqmmuriicationsLink Dec 83 INDEX CU 1 1 l ooooo Your Office Make You Sick Aug 83 I TITLltSCll' E T At NSA Mar 83 FBIS Latin American Reference Aid Apr 83 1975-77 Sep 8 3 i I -- 1982 Sep 83 I Apr 83 Acronymania Nov F8 3 11 _ Ada News Jan 3 I_ - __ - - Ada Conguerin the Tower of Babel Jan 83 ---l I IAnnouncement I Apr 83 j Contr i b-u t i o-n-s S o l icited for CRYPTOLOG Articles Sep 83 Announcement KRYPTOS Society Spring Meeting Mar 83 Announcement Request for Copies of Jan-Feb 83 Issue CISI Essay Contest Aug 83 Announcement Students NCEUR Independent Study Programs Mar 83 Announcement Two New Lan ua e and Chinese-English Jun 83 B 7rs Cowboy Hrs'uanduELIN1'uNotationsu Oct 83 'Watt Zizname' Radio Sep 83 iF ------ FI'ontierDentist Apr 83 'Marian D Librarian' The Future Brightens for Flat-Panel Displays Jan 83 1 I Gett ing Personal Jan 83 1 - _ _ Government of the Peopler- B II l - The Leadershi A r 83 Jun 8 I Rem e m e - r ' T'I C - 'lI' o -i I Remember Mabe 1 Babe 1 Aug 831 I ImprovinguR asteruGraphicslmage -s 'b y o A n 't f 'P' ' - -L' 8 6- 3 6 Al iasing Jan8 3 1 The Intelligence Watch Officei May 83 d The Case of the 'Fowled-Up' CRITIC Au g83 I Is The Glass Half Empty Or Half Full Mar 83 d I Nov I 1--- 83 Computer Graphics to Enhance Collection Management Jan 83 1 _ _ Computerizing Traffic Analysis May 83 1 o 1 _ EO 1 4 c P L L 86-36 Feb 84 I e Islamic Time Bomb Dec 83 1 Confessions ofa Briefer May 83 Correction Do You Know the Differ-e-n-c-e-s ll - ' Jun-Jul 83 Issue Aug 83 Correction October 1983 CRYPTOLQG Issue Add to Class i ficat ion 'ReL UK CAN Aus NZ' Dec 83 Crisis Management Remarks Oct 83 L D l 77i - Crypt ic Crossword if3 ' Mar 83 t Cryptography At GLOBECOM 82 a 83 11 _ J A I- - - L S FI ' ' I __ F W Letter to the Editor pomputerizin of TA May 83 Issue Nov 83 L _J Letter to the Editor Government of tBl' I 1 4 d jPeople reply IletterJ Au MJ-36 191 Letter to the Editor Government o f th e __ Peopl i Apr 83 Issue Aug 83 Letter to the Editor Management o f---------- Coordination Sep $3 issue Oct 83 'Juan Tuthri' Le1 terfo the Editor My Staff--rt Comforts Me Apr 83 IssuejAug83jl 1 Letter to the Editor Out of My Depth May 83 Issue mAugm83ujul 1 CRYPTOLOG I Page 21 86-36 SSSRoI i'f liol ng15S Ull Selllti'f eHMftiHbS 6NT i 4009895 L 86-36 86-36 Letter to the Editor Redbaro iRoadr nner o o Jun-Jul 83 Issue Sep 83 J I Letter to the Editor Securityo Classified Informat ion Jun 83 I I Letter to the Editor The To er of $abel May 83 Mollick J J Letter to the Editor TipsonTop cal Reporting Oct 83 Issue Dec 83 1 --- Letter to the Editor Tips00n Topical Report ing reply tocz r let tel' Dec 83 I I Letter to the Editor UNtX EI 1 an al Page I Comment Oct 834 Letter to the Editor Video Teleconferencing Mar 83 Issue Jun 83 I The Literary Bends Nov 83 Murphy A I Logic Design Exc e edin Boolean Capabilities Jan 83 1 J o MBTI The Management Tool of the Future Nov r 8 83 1 r o Man Does Not Live By Matzos Alone 4pr 83 'Marian D Librarian' Management of Coordination Sep 83 I ------ Managing Our Systems for Performance Jan 83 1 1 Menu Selection As A Tool for Human Machine Interaction Jan 83 1 I Mar 83 Dec 83' More on Passwords Mar 83 __ __ My Staff--It Comforts Me Apr 83 'Zebulon Zilch' NSA in The Space Age Apr 83 1 The NSA High-level Display FUe Jan 83 1 Jun83 I'rN Sr A-- I'cr r o s t 1 C Nr O 'T 4 6 'KA- p- r --C8 'l3 ' w 111 D IL NSA-Crostic No 47 May 83 Williams D H NSA-Crostic No 48 Jun 83 Filby V R NSA-Crostic No 49 Aug 83 Williams D H NSA-Crostic No 50 Sep 83 Williams D H NSA-Crostic No 51 Dec 83 Williams D H 1982 Local Area Network Status Jan 83 1 E M Non Posse vs Posse Non Dec 3 1 H G I oo_ _---l SlGINT Challenge A Scenar o Mar 83 IL J L Shell Game System Shells llec83 I W E Shell Using If Mar 8J I_ _ 1 Some Tips on Getting I romote'ii Jun 83 1 Vo r 1 SoBo '-------' U IApr S use oso t o o e o o m o o o o o o p o o o a o o r o o t o o o o ou o o e o o o o Concept 83 j r Interfac e S y ummmmmmu' ''' '' ' p oL UIS lJ ler Interface Sys t emJ'art o uArchi tecture Apr83 1 1 Video Teleconferencing N$A Appl ieat ions Mar 1 831 Weather A Kef Il telligence Indicator Mar 83 I The White HOuse Is Singing Our Song Nov 8 Murphy A I Why Pascal Why Not Jun 83 LI' ' __- - -- ' ' Word People at NSA Apr 83 'Dickson Airy' Wrangler One Tough Customer Sep 83 1 1 EO 1 4 c P L 86-36 1 oI Puzzle Jan 83 WilHams D H Redbaron Roadrunner Bronzstar What's In A 1 Name Jun 83 1 Review The Baj tle For The Falklands Aug 83 I Feb 84 o TDY Travail Mar 83 TELECOM 83 Oct 83 ----'- - Tempest for Every Office Nov Thousands Miss Demonstration R L Tips on Topical Reporting Oct 83 1 1 ' __ A Tutorial on Color Theory and Human Color Perception for the Color Graphics Programmer Jan 83 I o Picture What Is The Caption Nov 83 Punching The Biological Time lock Jun 83 I Soviet Psi Experiments Dec 83 rr--------------- Specifying Colors for Compute1 Graphics Apr 1 83 1 Static Magic The Wonderful World of Tempest Nov 83 Donahue T M Still More About Passwords Ma1 3 M E --_ A Survey of Parallel Sorting Jan 83 1 On How The 'Game' of the Agency Should Be Played Sep 83 Santiago-Ortj z R Out of My Depth May 83 'P L 86-36 Out of My Depth Dec 83 i PARPRO Reconnaissance Programs Sep 83 I '---_ _---l Soviet Military Goals And Thei x Effect on Negotiations for A s Limitat ons Oct 83 J 1 o CRYPTOLOG Page 22 86-36 4009895 8SSaI3'f L 86-36 EO 1 4 c 86-36 'Zebulon Zilch' P L Apr 83 My Staff--rt Comforts Me Mar Dec 83 DCL The Direct Communications Link Jun 83 Letter to the Editor Video Teleconferencing Mar 83 Issue CuI AUTHORS Aug 83 The Case of the 'Fowled-Up' CRITIC I I O c t-8 3 T 1 P S on Topical Reporting Mar 83 Announcement KRYPTOS Society Spring Dec 83 Letter to the Editor Tips on Topical Meeting Reporting reply to Day's letter Mar 83 Announcement Students NCEUR Independent Study Programs Mar 83 Cumulative Index 1974-1982 Part 1 Jan 83 Ada Conquering the Tower of Babel Authors Mar 83 E T At NSA 1 __ 1 Apr 83 Cumulative Index 1974-1982 Part Mar 83 Cryptic Crossword #3 Titles Apr 83 FBIS Latin American Reference Aid May 83 Cumulative Index 1974-1982 Part 3 Jun 83 Punching The Biological Timec10ck Keywords P L 86-36 May 83 Out of My Depth Jun 83 Announcement Two New Language Aids Mar 83 More on Passwords Apr 83 Specifying Colors for Computer Graphland Chinese-English Aug 83 Announcement Request for Copies of ics Jan-Feb 83 Issue CISI Essay Contest May 83 Still More About Passwords Aug 83 Does Your Office Make You Sick Aug 83 Correction Do You Know the Differences Jun-Jul 83 Issue Nov 83 MBTI The Management Tool of the Future Sep 83 Announcement Contributions Solicited for CRYPTOLOG Articles Nov 83 pic ture What Is The Capt i o n 1 Dec 83 Correction October 1983 CRYPTOLOG J u-n 8 3 P u-n-c h 1 n-g T h-e B i-o 1-0-g ica1 Timec10ck Issue Add to Classification 'REL UK CAN AUS NZ' Mar Dec 83 Out of My DepthEO T 4 c l P L 86-36 'Dickson Airy' Apr 83 Word People at NSA Dec 83 Letter to the Editor Tips on Topical 'Juan Tuthri' Reporting Oct 83 Issue Oct 83 Letter to the Editor Management of Coordination Sep 83 Issue Sep 83 PARPRb Relonnaissance Programs 'Marian D Librarian' Apr 83 Frontier Dentist Nov 83 Static Magic The Wonderful World of Apr 83 Man Does Not Live By Matzos Alone Tempest H G R Nov 83 I Remember JFK L - I Mar 83 Weather A Key Intelligence Indicator 'Watt Zizname' Nov 83 5-4-3 Puzzle Nov I I 831'-- ---- - I P L 86-36 Feb 84 CRYPTOLOG EO 1 4 c P L 86-36 Page 23 HhNBhB VIA SSmU'f elWUlSh8 SUhY 4009895 i SB8llB1' L 86 36 Lr- __ _-__ --- 1 86-36 Oct 83 Thousands Miss Demonstration Faurer L D Oct 83 Crisis Management Dec 83 The Islamic Time Bomb Re arks Oct 83 Letter to the Editor UNIX ED I Manual Page Comment Jan 83 Ada News 1 l-- 'A-p-r- 8 ' 3r- N SA ' 1 n The Space Age Filby V R Mar 83 TDY Travail Jun 83 NSA-Crostic No 48 I - I Nov 83 Tempest for Every Office Mar 83 SIGINT Challenge A Scenario Jun 83 Redbaron Roadrunner Bronzstar What's In A Name I Jan 83 Improving Raster Graphics Images by Ant i-Alias ing EO 1 4 c '1'------T - - l 'f ' 1 ---Jan 83 GettLng Personal P L 86-36 Apr 83 Government of the People By The Party For The Leadership Aug 83 Letter to the Editort Goyernment of the People ooo reply t 1 letter I --- _I Aug 83 Letter to the Edito Government of the People ooo Apr 8 Lssue I_ Sep 83 Management Apr May May Aug Sep Oct Dec of Coordination Nov 83 Acronymania May 83 Letter to the Editor The Tower of Babel Apr 83 UIS User Interface System Part One Concept ---- ----- - 1 Jan 83 A Survey Jun 831 831 I 83 Cryptography At GLOBECOM 82 83 Review Digital Telephony 83 Review The Battle For The Falklands 83 Foreign Microwave Raalo1 4 c 83 TELECOM 83 P L 86-36 83 Soviet Psi Experiments of Parallel Sorting ---- ---- 1 Sep 83 Do YOu Really Mean Julian Apr 83CI- - - - - - - - - - - - - - - - - Murphy A I Nov 83 The Literary Bends Nov 83 The White House Is Singing Our Song 1 P L 86-36 -J u-n 8 3 S ome Tips on Getting Promoted EO 1 4 d Nov 83 Letter to the Editor Computerizing of TA May 83 Issue 1 I---J a n 8 3 C o m p u t e r G r a p h 1 CS to Enhance Collection Management 1 ----- 1 Mar 83 Shell Using If Jan 83 The Future Brightens for Flat-Panel Displays ---- ----- - I Jan 83 1982 Aug 83 Letter to the Editor Out of My Depth May 83 Issue L ocal A real etwork Status 1 I-- ' J-un-8 3 -- D -o- You Know the Differences Jun 83 Why Pascal Why Not Oct 83 Soviet Military Goals And Their Ef feet on Negotiations for Arms Limitations Mar 83 Is The Glass Half EmR y Or Half Full P L P L 86-36 Feb 84 CRYPTOLOG 86-36 Page 24 lI1dIBbB 'lit seuru'F Slh'dltlEi15S eN Y r 4009895 _8-J- - n-3'-6'-1-- P L 86-36 Sep 83 Wrangler ooo Orte Tough Customer Aug 83 'lI R e-m e-m b e-r-M abl ' e i B a b e i-------- Aug 83 Letter to the Editor My Staff--It Comforts Me Apr 83 Issue Dec 83 Non Posse vs Posse Non ---- - - 1 Jun 83 Letter to the Editor Security of Classified Information Williams Jan 83 Apr 83 May 83 Aug 83 Sep 83 Dec 83 I - J a-n 8 3 M e 'nu Selection As A Tool for Human Machine Interaction I Sep 83 Letter to the Editor Redbaron Roadrunner o Jun-Jul 83 Issue D H Puzzle NSA-Crostic NSA-Crostic NSA-Crostic NSA-Crostic NSA-Crostic No No No No No 46 47 49 Sa 51 --- - -_ 1 I -- S -e-p 8' 'J O -n H -o-w-- The Jan 83 Computer Graphics to Enhance Collection Management 'Game' of the Agency Should Be Played EO 1 4 c P L 86-36 Jan 83 The NSA High-level Display File Apr 83 U1S User Interface System Part Two Architecture Jan 83 Logic Design Exceeding Boolean Capa1 bilities Dec -f 831 We lorgoT to ho ve o P tPT'oL o 'Sl l bs ipiio mOl eel wil ll t 1l Mar 83 Video Teleconferencing NSAApplications tor _ I lAS May 83 The Intelligence Watch Officer P L 86-36 ------ 'J u n-- 8 '3T 1 Oct 83 Banners Cowboy Hats and EL1NT Notations May 83 Computerizing Traffic Analysis Dec 83 Shell Game System Shells Sep 831 Sep 83 ---l Jan 83 Managing Our Systems for Performance ---- 1 Jan 83 A Tutorial on Color Theory and Human Color Perception for the Color Graphics Programmer P L 86-36 Feb 84 CRYPTOLOG SH8Rfl'i' Page 25 HlMIBU VIA 8SHltl'F 8lh llrlbS SllbY aCID 4009895 P'h 86-36 01 4 c P L 86-36 KEYWORDS Acronyms Nov 83Acronyma iad CU J P L Apr 83 1 EO 1 4 c -- l I Jan 83 Computer Graphics to Enhance CO lectjOD Management Aircraft jeR 83 PARPRO Recor issance Programs Briefing May 83 Confessions of a Briefer Hankey J CAA News Oct 83 Crisis Management Remarks Faurer L D 1------- ------ --- - 83 cow-p-u-t-e-r 'i-z 'in-g-T-r-a-f-f J i Analys iS L 6 Computer Graphics Jan 83 A Tutorial on Colo1 ''l'heory and Human Color Perception for the Color Graphics Programmer L I Jan 83 Computer Graphics to Enhan ce ' 1Co llec t ion ranagemen lt P L 86-36 1 y 1 Apr 83 Spec i f y i n g C o lo r s fQt Computer Graphics 1 I Chinese Jun 83 Announcement Two New Language Aids 1 1and Chinese-English Classification Jun 83 Do You Know the Dif erences Rankin D S Aug 83 Correction Do You Know the Differences Jun- ul 83 Issue Dec 83 Correction October 1983 CRYPTOLOG Issue Add to Classification 'REL UK CAN AUS Computer Networks Jan 83 1982 Local Area Network Status E M ror 831 dl I Computer Programmirn g - Jan 83 Ada News I - - r Jan 83 Ada Conquering the Tower of Babel 'Jan 83 Menu slhction As A Tool for Human Machine Interact l o n 1__- __ --1 Mar 83 Shell Using If I Jun 83 Why Pascal WhyL ''' N-o-t ''''' - j-- ---- j Dec 83 Shell Game System Shells 1 j W E 86-36 Dec 83 Modernization of G Gro u p ' S H i h- Frequency Intelligence Collettions L-J W G Color Apr B3 SPE cr - 1 f 'Yol l n s_C o 1 0 r s for Compute r Grapbic s EO 1 4 c P L 86-36 P L 86-36 f lli ray I Jan 83 Improving Raster Graphics lmages Anti-Aliasing4 1 Jan 83 The NSA Hi h-level Display File Caption Nov 83 Picture What Is The Caption it L 1 I P L 86-36 Book Review Apr 83 Frontier Dentist 'Marian D Librarian' Apr 83 Man Does Not Live By Matzos Alone 'Marian D Librarian' Aug 83 Review The Battle For The Falklands j j P L 86-36 NZ' 1 computer Applications Jan 83 A Survey of Parallel sorting 1 S B _ _ J 86-36 ll - r-- J P L 86-36 Communications Sep 83 Foreign Mict 0 WClve Radio I -- _ Dec 83 DCLi The irect Communicationa Link Ada Jan 83 Ada News I -- -_ _- '1 Jan 83 Ada Conquering the Tower of Babel 1'---_----1 COMINT Computer Security Mar 83 More on Passwords 1 May 83 Cryptography At GLO B-E-C -O M- 8-2 r-I--- J A May 83 Review Digital Te lephOny 1 J A - MayS3 Still More About Passwords M E I Feb 84 CRYPTOLOG t perio P L 86-36 EO 1 4 c P L 86-36 Page 26 IH H VI' sellIU' eHt iftfflbS aNtil DOCID 4009895 L 86-36 'P L Data Security Jun 83 Letter to the Ed ' tOT S ' CI l t t y of Classified Information Comlll ter Systems Jan 83 Getting Perso lI ldL l1 Apr 83 UIS User Interface System Part One Conceptl I Apr 83 UIS User Interface System Part Two Architecture ' Sep 83 Wrangler ooo One Tough Customer 86-36 - --- Data Standards Sep 83 Do You Really Mean Julian C I' - - - - - ELINT sen 83 wranolej' One Tough Customer Computer Systems Management Jan 83 Managing Our Systems for Performance I Oct 83 Banners Cowboy Hats and ELINT Notations I Computer TA Nov 83 Letter to the Editor Computerizing of TA May 83 Issue I 1 I Coordination Sep 83 Management of Coordination L -__ _ Oct 83 Letter to the Editor Management of Coordination Sep 83 Issue 'Juan Tuthri' English Aug 83 I Remember Mabel Babel I L - _ ESP Dec 83 Soviet Psi Experiments I _ Covername Jun 83 Redbaron Roadrunner Bronzstar What's In A Name 1 1 Sep 83 Letter to the Ed Eor ReAbaron Roadrunner oo Jun-Jul 83 ssue 'r -I ' ' JL -_ P L 86-36 Field Station M a r _8 3 I s T h e G1C ssFlalf Empty Or Half Full CRITIC Aug 83 The Case of the 'Fqwled-Up' CRITIC P L 86-36 1 --- '1 CRT Jan 83 The Future Brightens for Displays 1 I I Applications Oct 83 Thousands M ssDemonstration c J R L P L 86-36 Flat Panel Crypto-TA May 83 Out of My Depth Aug 83 Letter to the Editor Out Q f My Depth May 83 Issue ' ' Dec 83 Out of My Depth Cryptography May 83 Cryptography At GLOBECOM 82V1 J A L May 83 Revie Digital Telephon il J A Oc t 83 TELECOM 83 I__ -- ' ' '- I P L 86-36 CRYPTOLOG Mar 83 Cumulative Ind ei 1974-1982 Part 1 Authors Apr 83 Cumulative Index 1974-1982 Part 2 Titles May 83 Cumulative Index 1974-1982 Part 3 Keywords Aug 83 Announcement Request for Copies of Jan-Feb 83 ISSl e CISI Essay Contest Sep 83 Ann9unc i111Emt Cpntributions Solicited for CRYPTOLOG Adic1es Dec 83 Corre 't ion October 1983 CRYPTOLOG Issue Add 6 Classification 'REL UK CAN AUS I I NZ' A p r 8 3 F e l d Station Network Greek Jun 83 Announcement Two New I L ngUage _ I HF e-- J W G P L Hl 'story J Nov 83 --- ' ------ 1 Hotline Dec 83 DCL The Direct Communications Link --- ---'I Human Factors Jan 83 Menu Selection As A Tool for Human Machine Interaction - - _ --_--' Apr 83 Specifying Colors for Computer Graphics ' I Jun 83 Punchinf The Biol M j cal f' imec 1 0Ck Creswell D T L Aug 83 Does Your Office Hake You Sick 1 I EO 1 4 c P L 86-36 P L Feb 84 Aids CRYPTOLOG Page SiiSM'f 27 86-36 86-36 aCID 4009895 1 4 c P L 86-36 HUMINT o - Humor Apr 83 Frontier Dentist 'Marian D Librarian' Apr 83 Man Does Not Live By Matzos Alone 'Marian D Librarian' Apr 83 My Staff--It Comforts Me 'Zebulon Zilch' Apr 83 NSA in The Space Age I -_ - -_ _ Apr 83 Word People at NSA '01 ckson Airy' May 83 Letter to the Editor The Tower of Babel I Aug 83 Letter to the Editor My Staff--It Comforts Me Apr 83 Issue Index Mar 83 Cumulative Index 1974-1982 Part 1 Authors Apr 83 Cumulative Index 1974-1982 Part 2 Titles May 83 Cumulative Index 1974-1982 Part 3 Keywords 'p L 86-36 Managelllent Sep 83 On How The ' aJIl ' f the Asency Should Be Played Sant ag -O iz R Oct 83 Crisis Management RemsI'ks Faurer L D Nov 83 MBTI The Management TOol of the Future 1a - - - - 1 Ma t hema tic S Jan 8 310 g ic D si en Exceefiing Boolean Capabilities Microcomputers an 83 Getting Personal 1_ _ Microwave Sep 83 Foreign Microwave Radio LI Indicators Mar 83 Weather A Key Intelligence Indicator Mx Jan 83 Logic Dfsign Exceeding Boolean Capabilities L EO 1 4 c F L 86-36 NCS Mar 83 Announcement Students NCEUR Independent Study Programs Nov 83 The Literary Bends Murphy A l Nov 83 The White House Is Singing Out Song Murphy A I Iran Dec 83 The Is lamic TimeBClmb 1 NSOC May 83 The Intelligence Watch Officer L S I _ F W '-----F L 86-36 Islam Dec 83 The Islamic Time BO 1 1 F W ----- A U g-8 1 The Case of 1_ _-----'1 0 Mar 83 1 - Pascal Jun 83 Why Pascal W y Not _ the 'Fowled-Up' CRITIC P L 86-36 KRYPTOS News Mar 83 Announcement KRYPTOS Society Spring Meeting Password Mar 83 More on Passwords j May 83 Still More About pa Cs s w' o r d s ' 'iI--- ---' M E Performance 83 PJlPCbiP1 The Biological Jimeclock' lInn Aug 83 Does YouI' I Latin American Apr 83 FBIS Latin American Referenc'e Aid Linguists Dec 83 Non Posse vs osse Non 1 H G '------ Office 'la e I You Sick Personality Mar 83 E T At NSA Apr 83 Word People at N$A Dickson Airy' Aug83 I Remember Mabel Ba el Nov 83 I Remember JFK H G R 1 -------- Promotions Jun 83 Some Tips on Getting promote 1 ' - - - - V Logic Jan 83 Logic Design Exceeding Boolean capabilities fl I' 'l P L EO 1 4 c P L 86-36 EO 1 4 c P L 86-36 Feb 84 CRYPTOLOG 86-36 Page 28 IWlI ll K HIt QUINT SlhlJlNBl5S 81lhY SI iSIlilT aCID 4009895 Puzzle Jan 83 Puzzle Williams D H Mar 83 Cryptic Crossword #3 I ' --- Apr 83 NSA-Crostic No 46 Williams D o li May 83 NSA-Crostic No 47 Willi s D H May 83 Out of My Depth Jun 83 NSA-Crostic No 48 Filby v a Aug 83 Letter to the Editor Out 0 My Depth May 83 Issue I Aug 83 NSA-Crostic No 49 Williams D H Sep 83 NSA-Crostic No 50 Williams D H Nov 83 5-4-3 Puzzle 'Watt Zizn er Dec 83 NSA-Crostic No 5t wil1i s D H Dec 83 Out of My Depth Reconnaissance Sep 83 PARPRO Reconnaissance Programl l P eC 83 Non Posse vs P seNon 1 H G '------ Staff Apr 83 y Staff--rt Comforts Me 'Zebulon Zilch' TDY Mar 83 TOY Trava i l Filby V R TELECOM Oct 83 TELECOM 83 11 _ '---- Tempest Nov 83 Static Magic The Wonderful World of Tempest Donahue T M Nov 83 Tempest for Every Offi ce I ---' Terminology Sep C 83 Do You Really Mean Julian 1L -_ _ J Reporting Aug 83 The Case of the 'Fowled-Up' CRITIC I Oct 83 Tips on Topical Reporting I _ _ 'rime Sep 83 Do You Really Mean Julian 11 '-----' Dec 83 Letter to the Editor Tips on Topical Reporting Oct 83 Issue I C Dec 83 Letter to the Editor Tips on Topical Reporting reply to Day's letter I Traffic Analysis D G EO ' 1 4 c May 83 Computerizing Traffic Analysis P L 86-36 I Satell it e s -----Nov 83 Letter to t Editor' Icomputerizing of Apr 831L -_ _--L _ TA May 83 Issue t Security Jun 83 Do You Know the Differences D S ------Jun 83 Letter to the Editor Security of Classified Information Aug 83 Correctiou Do You Know the Differences Jun-Jul 83 Issue 1 '---- - S i A survey ofParal1elSe rtingrl S B L '---- 86-36 Soviet Apr 83 Government of theI'ceople By The Party For The LeadElrship 1 Aug 83 Letter to the itQr Government of the People o reply toJ letter I I I I Aug 83 Letter to the Edit or Government of the People Apr 83 Issue I Oct 83 Soviet Mil itary Goals And Their Effect on Negotiations for Arms Limitations 1 G L Dec 83 Soviet Psi Experiments s panish Jun 83 I EO 1 4 c P L 86-36 PI-Jun 84-83-52043 L - _ - - - - - - - - - ----_ P L UIS Apr 83 UIS User Interface System Part One Concept I I Apr 83 UIS User Interface System Part Two Architecture I SIGINT Mar 83 SIGINT Challenge tA scenari 1 J L Training Mar 83 Announcement Students NCEUR Independent Study Programs I UNIX Mar 83 Shell Using If I Oct 83 Letter to the EditPr UNIX ED I Manual Page Comment Dec 83 Shell Game System Shells W E - - _ 1 Video Teleconferencing Mar 83 Video Teleconferencing N A Applications Snodgrass C L Jun 83 Letter to the Editor Videi- 0'-Teleconferencing Mar 83 Issue J R c _ oo ' - - - - - - Weather ar 83 Weathe mAm ey Intelligence Indicator P L 86-36 Writing Nov 83 The Literary Bends Murphy A I Nov 83 The White House Is Singing Our Song Murphy A I 86-36 Feb 84 CRYPTOLOG Page 29 IWlB156 VIA eeltIU1' E lh'I NlfBbS aRb'l fmam g r mm Fa Rama WU This document is from the holdings of The National Security Archive Suite 701 Gelman Library The George Washington University 2130 H Street NW Washington D C 20037 Phone 202 994-7000 Fax 202 994-7005 nsarchiv@gwu edu