The new @petestrzok _Compromized_ book shed some light on a small (and rather esoteric) cryptologic/espionage mystery that I've been wondering about for about 15 years.

Early in the book, as an almost throwaway bit of background color, Strzok talks working the Russian "illegals" case from 2000 until their arrest in 2010. In particular, he mentions surveilling Andrey Bezrukov and Elana Vavilova as they copied one-time pad "numbers" transmissions.

That's not unusual; OTP numbers stations (called One Way Voice Link in CIA parlance) are standard tradecraft for communicating with covert agents abroad. But he mentions two interesting details I'd not seen published before.

First, at least some of the time during that period, the Russian numbers were relayed by the Cuban numbers broadcasts (a powerful station co-located with Radio Havana's transmitters in Lourdes, Cuba that is easily heard in the US). This was well after the Soviet Union fell.

But that's not that surprising either. The Cuban shortwave station is extremely powerful, easily heard in the US, and operates so often (currently 12 hrs a day) that people have derived its schedule and posted it to the Internet. But around 2005, something odd started happening.

The station sticks to a rigorous schedule. Every hour, on the scheduled frequency, a numbers broadcast starts. Standard practice is to use random fill traffic if there's no actual message for the agent listening in a given timeslot. That thwarts traffic analysis. Except...

One time pad ciphertext should always uniformly distributed with the digits 0-9. But around 2005 or so, a large number of the Cuban broadcasts inexplicably did not include the digit "9". No "nueve" at all. The probability of that happening in real OTP ciphertext is infinitesimal.

But other transmissions would include 9s just as they always did. The most plausible explanation was that the 9-less messages were dummy fill traffic, and that something had gone wrong with the random number generator and it wasn't including all the digits. This is, um, bad.

The effect is that it's now easy to distinguish cover traffic from real traffic, leaking enormously useful information for traffic analysis. You really don't want that if you're trying to hide how many spies you have and how busy they are. Anyway, back to Strzok...

The Strzok book doesn't mention any of this stuff about the 9's, except to say that they were listening the Cuban transmissions at a particular time and also that there was a big error on the part of the sender: there were no messages sent when the spy couple was out of town.

I strongly suspect this was an oversimplification. What was likely going on was that the FBI/NSA figured out about the 9's (I noticed it out, so surely they did, too) and correlated the 9-less messages during their slot with times they were traveling. And that helped finger them.

The interesting thing here is that this now at least the second time that the Russians/Soviets have been burned by sloppy OTP practices. The first was, more famously, the re-use of OTPs in the Venona traffic.

Anyway, as they say on the radio...

FINAL
FINAL

Also, remember this story next time someone tries to sell you their super-secure one-time-pad-based crypto scheme. If actual Russian spies can't use it securely, neither can you.

By the way, that thing with the missing 9's lasted went on for about TEN YEARS.

Please forgive the typos in this hurried thread. I’ll eventually turn it into a more complete blog post.