Reliable Replacement Warheads

Old Montreal

Since July 16th, 1945 the United States has been a nuclear power. The first American thermonuclear weapon was detonated in 1952. During the span of the Cold War, tens of thousands of hydrogen bombs were assembled and mounted inside artillery shells, torpedoes, submarine launched missiles, cruise missiles, land-based ICBMs, and aircraft-mounted bombs. Now, these weapons are starting to age and a debate has emerged on what should be done with them.

Many of these weapons are highly complex. A standard submarine-based missile has a conical warhead. Inside is a uranium casing that serves to contain the original blast until a maximum amount of fission has occurred. At the bottom of that casing is a ‘pit’ of plutonium which is at a sub-critical density. Around that is a casing of brittle, toxic, neutron-reflecting beryllium. Inside it may be a cavity containing tritium and deuterium gas (in the case of a “boosted” primary). Around the beryllium outer sphere is a shell of high explosives designed to explode with fantastic precision, crush the plutonium pit to supercritical density, and initiate the fission reaction.

This whole assembly exists to initiate fusion in the ‘secondary,’ located higher in the outer uranium casing. The material that undergoes fusion – usually lithium deuteride – is wrapped around another sphere of uranium and is, in turn, wrapped in more uranium. All this is to create the largest possible yield in a relatively small and light package. The small size and conical shape allow eight or more of these devices to be placed on a single missile and then independently targeted once that missile is at the height of its ascent.

The 2008 budget allocated $6.5 billion for the maintenance of the American nuclear stockpile. That consists of 9,900 assembled warheads – 5,700 of them deployed operationally. In addition to these, about 7,000 plutonium pits are stored at the Pantex Plant in Amarillo, Texas. As the weapons age, concerns are developing about their reliability. They all contain high explosives, toxic chemicals, and corrosive agents. While it is possible to upgrade many of the non-nuclear components and replace them with more stable variants, the newly assembled bombs could not legally be tested: potentially leaving military commanders in doubt about their usability.

That is, in essence, the core of the ongoing debate about the Reliable Replacement Warhead (RRW). The program would begin by refurbishing 100 kiloton W76 warheads, which is already undergoing a less ambitious retrofitting. The hope is that the program can produce weapons with long durability and lower maintenance costs, and be able to do so without requiring full-scale tests of the devices, as were conducted in Nevada and the Marshall Islands during the Cold War. I won’t get into the details of the debate here. More than sufficient information exists online and in recent newspapers and magazines. What is less frequently considered are some of the aspects of international law relevant to nuclear weapons.

The whole program should remind people about an oft-forgotten element of the Nuclear Non-Proliferation Treaty. Everyone remembers the bit about signatories without nuclear weapons pledging not to acquire them. People forget that the treaty also obliges existing nuclear powers to reduce their arsenals as part of an overall progression towards de-nuclearization. Upgrading your nuclear arsenal to endure further decades of operational status is hardly consistent with this requirement. It also signals to other states that the United States continues to consider operationally deployed nuclear weapons an important part of their overall military strategy.

Individuals and organizations contemplating a sizable RRW program might also do well to re-read the Advisory Opinion on the Legality of the Threat or use of Nuclear Weapons set down by the International Court of Justice. While such legal considerations are relatively unlikely to affect whatever decisions are made in relation to the RRW, examining the status of the law can be a good way to reach decisions about the respective rights and obligations of states.

Some carbon capture and storage numbers

Empty Rideau Canal locks

For the period between now and 2030, the International Energy Agency predicts that energy demand will grow 1.7% annually. The also predict that 85% of the new demand will be met using fossil fuel generation: including a doubling of coal power output from 1,000 gigawatts to 2,200 gigawatts. Given the retirement of old plants, this is a net growth of 1,400 gigawatts of coal capacity. 1,200 of those gigawatts are likely to be conventional coal technologies, while the remaining 200 are expected to be Integrated Gasification Combined Cycle (IGCC) plants.

Since the Industrial Revolution got started in 1750, humanity has released about 150 gigatonnes of carbon dioxide into the atmosphere. This has increased the carbon dioxide concentration of the atmosphere from 280 parts per million to 380. Most scientists and economists agree that avoiding really dangerous climatic effects requires that emissions be stabilized between 450 and 550ppm. Last year, emissions were about 27.2 gigatonnes.

From the period when they are built until the time when they are slated for retirement, these new coal plants will emit 140 gigatonnes of carbon. One mechanism that has been emphasized for dealing with this is carbon capture and storage (CCS): whereby the carbon dioxide contained in the fossil fuels is re-buried once the energy in the fuels has been used.

According to Lynn Orr, director of the Global Climate and Energy Project at Stanford, using a quantity of infrastructure equal to that presently used to extract oil, we could sequester about 14% of humanity’s fossil fuel related emissions. That is about half the combined output from large factories and power stations – the kind of facilities where CCS is most likely to be used. According to an article in Nature, $80 billion dollars of investment per year would be sufficient to capture “several million tonnes of carbon per year.” Burying gigatonnes will presumably cost several orders of magnitude more.

If any meaningful CCS is to occur, those 1,400 gigawatts of new power stations must be built with at least the capability to be easily upgraded to use the technology. This is easier to do with IGCC plants than with conventional coal, though only four plants of the former sort have ever been built. Once power plants have the capability to employ CCS, it will be a matter of internalizing the social costs of carbon to the extent that it becomes more commercially appealing to sequester that to emit.

Mosul Dam

The Mosul Dam is one element of Iraq’s infrastructure that has survived the war so far, but which is apparently seriously threatened. Because was built on gypsum, which dissolves in water, it threatens to fail catastrophically as the result of small initial problems. A report from the US Army Corps of Engineers warned that the dam’s failure would drown Mosul under nearly 20m of water and parts of Baghdad under 4.5m. The 2006 report explained that:

In terms of internal erosion potential of the foundation, Mosul Dam is the most dangerous dam in the world. If a small problem [at] Mosul Dam occurs, failure is likely.

According to the BBC, the US Special Inspector General for Iraq Reconstruction (SIGIR) has stated that the dam’s foundations could give away at any moment. The report from the Corps of Engineers states that the dam’s failure could cause 500,000 civilian deaths. General David Petraeus and the American Ambassador to Iraq have both written to the Iraqi government expressing their severe concern.

The dam is 2,100m across and contains 12 billion cubic metres of water. It generates about 320 MW of electricity. Previous attempts at addressing the gypsum issue seem to have been botched. According to the Washington Post “little of the reconstruction effort led by the U.S. Embassy has succeeded in improving the dam.” Stuart Bowen, the special inspector general reviewing the efforts has said that “[t]he expenditures of the money have yielded no benefit yet.”

Today, the Iraq government has officially stated that concerns about a possible collapse are misplaced and that the dam is constantly monitored. Ongoing actions include reducing the amount of water in the reservoir and pumping grout into the foundation (a liquefied mixture of cement and other additives). Work is meant to begin next year on wrapping the foundations in concrete to make them more secure.

Obviously, a catastrophic dam collapse is the last thing Iraq needs. Hopefully, the dam will hold until a sensible refit can be carried out, and it will not find any wayward coalition munitions or insurgent bombs helping it towards disintegration.

Geoengineering: wise to have a fallback option

Sailing ship graffiti

Over at RealClimate they are talking about geoengineering: that’s the intentional manipulation of the global climatic system with the intent to counteract the effects of greenhouse gasses. Generally, it consists of efforts to either reflect more solar energy back into space or enhance the activity of biological carbon sinks. It has been mentioned here before.

The fundamental problem with all geoengineering schemes (from sulfite injections to plankton tubes to giant mirrors) is that they risk creating unexpected and negative side-effects. That said, it does seem intelligent to investigate them as a last resort. Nobody knows at what point critical physical and biological systems might tip into a cycle of self-reinforcing warming. Plausible examples include permafrost melting in the Arctic, releasing methane that heats the atmosphere still more, or the large-scale burning of tropical rainforests, both producing emissions and reducing the capacity of carbon sinks. If physical or biological systems became net emitters of greenhouse gasses, cutting human emissions to zero would not be sufficient to stop warming; it would simply continue until the planet reached a new equilibrium.

Given linear projections of climate change damages, we would probably be wisest to heed the Stern Review and spend adequately on mitigation. Given the danger of strong positive feedbacks, it makes sense to develop some fallback options for use in desperate times. It seems to me that various forms of geoengineering should be among them. Let us hope they never need to be used.

‘Enduring Freedom’ and Afghanistan

Montreal graffiti

Last night, I got into a brief conversation about the Taliban. It reminded me of a statement quoted at a Strategic Studies Group meeting I attended in Oxford:

People are being very careful not to be against the Taliban and ‘keep the balance’ so that they will not be punished for helping foreigners when the Taliban return.

-Police commander, Kandahar

This idea raises an important question about longevity. If the Taliban can outlast any deployment NATO will be able to maintain, it becomes essential to produce a government that will be able to hold its own against them in the long term. Otherwise, we are just delaying the transition back to Taliban rule. While I am definitely not an expert on the military or political situation in Afghanistan, it does not seem like the present Karzai government has that kind of capability, in the absence of direct military support from NATO.

The question thus becomes what, if anything, NATO can do to produce a (preferably democratic) Afghan government capable of enduring after their withdrawal. If that does not prove possible, the question becomes what we are hoping to achieve in Afghanistan, and whether any lasting good will result for the population as the result of the initial displacement of the Tabliban and the Al Qaeda elements they were supporting.

Securing against the wrong risk

This week’s Economist includes an unusually poor article on security. It explains that the upcoming Swiss election will be using quantum cryptography to transmit the results from polling stations to central tabulation centres. It alleges that this makes the whole electoral process more secure. This is wrong.

What this is essentially saying is that there would otherwise be a risk of manipulation of this data in transit. The chief polling officer at one station might send a set of figures that get altered by a malicious agent en route to the tabulation centre. Having an encrypted link prevents this man-in-the-middle attack. It does not prevent the polling officer from lying, or the person at the tabulation centre from manipulating the results they input into the counting machines. It doesn’t prevent ballot-stuffing, vote buying, or the compromise of computer systems used to collect or tally votes. In short, it provides no security for the parts of the electoral process that are actually vulnerable to attack. In the absence of good security at the more vulnerable points in the electoral process, using quantum cryptography is like putting a padlock on a paper bag.

Hopefully, they will print my brief letter taking them to task for allowing themselves to be seduced by technology, rather than think sensibly about security.

[Update: 29 October 2007] Bruce Schneier has written about this. Unsurprisingly, he agrees that using quantum cryptography does not increase the security of the Swiss election.

Unicity distance

Sky, moon, and wires

In order to be able to decipher a secret message through cryptanalysis, you need to have a sufficient quantity of data to evaluate whether it has been done properly. If all a cryptoanalyst has to work with is enciphered text (say, in the form of an intercepted message) the attempt to decipher it is called a ciphertext-only attack. For a variety of reasons, these are very tricky things to accomplish. The element described below is one of the most basic.

In order to understand why a message of sufficient length is important, consider a message that consists only of a single enciphered phone number: “724-826-5363.” These numbers could have been modified in any of a great number of ways: for instance, adding or subtracting a certain amount from each digit (or alternating between adding and subtracting). Without knowing more, or being willing to test lots of candidate phone numbers, we have no way of learning whether we have deciphered the message properly. On the basis of the ciphertext alone, 835-937-6474 is just as plausible as 502-604-3141.

Obviously, this is only a significant problem for short messages. One could imagine ways in which BHJG could mean ‘HIDE’ or ‘TREE’ or ‘TRAP.’ The use of different keys with the same algorithm could generate any four letter word from that ciphertext. Once we have a long enough enciphered message, however, it becomes a lot more obvious when we have deciphered it properly. If I know that the ciphertext:

UUEBJQPWZAYIVMNAZSUQPYJVOMDGZIQHWZCX

has been produced using the Vigenere cipher, and I find that it deciphers to:

IAMTHEVERYMODELOFAMODERNMAJORGENERAL

when I use the keyword MUSIC, it is highly likely that I have found both the key and the unenciphered text.

This concept is formalized in the idea of unicity distance: invented by Claude Shannon in the 1940s. Unicity distance describes the amount of ciphertext that we must have in order to be confident that we have found the right plaintext. This is a function of two things: the entropy of the plaintext message (something written in proper English is far less random than a phone number) and the length of the key being used for encryption.

To calculate the unicity distance for a mesage written in English, divide the length of the key in bits (say, 128 bits) by 6.8 (which is a measure of the level of redundancy in English). With about eighteen characters of ciphertext, we can be confident that we have found the correct message and not simply one of a number of possibilities, as in the phone number example. By definition, compressed files have redundancy removed; as such, you may want to divide the key length by about 2.5 to get their unicity distance. For truly random data, the level of redundancy is zero therefore the unicity distance is infinite. If I encipher a random number and send it to you, a person who intercepts it will never be able to determine – on the basis of the ciphertext alone – whether they have deciphered it properly.

For many types of data files, the unicity distance is comparable to that in normal English text. This holds for word processor files, spreadsheets, and many databases. Actually, many types of computer files have significantly smaller unicity distances because they have standardized beginnings. If I know that a file sent each morning begins with: “The following the the weather report for…” I can determine very quickly if I have deciphered it correctly.

Actually, the last example is particularly noteworthy. When cryptoanalysts are presented with a piece of ciphertext using a known cipher (say Enigma) and which is known to include a particular string of text (such as the weather report introduction), it can become enormously easier to determine the encryption key being used. These bits of probable texts are called ‘cribs‘ and they played an important role in Allied codebreaking efforts during the Second World War. The use of the German word ‘wetter’ at the same point in messages sent at the same time each day was quite useful for determining what that day’s key was.

Secrets and Lies

Ottawa church

Computer security is an arcane and difficult subject, constantly shifting in response to societal and technological forcings. A layperson hoping to get a better grip on the fundamental issues involved can scarcely do better than to read Bruce Schneier‘s Secrets and Lies: Digital Security in a Networked World. The book is at the middle of the spectrum of his work, with Beyond Fear existing at one end of the spectrum as a general primer on all security related matters and Applied Cryptography providing far more detail than non-experts will ever wish to absorb.

Secrets and Lies takes a systematic approach, describing types of attacks and adversaries, stressing how security is a process rather than a product, and explaining a great many offensive and defences strategies in accessible ways and with telling examples. He stresses the impossibility of preventing all attacks, and hence the importance of maintaining detection and response capabilities. He also demonstrates strong awareness of how security products and procedures interact with the psychology of system designers, attackers, and ordinary users. Most surprisingly, the book is consistently engaging and even entertaining. You would not expect a book on computer security to be so lively.

One critical argument Schneier makes is that the overall security of computing can only increase substantially if vendors become liable for security flaws in their products. When a bridge collapses, the construction and engineering firms end up in court. When a ten year old bug in Windows NT causes millions of dollars in losses for a company losing it, Microsoft may see fit to finally issue a patch. Using regulation to structure incentives to shape behaviour is an approach that works in a huge number of areas. Schneier shows how it can be made to work in computer security.

Average users probably won’t want to read this book – though elements of it would probably entertain and surprise them. Those with an interest in security, whether it is principally in relation to computers or not, should read it mostly because of the quality of Schneier’s though processes and analysis. The bits about technology are quite secondary and pretty easily skimmed. Most people don’t need to know precisely how smart cards or the Windows NT kernel are vulnerable; they need to know what those vulnerabilities mean in the context of how those technologies are used. Reading this book will leave you wiser in relation to an area of ever-growing importance. Those with no special interest in computers are still strongly encouraged to read Beyond Fear: especially if they are legislators working on anti-terrorism laws.

On technology and vulnerability

The first episode of James Burke’s Connections is very thought provoking. It demonstrates the inescapable downside of Adam Smith‘s pin factory: while an assembly line can produce far more pins than individual artisans, each of the assembly line workers becomes unable to produce anything without the industrial network that supports their work.

See this prior entry on Burke’s series

Protecting sources and methods

Rusty metal wall

By now, most people will have read about the Canadian pedophile from Maple Ridge who is being sought in Thailand. The story is a shocking and lamentable one, but I want to concentrate here on the technical aspect. INTERPOL released images of the man, claiming they had undone the Photoshop ‘twirl’ effect that had been used to disguise him initially in compromising photos. While this claim has been widely reported in the media, there is at least some reason to question it. It is also possible that INTERPOL is concealing the fact that it received unaltered photos from another source, which could have been anything from intercepted emails to files recovered from an improperly erased camera memory card. It could even have been recovered from the EXIF metadata thumbnails many cameras produce. It is also possible this particular effect is so easy to reverse (and that the technique is so widely known to exist) that INTERPOL saw no value in keeping their methods secret. A quick Google search suggests that the ‘twist’ effect is a plausible candidate for easy reversal.

Providing an alternative story to explain the source of information is an ancient intelligence tactic. For instance, during the Second World War an imaginary spy ring was created by the British and used to justify how they had some of the information that had actually been obtained through cracked ENIGMA transmissions at Bletchley Park. Some have argued that the Coventry Bombing was known about in advance by British intelligence due to deciphered messages, but they decided not to evacuate the city because they did not want to reveal to the enemy that their ciphers had been compromised. While this particular example may or may not be historically accurate, it illustrates the dilemma of somebody in possession of important intelligence acquired in a sensitive manner.

Cover stories can conceal sources and methods in other ways. A few years ago, it was claimed that Pervez Musharraf had escaped having his motorcade bombed, due to a radio jammer. While that is certainly possible, it seems unlikely that his guards would have reported the existence of the system if it had played such a crucial role. More likely, they got tipped off from an informant in the group responsible, an agent they had implanted in it, or some sort of communication intercept. Given how it is now widely known that email messages and phone calls worldwide are regularly intercepted by governments, I imagine a lot of spies and informants are being protected by false stories about communication intercepts.

In short, it is fair to say that any organization concerned with intelligence gathering will work diligently to protect their sources and methods. After all, these are what ensure their future access to privileged information in the future. While there is a slim chance INTERPOL intentionally revealed their ability to unscramble photographs as some sort of deterrent, it seems unlikely. This situation will simply encourage people to use more aggressive techniques to conceal their faces in the future. It is also possible that, in this case, they felt that getting the man’s image out was more important than protecting their methods. In my opinion, it seems most likely that ‘twist’ really is easy to unscramble and that they saw little value in not publicizing this fact. That said, it remains possible that a more complex collection of tactics and calculations has been applied.