Title: Crypt Ops Data Store User Guide

Release Date: 2014-12-28

Description: This undated GCHQ document provides guidance for analysts on how to handle encrypted data: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.

Document: SECRET

Crypt Ops Data StoreUserGuide

Crypt Ops Datastore

DataStore Rota:

-Data Store to be reviewed weekly at the DataStore management meeting

The Tasking Process

Submitting a Task

1. The customer follows the links to the Data Store page and clicks Add Record’,

2. The fields Crypt Task POC\ Updates’ and Team Plan Ref should all be left
blank, to be filled in later by Crypt Ops,

3, All fields marked with an * must be completed.

4. The Required by Date should be changed.

5, The Task Status’ should be left as New Task’ and the Record Status’ should
be left set to Draft’,

6, Once all necessary fields are completed click Submit',

Once submitted the task will be dealt with as follows:

Processing a Task

1, The DS (Data Store) Admin team is notified of that a Task has been

2. The on duty’ Admin reviews the task, assessing what category (see below) it
falls into and passes it along to the appropriate TL (team leader).















Counter Terrorism and Serious Crime

Electronic Attack

Global Targets

Hand Crypt and SMS

Middle East North Africa


Password Recovery Service

Generic Target Discovery

Tech nical Research

Virtual Private Networks

Generic or complex signature development,

possibly to include XKS fingerprinting (and TDI/BEGAL in the future?)

And possibly more, including:

1 of 4

This information is exempt from disclosure under the Fieedomof Infor™

other UK information legislation. Referdisclosu re requests to GCllQ on I



TTT ??

tech tracking or trends data

Tech Tracking and Trends - Requests for


Requests BEARDED PIGGY accounts

3. The DS Admin notifies the TL of the task and updates it changing the POC to
the TL’s sid and adding a note to the Updates’ field in the following format:

Passed to on by ’

4. DS Admin then sends an email to the task originator notifying them which TL
is handling the task.

5. If the task Is inappropriate for Crypt Ops or is one that there will be no
resources available for in the foreseeable future then the TL changes the Task
Status to 'Rejected' and notifies the task originator explaining why the task has
been rejected. The task’s Record Status is then set to ‘Archive’.

6. If it is an appropriate achievable task the TL takes the following steps:

- Determine what priority the task should be

- Decide if the timescale is achievable given the available resources and

- Decide if the necessary resources are available

- If an appropriate person is available assign them

7a. If resources are not currently available but the task is one that Crypt Ops will
definitely complete sometime in the near future when resources are available the
TL should contact the tasks originator and inform them of when, realistically,
resources will be available and work started.

7b. If they still wish the task to be undertaken then a new timescale should be

7c. The Task Status should then be set to ‘Suspended' and the Record Status is
left as ‘Draft’.

7. These tasks will be checked as part of the Data Store review to ensure that
work starts on them as soon as resources become available.

9. Once this is done the tasks Record Status is set to ‘Current’, the Task Status
is set to Assigned’ and the update field should be filled in as follows:


Work to be carried out by ^assignees sid> starting on assigned

This information is exempt from disclosure under the Fieedom of Information^tajOOandma 1 ' 'ecttoexemptbnundcr

other UK information legislation. Refer disclosure requests to GCHQ

2 of 4



10, The TL then informs the task originator of the update.

11, Once the assignee begins work the Task Status should be set to ‘In

12, The DS Admin’s review all task weekly to ensure they are being acted on and
that all timescales and on schedule. If a timescale is deemed unrealistic then
the TL should be informed and should negotiate a new deadline with the task

13, Once a task is completed the Task Status should be set to Complete’ and
the Record Status changed to ‘Archive’.

14, The task originator should be informed that the task is officially complete and
where possible feed back obtained.

15, IMPORTANT: Remember to keep both the Record Status’ and Task Status’
fields up to date and make sure that the record is in the correct category. The
NEW TASK status should only be used on new tasks still in DRAFT, once
ASSIGNED the task should be moved immediately to CURRENT, once work
is started the task status should be IN PROGRESS and once COMPLETE it
should be moved to ARCHIVE.

Searching DataStore (Only applicable fo those with view privileges)

There are two search options at the top of the page; Text Search and Date Search.

Text Search - this allows searching on a number of fields (listed below) both in the
page and within the records themselves. This search type is useful for finding all the
tasks owned by a specific individual or all the tasks of a specific type (providing the
category tag has been applied to the Task Title’,

Task Title
Team Requesting
Task Status
Crypt Task POC
Task Classification
JIC Points
JIC Priority

HRA Justification
Expected Outcome
Business Case
Estimated Resources
Team Plan Ref

3 of 4

This information is exempt from disclosure under the Fieedomof Inform^ior^^^^O^^i^n^^^ubiecn^xernDtiorMjnder
other UK information legislation. Refer disclosure requests to GCHQ



Date Search - there are three sub categories of tin is search; No date search’ (which
searches for record with no date set in the chosen field), Search for a single date’, or
Search over a date range’. These searches can be conducted on several fields;
Required by Date’, Date Submitted’, Date last updated’ and Date Task Completed’,
This search is useful for finding all the tasks that need to be completed by a specific

The search types can be used in concert e g, tasks with SIG in the title with a
required by date between 01/05/2011 and 06/10/2011, this is achieved by running
one search and then the other.

4 of 4

This information is exempt from disclosure under the Freedom of Inform^jor^^^^C^^j^n^^^ubiecn^xernptiorMjnder
other UK information legislation. Refer disclosure requests to GCHQ on



Click to send permalink to address bar, or right-click to copy permalink.

Un-highlight all Un-highlight selectionu Highlight selectionh