Filtered By
Encryption and Cryptanalysis X
Document Topic [filter]
Results
61 Total
0.0

Strawhorse: Attacking the MacOS and iOS Software Development Kit

Document

Release Date: 2015-03-10 Document Date: 2012-02-10
This NSA summary of a talk presented at the 2012 TCB Jamboree describes a Sandia National Laboratories approach to attacking Apple technology using compromised developer tools: see the Intercept article iSpy: The CIA Campaign to Steal Apple’s Secrets, 10 March 2015.
[edit] (S//NF) Strawhorse: Attacking the MacOS and iOS Software Development Kit (S) Presenter: Sandia National Laboratories (S//NF) Ken Thompson's gcc attack (described in his 1984 Turing aw...
0.0

Roger Dingledine at NSA NOV 2007

Document

Release Date: 2013-10-04 Document Date: 2007-11-01
This NSA memo summarises a talk given by Roger Dingledine of the Tor Project on 1 November 2007: see the Secret NSA documents show campaign against Tor encrypted network, 4 October 2013.
TOP SECRET // COMINT // REL TO USA, AUS, CAN, GBR, NZL Roger Dingledine at NSA NOV 2007 From PE Contents * 1 (U) Talk by Roger Dingledine at NSA, 11/01/2007 at R&E (Sponsored by NSA RT) o 1...
0.0

TLS Trends at GCHQ

Document

Release Date: 2014-12-28
This undated GCHQ presentation explains the agency’s FLYING PIG database and its role in undermining SSL/TLS encryption: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TS//SI//REL TLS trends at GCHQ TS//S1//REL TS//SI//REL Source of data Our TLS events come from our TLS app - Runs on special source (approx. 200 x 10G) and Comsat data -Produ...
0.0

TLS Trends: A roundtable discussion on current usage and future directions

Document

Release Date: 2014-12-28
This CSEC presentation from 2012 outlines the agency’s capabilities against SSL encryption at that point: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET//SI//REL TO CAN, AUS, GBR, NZL, USA rs TLS Trends: A roundtable discussion on current usage and future directions Communications Security Establishment Canada (CSEC) ...
0.0

POISONNUT

Document

Release Date: 2014-12-28
This undated page from NSA’s internal WikiInfo describes POISONNUT, “the Virtual Private Network Attack Orchestrator (VAO)”: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
POISONNUT - Wikiinfo The accredited security level of this system is: TOP SECRET//SI-GAMMA/TALENT KEYHOLP//nRmv/PRnPiN/BFi inn/RPi rn tt*;4 fvfv * TOP SECRETJ/SI//REL TO USA, FVEY (u) POISON...
0.0

VALIANTSURF

Document

Release Date: 2014-12-28
These three undated NSA slides provide an overview of the VALIANTSURF system: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET//COMINT//REL TO USA, FVEY VALIANTSURF (VS): VALIANTSURF Capability Level Beneficiaries CES & LONGHAUL OTP & SSG TOPIs Link Access CES A Key Recovery, no on-site decrypti...
0.0

GALLANTWAVE

Document

Release Date: 2014-12-28
This undated presentation from NSA’s Digital Network Crypt Applications (DNCA) concerns the GALLANTWAVE tool, which decrypts VPN traffic within LONGHAUL: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL GALLANTWAVE@scale GALLANTWAVE @ volume Requirements @Scale Deploy more widely - Leverage peering with partner @Volume Increas...
0.0

BULLRUN

Document

Release Date: 2014-12-28
This undated presentation from GCHQ’s PTD (Penetrating Target Defences) unit gives an overview of BULLRUN efforts to defeat encryption: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET STRAP1 BULLRUN PTD Lead for Special Operations and Policy PTD "We penetrate targets' defences." This information is exempt from disclosure under the Freedom of Information A...
0.0

BULLRUN CoI – Briefing Sheet

Document

Release Date: 2013-09-05
This undated GCHQ document provides a classification guide for BULLRUN – NSA and GCHQ’s attempts to weaken or defeat cryptographic protocols – and specifies some of its achievements: see the ProPublica article Revealed: The NSA’s Secret Campaign to Crack, Undermine Internet Security, 5 September 2013.
TOP SECRET STRAP1 COMINT BULLRUN Col - Briefing Sheet Introduction 1. The ability to exploit targets’ encrypted communications is extremely fragile and is often enabled through sensiti...
0.0

WOLFRAMITE

Document

Release Date: 2014-12-04 Document Date: 2011-03-09
This extract from a GCHQ document dated 9 March 2011 describes WOLFRAMITE, an agency project to defeat the A5/3 GSM cipher: see the Intercept article Operation Auroragold: How the NSA Hacks Cellphone Networks Worldwide, 4 December 2014.
TOP SECRET STRAP 1 Strategic Objective Goal/Aim Programme Outcomes Target Capability deliveries for 2011/12 Meet the Mobile Broadband challenge. • Scaling up the exploitation of handse...
0.0

Tor Stinks

Document

Release Date: 2013-10-04 Document Date: 2012-06-01
A presentation entitled ‘Tor Stinks’ outlines the capabilities and difficulties of attacking the Tor anonymity network: see the Guardian article NSA and GCHQ target Tor network that protects anonymity of web users, 4 October 2013.
TOP SECRET//COMINT// REL FVEY Stinks JUN 2012 Derived From: NSA/CSSM 1-52 Dated: 20070108 Declassify On: 20370101 TOP SECRET//COMINT// REL FVEY TOP SECRET//COMINT// REL FVEY To...
0.0

Peeling Back the Layers of Tor with EGOTISTICALGIRAFFE

Document

Release Date: 2013-10-04 Document Date: 2007-01-08
This Tailored Access Operations presentation shows how the NSA uses a technique codenamed EgotisticalGiraffe to attack Tor users through vulnerable computer software: see the Guardian article NSA and GCHQ target Tor network that protects anonymity of web users, 4 October 2013.
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL (TS//SI//REL) Peeling Back the Layers of TOR with EGOTISTICALGIRAFFE ■¿cCE&v.^ Overall Classification This briefing is classified ...
0.0

Computer Network Operations SIGINT Enabling project

Document

Release Date: 2013-09-05 Document Date: 2012-02-01
An outline for the SIGINT Enabling project, which aims to “influence and/or overtly leverage” the design of commercial IT products. A small section of this document was later un-redacted by The Intercept: see the ProPublica article Revealed: The NSA’s Secret Campaign to Crack, Undermine Internet Security, 5 September 2013.
TOP SECRET//SI/TK//NOFORN (U) COMPUTER NETWORK OPERATIONS (U) SIGINT ENABLING This Exhibit is SECRET//NOFORN FY20111 Actual FY 2012 Enacted FY 2013 Request FY 2012 - FY 2013...
0.0

Classification guide for cryptanalysis

Document

Release Date: 2013-09-05 Document Date: 2005-09-13
Guide describing classification of various NSA cryptanalysis capabilities: see the Guardian article Revealed: how US and UK spy agencies defeat internet privacy and security, 5 September 2013.
TOP SECRET//COMINT//20291123 NATIONAL SECURITY AGENCY CENTRAL SECURITY SERVICE (U//FOUO) CLASSIFICATION GUIDE FOR CRYPTANALYSIS, 2-12 Effective Date: 13 September 2005 CLASSIFIED BY:...
0.0

Tracking Targets Through Proxies and Anonymizers

Document

Release Date: 2016-06-28
This undated NSA presentation, written by the author of ‘I hunt sys admins’, outlines tactics for tracking users of Tor and other anonymising technologies: see the Intercept article The Hunter, 28 June 2016.
TOP SECRET//COMINT//RELTO USA, FVEY Tracking Targets Through Proxies & Anonymizers (and the air speed velocity of an unladen swallow) Also known as: I I I PaAatasvoaus TOP SECRET//COM...
0.0

Profiling SSL and Attributing Private Networks

Document

Release Date: 2014-12-28
This undated GCHQ presentation introduces the FLYING PIG and HUSH PUPPY tools: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET//SI//REL TO USA, AUS, CAN, GBR, NZL PROFILING SSL AND ATTRIBUTING PRIVATE NETWORKS An introduction to FLYING PIG and HUSH PUPPY ICTR - Network Exploitation GCHQ T R J...
0.0

VPN SigDev Basics

Document

Release Date: 2014-12-28
This undated NSA presentation describes how to perform attacks against VPNs: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL (TS//SI//REL)VPN SigDev Basics S31244 - OTTERCREEK Derived From: NSA/CSSM 1-52 Dated: 20070108 ______Declassify On: 20341101 TOP S...
0.0

Analytic Challenges from Active-Passive Integration

Document

Release Date: 2014-12-28
This undated NSA presentation from the agency’s Information Technology Directorate, aimed at analysts, describes techniques for decrypting IPSec VPN traffic: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
This Briefing is Classified TOP SECRET//COMINT//REL USA, FVEY Analytic Challenges from Active-Passive Integration S324 This Briefing is Classified TOP SECRET//COMINT//REL USA,FVEY DER...
0.0

Tor: Overview of Existing Techniques

Document

Release Date: 2014-12-28 Document Date: 2012-01-01
This undated GCHQ presentation indicates the agency’s Tor research efforts as of 2012: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET STRAP1 Tor: Overview of Existing Techniques (15 minutes) TOP SECRET STRAP 1 C! X R «two THIS INCDRHftTION IS EXEMPT UNDER THE FREEDOM QC I hJTOR M ATIG R FTF n -SV “Q A ...
0.0

A potential technique to deanonymise users of the TOR network (presentation)

Document

Release Date: 2014-12-28
This undated GCHQ presentation proposes a deanonymisation attack against Tor users based on the collection of data from exit nodes owned by the agency: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
UK TOP SECRET STRAP1 COMINT A potential technique to deanonymise users of the TOR network OPC-MCR, GCHQ This information is exempt from disclosure under the Freedom of Information Act 20...
0.0

Making Things Measurable: Technology Trending Challenges and Approaches

Document

Release Date: 2014-12-28 Document Date: 2012-06-06
This 40-page NSA presentation for the June 2012 SIGDEV conference includes a ranking of cryptographic protocols in order of ‘risk’ the they pose to the agency’s operations: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET//COMINT//REL FVEY//20340601 SIGDEV Conference 2012 (U) Making Things Measureable: Technology Trending Challenges and Approaches June 2012 TOP SECRET//COMINT//REL FVEY/...
0.0

Turmoil IPSec VPN Sessionization

Document

Release Date: 2014-12-28 Document Date: 2008-08-15
This NSA presentation from 15 August 2008 includes descriptions of VPN packets: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL//20291123 TURMOIL IPSEC VPN SESSIONIZ AT ION Issue No.l........... Issue Date 08/15/08.. Responsible Authority Author Tec...
0.0

Virtual Private Network Transform Engine Emulator

Document

Release Date: 2014-12-28
This undated page from NSA’s internal WikiInfo describes the Transform Engine Emulator (TEe) process for undermining VPNs: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
Virtual Private Network Transform Engine Emulator - Wikilnfo The accredited security level of this system Is: TOP SECRET//SI-GAMMA/TALENT KEYHOLE//ORCON /PROPIN/RELIDO/REL TO USA, FVEY * ...
0.0

VS MALIBU IKE And ESP Metadata Flows

Document

Release Date: 2014-12-28
These four undated NSA slides show a workflow for defeating VPN encryption: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL VS MALIBU IKE And ESP Metadata Flows /20291123 TUBE TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL//20291123 TOP SECRET//COMIN...
0.0

Intro to the VPN Exploitation Process

Document

Release Date: 2014-12-28 Document Date: 2010-09-13
This 13 September 2010 presentation from the NSA’s OTP VPN Exploitation Team explains the work of the division: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET//COMINT//REL USA, AUS, CAN, GBR, NZL Intro to the VPN Exploitation Process OTP VPN Exploitation Team S31176 September 13, 2010 TOP SECRET//COMINT//REL USA, AUS, CAN, G...
0.0

A potential technique to deanonymise users of the TOR network (proposal)

Document

Release Date: 2014-12-28 Document Date: 2011-06-13
This GCHQ paper dated 13 June 2011 proposes an attack to deanonymise Tor users: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
UK TOP SECRET STRAP1 COMINT Reference: OPC-M/TECH.B/61 Date: 13 June 2011 Copy no: A potential technique to deanonymise users of the TOR network OPC-MCR, GCHQ Summary A new techn...
0.0

Tor deanonymisation research (MIP)

Document

Release Date: 2014-12-28
This undated page from GCHQ’s internal GCWiki gives an indication of the agency’s thinking on the feasibility of Tor deanonymisation attacks: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOR deanonymisation research (MIP) - GCWiki TOP SECRET STRAP1 COMINT The maximum classification allowed on GCWiki is TOP SECRET STRAP1 COMINT. Click to report inappropriate content. TOR ...
0.0

Intercept with OTR encrypted chat

Document

Release Date: 2014-12-28
This undated PRISM intercept from the NSA suggests the agency was unable to decrypt the content of an OTR-encrypted chat session: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET//COMINT//REL TO USA, AUS//20320108 Target User Target User IP Address [MINIMIZED US IP ADDRESS] Start Mar 16, 2012 13:31:17 GMT Stop Mar 16, 2012 13:34:26 GMT Other User IP A...
0.0

National Information Assurance Research Laboratory (NIARL) Newsletter – September 2008

Document

Release Date: 2014-12-28 Document Date: 2008-09-01
This September 2008 newsletter from the National Information Assurance Research Laboratory (NIARL), an unit within the NSA’s Research Directorate gives an indication of the agency’s progress with cryptanalysis – which, with “only a handful of in-house techniques” – appears to be modest: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet […]
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL//20320108 September 2008 Edition ■ (U) Message from the NIARL Director: (U//FOUO) Welcome to the September 2008 edition of the National ...
0.0

Cryptographic Modernization (CryptoMod) Classification Guide

Document

Release Date: 2014-12-28 Document Date: 2010-02-01
This NSA classification guide dated 1 February 2010 details the sensitivity of particular aspects of the joint NSA/Department of Defense Crytographic Modernization Program: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
UNCLASSIFIED//FOR OFFICIAL USE ONLY National Security Agency Central Security Service (U) Cryptographic Modernization (CryptoMod) Classification Guide 3-9 Effective Date: 1 Februar...

e-Highlighter

Click to send permalink to address bar, or right-click to copy permalink.

Un-highlight all Un-highlight selectionu Highlight selectionh