Snowden Doc Search

Strawhorse: Attacking the MacOS and iOS Software Development Kit

Document

Release Date: 2015-03-10 Document Date: 2012-02-10

This NSA summary of a talk presented at the 2012 TCB Jamboree describes a Sandia National Laboratories approach to attacking Apple technology using compromised developer tools: see the Intercept article iSpy: The CIA Campaign to Steal Apple’s Secrets, 10 March 2015.

[edit] (S//NF) Strawhorse: Attacking the MacOS and iOS Software Development Kit (S) Presenter: Sandia National Laboratories (S//NF) Ken Thompson's gcc attack (described in his 1984 Turing aw...

Roger Dingledine at NSA NOV 2007

Document

Release Date: 2013-10-04 Document Date: 2007-11-01

This NSA memo summarises a talk given by Roger Dingledine of the Tor Project on 1 November 2007: see the Secret NSA documents show campaign against Tor encrypted network, 4 October 2013.

TOP SECRET // COMINT // REL TO USA, AUS, CAN, GBR, NZL Roger Dingledine at NSA NOV 2007 From PE Contents * 1 (U) Talk by Roger Dingledine at NSA, 11/01/2007 at R&E (Sponsored by NSA RT) o 1...

POISONNUT

Document

Release Date: 2014-12-28

This undated page from NSA’s internal WikiInfo describes POISONNUT, “the Virtual Private Network Attack Orchestrator (VAO)”: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.

POISONNUT - Wikiinfo The accredited security level of this system is: TOP SECRET//SI-GAMMA/TALENT KEYHOLP//nRmv/PRnPiN/BFi inn/RPi rn tt*;4 fvfv * TOP SECRETJ/SI//REL TO USA, FVEY (u) POISON...

VALIANTSURF

Document

Release Date: 2014-12-28

These three undated NSA slides provide an overview of the VALIANTSURF system: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.

TOP SECRET//COMINT//REL TO USA, FVEY VALIANTSURF (VS): VALIANTSURF Capability Level Beneficiaries CES & LONGHAUL OTP & SSG TOPIs Link Access CES A Key Recovery, no on-site decrypti...

GALLANTWAVE

Document

Release Date: 2014-12-28

This undated presentation from NSA’s Digital Network Crypt Applications (DNCA) concerns the GALLANTWAVE tool, which decrypts VPN traffic within LONGHAUL: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.

TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL GALLANTWAVE@scale GALLANTWAVE @ volume Requirements @Scale Deploy more widely - Leverage peering with partner @Volume Increas...

VPN SigDev Basics

Document

Release Date: 2014-12-28

This undated NSA presentation describes how to perform attacks against VPNs: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.

TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL (TS//SI//REL)VPN SigDev Basics S31244 - OTTERCREEK Derived From: NSA/CSSM 1-52 Dated: 20070108 ______Declassify On: 20341101 TOP S...

Analytic Challenges from Active-Passive Integration

Document

Release Date: 2014-12-28

This undated NSA presentation from the agency’s Information Technology Directorate, aimed at analysts, describes techniques for decrypting IPSec VPN traffic: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.

This Briefing is Classified TOP SECRET//COMINT//REL USA, FVEY Analytic Challenges from Active-Passive Integration S324 This Briefing is Classified TOP SECRET//COMINT//REL USA,FVEY DER...

Tracking Targets Through Proxies and Anonymizers

Document

Release Date: 2016-06-28

This undated NSA presentation, written by the author of ‘I hunt sys admins’, outlines tactics for tracking users of Tor and other anonymising technologies: see the Intercept article The Hunter, 28 June 2016.

TOP SECRET//COMINT//RELTO USA, FVEY Tracking Targets Through Proxies & Anonymizers (and the air speed velocity of an unladen swallow) Also known as: I I I PaAatasvoaus TOP SECRET//COM...

Making Things Measurable: Technology Trending Challenges and Approaches

Document

Release Date: 2014-12-28 Document Date: 2012-06-06

This 40-page NSA presentation for the June 2012 SIGDEV conference includes a ranking of cryptographic protocols in order of ‘risk’ the they pose to the agency’s operations: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.

TOP SECRET//COMINT//REL FVEY//20340601 SIGDEV Conference 2012 (U) Making Things Measureable: Technology Trending Challenges and Approaches June 2012 TOP SECRET//COMINT//REL FVEY/...

EP-3E Collision: Cryptologic Damage Assessment and Incident Review

Document

Release Date: 2017-04-10 Document Date: 2001-07-01

A joint US Navy and NSA report, prepared three months after a US spy plane was forced to crash land in China, assesses the degree to which surveillance secrets were compromised: see the Intercept article Burn After Reading: Snowden Documents Reveal Scope of Secrets Exposed to China in 2001 Spy Plane Incident, 10 April 2017. […]

TOP SECRET//COMINT//NOFORN//X1 EP-3E Collision: Cryptologic Damage Assessment and Incident Review Final Report Prepared by the EP-3 Cryptologic Assessment Team July 2001 Classifie...

Turmoil IPSec VPN Sessionization

Document

Release Date: 2014-12-28 Document Date: 2008-08-15

This NSA presentation from 15 August 2008 includes descriptions of VPN packets: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.

TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL//20291123 TURMOIL IPSEC VPN SESSIONIZ AT ION Issue No.l........... Issue Date 08/15/08.. Responsible Authority Author Tec...

Virtual Private Network Transform Engine Emulator

Document

Release Date: 2014-12-28

This undated page from NSA’s internal WikiInfo describes the Transform Engine Emulator (TEe) process for undermining VPNs: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.

Virtual Private Network Transform Engine Emulator - Wikilnfo The accredited security level of this system Is: TOP SECRET//SI-GAMMA/TALENT KEYHOLE//ORCON /PROPIN/RELIDO/REL TO USA, FVEY * ...

VS MALIBU IKE And ESP Metadata Flows

Document

Release Date: 2014-12-28

These four undated NSA slides show a workflow for defeating VPN encryption: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.

TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL VS MALIBU IKE And ESP Metadata Flows /20291123 TUBE TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL//20291123 TOP SECRET//COMIN...

Intro to the VPN Exploitation Process

Document

Release Date: 2014-12-28 Document Date: 2010-09-13

This 13 September 2010 presentation from the NSA’s OTP VPN Exploitation Team explains the work of the division: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.

TOP SECRET//COMINT//REL USA, AUS, CAN, GBR, NZL Intro to the VPN Exploitation Process OTP VPN Exploitation Team S31176 September 13, 2010 TOP SECRET//COMINT//REL USA, AUS, CAN, G...

Intercept with OTR encrypted chat

Document

Release Date: 2014-12-28

This undated PRISM intercept from the NSA suggests the agency was unable to decrypt the content of an OTR-encrypted chat session: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.

TOP SECRET//COMINT//REL TO USA, AUS//20320108 Target User Target User IP Address [MINIMIZED US IP ADDRESS] Start Mar 16, 2012 13:31:17 GMT Stop Mar 16, 2012 13:34:26 GMT Other User IP A...

National Information Assurance Research Laboratory (NIARL) Newsletter – September 2008

Document

Release Date: 2014-12-28 Document Date: 2008-09-01

This September 2008 newsletter from the National Information Assurance Research Laboratory (NIARL), an unit within the NSA’s Research Directorate gives an indication of the agency’s progress with cryptanalysis – which, with “only a handful of in-house techniques” – appears to be modest: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet […]

TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL//20320108 September 2008 Edition ■ (U) Message from the NIARL Director: (U//FOUO) Welcome to the September 2008 edition of the National ...

Cryptographic Modernization (CryptoMod) Classification Guide

Document

Release Date: 2014-12-28 Document Date: 2010-02-01

This NSA classification guide dated 1 February 2010 details the sensitivity of particular aspects of the joint NSA/Department of Defense Crytographic Modernization Program: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.

UNCLASSIFIED//FOR OFFICIAL USE ONLY National Security Agency Central Security Service (U) Cryptographic Modernization (CryptoMod) Classification Guide 3-9 Effective Date: 1 Februar...

Crypt Discovery Joint Collaboration Activity

Document

Release Date: 2014-12-28 Document Date: 2011-01-20

This document dated 20 January 2011 provides the research agenda for a joint NSA/GCHQ group tasked with developing “a sound understanding of the threat that encryption brings to our ability to do target discovery/development as well as devising mitigations”: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December […]

TOP SECRET Crypt Discovery Joint Collaboration Activity 20 January 2011 Activity Owners [NSA GCHQ Overview Our Internet Exploitation capability is built upon our ability to eff...

LONGHAUL

Document

Release Date: 2014-12-28

This undated NSA wiki page describes LONGHAUL, an “end-to-end attack orchestration and key recovery service for Data Network Cipher and Data Network Session Cipher traffic”: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.

LONG HAUL - Wikiinfo The accredited security level of this system is: TOP SECRET//SI-GAMMA/TALENT KEYHOLE//ORCON/PROPIN /RELIDO/REL TO USA, FVEY * TOP SECRET//SI//REL TO USA, FVEY (U) ...

Turmoil VPN Processing

Document

Release Date: 2014-12-28 Document Date: 2009-10-27

This NSA presentation dated 27 October 2009 outlines the use of intercepted IPSec VPN data within the agency: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.

TURMOIL VPN PROCESSING 27 October 2009 The overall classification for this brief is: [TOPSECRET//COMINT//REL TO USA, FVEY] TOP SECRET//COMINT//REL TO USA FVEY Agenda • VPN Technolo...

Crypt Discovery Joint Collaboration Activity

Document

Release Date: 2015-09-25 Document Date: 2011-01-20

This joint NSA/GCHQ research paper dated 20 January 2011 cites encryption as a threat impacting on both agencies: see the Intercept article Profiled: From Radio to Porn, British Spies Track Web Users’ Online Identities, 25 September 2015.

crypt-discovery-activity-p1-normal.gif: TOP SECRET Crypt Discovery Joint Collaboration Activity 20 January 2011 Activity Owners I H/nsa Overview Our Internet Exploitation capabil...

Secure Key Extraction by Physical De-Processing of Apple’s A4 Processor

Document

Release Date: 2015-03-10 Document Date: 2011-03-01

This extract from a 2011 NSA wiki page introduces a presentation on hacking the GID key in Apple processors by extracting it physically: see the Intercept article iSpy: The CIA Campaign to Steal Apple’s Secrets, 10 March 2015.

[edit] (S//NF) Secure key extraction by physical de-processing of Apple's A4 processor (U) Presenters: and (U) The Apple A4 processor contains an on-board, AES cryptographic key called the ...

Differential Power Analysis on the Apple A4 Processor

Document

Release Date: 2015-03-10 Document Date: 2011-03-01

This extract from a 2011 NSA wiki page introduces a presentation on hacking the GID key in Apple processors: see the Intercept article iSpy: The CIA Campaign to Steal Apple’s Secrets, 10 March 2015.

[edit] Presentation Abstracts - Tuesday, 15 March [edit] (S//NF) Differential Power Analysis on the Apple A4 Processor (U) Presenters: (U) The Apple A4 processor contains an on-board, A...

TCB Jamboree 2012

Document

Release Date: 2015-03-10

This internal NSA wiki page from 2012 invites employees to the annual CIA Engineering Development Group “Jamboree” for discussing advancements in the compromise of consumer hardware and software: see the Intercept article iSpy: The CIA Campaign to Steal Apple’s Secrets, 10 March 2015.

[edit] TCB Jamboree 2012 (S//NF) The Information Operations Center's Engineering Development Group (EDG) will hold its seventh annual Trusted Computing Base (TCB) Jamboree from February 7-9, 2...

TURMOIL GALLANTWAVE

Document

Release Date: 2014-12-28

This undated page from NSA’s internal WikiInfo describes tools for attacking VPNs: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.

TURMOIL GALLANTWAVE - Wikiinfo The accredited security level of this system is: TOP SECRET//SI-GAMMA/TALENT KEiHOLEZ/OHCON/PHOPIN/RELIDO/RELTOUSiV FVE¥ * TOPSECRETOSIf/RELTO USA, FVEY (U//F...

Classification guide for NSA/CSS quantum computing research

Document

Release Date: 2014-01-02 Document Date: 2011-09-21

This NSA classification guide dated 21 September 2011 describes the objectives of the agency’s quantum computing research efforts: see the Washington Post article NSA seeks to build quantum computer that could crack most types of encryption, 2 January 2014.

TOP SECRET//SI//REL TO USA, AUS, CAN, GBR, NZL NATIONAL SECURITY AGENCY CENTRAL SECURITY SERVICE (U) CLASSIFICATION GUIDE FOR NSA/CSS QUANTUM COMPUTING RESEARCH 10-25 Effective Date:...

TPM Vulnerabilities to Power Analysis and An Exposed Exploit to Bitlocker

Document

Release Date: 2015-03-10 Document Date: 2010-03-10

This NSA summary of a talk presented at the 2010 TCB Jamboree describes an attack on Microsoft’s Bitlocker encryption software: see the Intercept article iSpy: The CIA Campaign to Steal Apple’s Secrets, 10 March 2015.

[edit] Presentation Abstracts [edit] (U) Times (U) Each day will run from 9am to 5pm. In order to facilitate planning, the topics presented on each day are highlighted below. The abstracts ...

Fielded Capability: End-to-End VPN SPIN 9 Design Review

Document

Release Date: 2014-12-28

This undated NSA presentation describes the Spin 9 system for decrypting VPN data: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.

The overall classification for this brief is: TOPSECRET//COMINT//REL USA, AUS, CAN, GBR, NZL//20320108 SPIN 9 Design Review TOP SECRET//COMINT//REL USA, AUS, CAN, GBR, NZL//20320108 VPN ...

VALIANTSURF WikiInfo page

Document

Release Date: 2014-12-28

This undated page from NSA’s internal WikiInfo describes VALIANTSURF “the coverterm for the development of Data Network Cipher (DNC) exploitation capabilities in TURMOIL”: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.

VALIANTSURF - Wikiinfo The accredited security level of this system is: TOP SECRET//SI-GAMMA/TALENT KEYHOLE//ORCON/PROPIN/RELIDO/REL TO USA, FVEY * TOP SECRET1/SI/10RCON1REL TO USA, FVEY ...

Template:POISONNUT Product

Document

Release Date: 2014-12-28

This undated page from NSA’s internal WikiInfo describes POISONNUT and its role in attcks against VPNs: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.

TemplaterPOISONNUT Product - Wikiinfo The accredited security level of this system is: TOP SECRET//SI-GAMMA/TALENT KE YHO LE//ORC ON /PRO PI N/RELID O/REL TO USA, FVEY * TOP SECRET//SI//REL ...

e-Highlighter