Results
39 Total
0.0
Strawhorse: Attacking the MacOS and iOS Software Development Kit
Document
Release Date:
2015-03-10
Document Date:
2012-02-10
This NSA summary of a talk presented at the 2012 TCB Jamboree describes a Sandia National Laboratories approach to attacking Apple technology using compromised developer tools: see the Intercept article iSpy: The CIA Campaign to Steal Apple’s Secrets, 10 March 2015.
[edit] (S//NF) Strawhorse: Attacking the MacOS and iOS Software Development Kit
(S) Presenter: Sandia National Laboratories
(S//NF) Ken Thompson's gcc attack (described in his 1984 Turing aw...
0.0
Roger Dingledine at NSA NOV 2007
Document
Release Date:
2013-10-04
Document Date:
2007-11-01
This NSA memo summarises a talk given by Roger Dingledine of the Tor Project on 1 November 2007: see the Secret NSA documents show campaign against Tor encrypted network, 4 October 2013.
TOP SECRET // COMINT // REL TO USA, AUS, CAN, GBR, NZL
Roger Dingledine at NSA NOV 2007
From PE
Contents
* 1 (U) Talk by Roger Dingledine at NSA, 11/01/2007 at R&E (Sponsored by NSA RT)
o 1...
0.0
POISONNUT
Document
Release Date:
2014-12-28
This undated page from NSA’s internal WikiInfo describes POISONNUT, “the Virtual Private Network Attack Orchestrator (VAO)”: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
POISONNUT - Wikiinfo
The accredited security level of this system is: TOP SECRET//SI-GAMMA/TALENT KEYHOLP//nRmv/PRnPiN/BFi inn/RPi rn tt*;4 fvfv *
TOP SECRETJ/SI//REL TO USA, FVEY (u) POISON...
0.0
VALIANTSURF
Document
Release Date:
2014-12-28
These three undated NSA slides provide an overview of the VALIANTSURF system: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET//COMINT//REL TO USA, FVEY
VALIANTSURF (VS):
VALIANTSURF Capability Level Beneficiaries
CES & LONGHAUL OTP & SSG TOPIs Link Access CES
A Key Recovery, no on-site decrypti...
0.0
GALLANTWAVE
Document
Release Date:
2014-12-28
This undated presentation from NSA’s Digital Network Crypt Applications (DNCA) concerns the GALLANTWAVE tool, which decrypts VPN traffic within LONGHAUL: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL
GALLANTWAVE@scale
GALLANTWAVE @ volume
Requirements
@Scale
Deploy more widely
- Leverage peering with partner
@Volume
Increas...
0.0
VPN SigDev Basics
Document
Release Date:
2014-12-28
This undated NSA presentation describes how to perform attacks against VPNs: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL
(TS//SI//REL)VPN SigDev
Basics
S31244 - OTTERCREEK
Derived From: NSA/CSSM 1-52
Dated: 20070108
______Declassify On: 20341101
TOP S...
USD-1031TE, USD-1Q31TE, USF-790, USF-790, USF-790, USD-10D1TE, USD-10J1TE, USD-10D1TE, USF-790, UKC-12SW, UKC-125W, UKC-12SW, UKC-12SW, UKC-125W, UKC-125W, UKC-12SW, UKC-12SW, US-967J, UKC-12SW, UKC-12SW
0.0
Analytic Challenges from Active-Passive Integration
Document
Release Date:
2014-12-28
This undated NSA presentation from the agency’s Information Technology Directorate, aimed at analysts, describes techniques for decrypting IPSec VPN traffic: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
This Briefing is Classified TOP SECRET//COMINT//REL USA, FVEY
Analytic Challenges from
Active-Passive Integration
S324
This Briefing is Classified TOP SECRET//COMINT//REL USA,FVEY
DER...
0.0
Tracking Targets Through Proxies and Anonymizers
Document
Release Date:
2016-06-28
This undated NSA presentation, written by the author of ‘I hunt sys admins’, outlines tactics for tracking users of Tor and other anonymising technologies: see the Intercept article The Hunter, 28 June 2016.
TOP SECRET//COMINT//RELTO USA, FVEY
Tracking Targets Through Proxies
& Anonymizers (and the air speed
velocity of an unladen swallow)
Also known as: I I I PaAatasvoaus
TOP SECRET//COM...
0.0
Making Things Measurable: Technology Trending Challenges and Approaches
Document
Release Date:
2014-12-28
Document Date:
2012-06-06
This 40-page NSA presentation for the June 2012 SIGDEV conference includes a ranking of cryptographic protocols in order of ‘risk’ the they pose to the agency’s operations: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET//COMINT//REL FVEY//20340601
SIGDEV Conference 2012
(U) Making Things Measureable:
Technology Trending Challenges and
Approaches
June 2012
TOP SECRET//COMINT//REL FVEY/...
0.0
EP-3E Collision: Cryptologic Damage Assessment and Incident Review
Document
Release Date:
2017-04-10
Document Date:
2001-07-01
A joint US Navy and NSA report, prepared three months after a US spy plane was forced to crash land in China, assesses the degree to which surveillance secrets were compromised: see the Intercept article Burn After Reading: Snowden Documents Reveal Scope of Secrets Exposed to China in 2001 Spy Plane Incident, 10 April 2017. […]
TOP SECRET//COMINT//NOFORN//X1
EP-3E Collision:
Cryptologic Damage Assessment
and Incident Review
Final Report
Prepared by the
EP-3 Cryptologic Assessment Team
July 2001
Classifie...
Australia (AUS/AU), Belarus (BLR/BY), Cambodia (KHM/KH), Canada (CAN/CA), China (CHN/CN), Cuba (CUB/CU), Egypt (EGY/EG), Georgia (GEO/GE), India (IND/IN), Iran (IRN/IR), Iraq (IRQ/IQ), Italy (ITA/IT), Japan (JPN/JP), North Korea (PRK/KP), Korea (KOR/KR), New Zealand (NZL/NZ), Norway (NOR/NO), Pakistan (PAK/PK), Philippines (PHL/PH), Russia (RUS/RU), Sri Lanka (LKA/LK), Taiwan (TWN/TW), Thailand (THA/TH), Ukraine (UKR/UA), United Kingdom (GBR/GB), United States (USA/US), Vietnam (VNM/VN)
0.0
Turmoil IPSec VPN Sessionization
Document
Release Date:
2014-12-28
Document Date:
2008-08-15
This NSA presentation from 15 August 2008 includes descriptions of VPN packets: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL//20291123
TURMOIL
IPSEC VPN
SESSIONIZ AT ION
Issue No.l...........
Issue Date 08/15/08..
Responsible Authority
Author
Tec...
0.0
Virtual Private Network Transform Engine Emulator
Document
Release Date:
2014-12-28
This undated page from NSA’s internal WikiInfo describes the Transform Engine Emulator (TEe) process for undermining VPNs: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
Virtual Private Network Transform Engine Emulator - Wikilnfo
The accredited security level of this system Is: TOP SECRET//SI-GAMMA/TALENT KEYHOLE//ORCON
/PROPIN/RELIDO/REL TO USA, FVEY *
...
0.0
VS MALIBU IKE And ESP Metadata Flows
Document
Release Date:
2014-12-28
These four undated NSA slides show a workflow for defeating VPN encryption: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL
VS MALIBU IKE And ESP Metadata Flows
/20291123
TUBE
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL//20291123
TOP SECRET//COMIN...
0.0
Intro to the VPN Exploitation Process
Document
Release Date:
2014-12-28
Document Date:
2010-09-13
This 13 September 2010 presentation from the NSA’s OTP VPN Exploitation Team explains the work of the division: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET//COMINT//REL USA, AUS, CAN, GBR, NZL
Intro to the VPN Exploitation
Process
OTP VPN Exploitation Team
S31176
September 13, 2010
TOP SECRET//COMINT//REL USA, AUS, CAN, G...
AGILITY, BLEAKINQUIRY, CADENCE, CORALREEF, FOURSCORE, MAILORDER, PINWALE, SCISSORS, TOYGRIPPE, TURTLEPOWER, XKEYSCORE (XKS)
Afghanistan (AFG/AF), China (CHN/CN), India (IND/IN), Indonesia (IDN/ID), Iran (IRN/IR), Iraq (IRQ/IQ), Japan (JPN/JP), North Korea (PRK/KP), Korea (KOR/KR), Mexico (MEX/MX), Nigeria (NGA/NG), Pakistan (PAK/PK), Russia (RUS/RU), Saudi Arabia (SAU/SA), Somalia (SOM/SO), Turkey (TUR/TR), United States (USA/US)
0.0
Intercept with OTR encrypted chat
Document
Release Date:
2014-12-28
This undated PRISM intercept from the NSA suggests the agency was unable to decrypt the content of an OTR-encrypted chat session: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET//COMINT//REL TO USA, AUS//20320108
Target User
Target User IP Address [MINIMIZED US IP ADDRESS]
Start Mar 16, 2012 13:31:17 GMT
Stop Mar 16, 2012 13:34:26 GMT
Other User IP A...
0.0
National Information Assurance Research Laboratory (NIARL) Newsletter – September 2008
Document
Release Date:
2014-12-28
Document Date:
2008-09-01
This September 2008 newsletter from the National Information Assurance Research Laboratory (NIARL), an unit within the NSA’s Research Directorate gives an indication of the agency’s progress with cryptanalysis – which, with “only a handful of in-house techniques” – appears to be modest: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet […]
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL//20320108
September 2008 Edition
■ (U) Message from the NIARL Director:
(U//FOUO) Welcome to the September 2008 edition of the National
...
0.0
Cryptographic Modernization (CryptoMod) Classification Guide
Document
Release Date:
2014-12-28
Document Date:
2010-02-01
This NSA classification guide dated 1 February 2010 details the sensitivity of particular aspects of the joint NSA/Department of Defense Crytographic Modernization Program: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
UNCLASSIFIED//FOR OFFICIAL USE ONLY
National Security Agency
Central Security Service
(U) Cryptographic Modernization (CryptoMod)
Classification Guide
3-9
Effective Date: 1 Februar...
0.0
Crypt Discovery Joint Collaboration Activity
Document
Release Date:
2014-12-28
Document Date:
2011-01-20
This document dated 20 January 2011 provides the research agenda for a joint NSA/GCHQ group tasked with developing “a sound understanding of the threat that encryption brings to our ability to do target discovery/development as well as devising mitigations”: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December […]
TOP SECRET
Crypt Discovery
Joint Collaboration Activity
20 January 2011
Activity Owners
[NSA
GCHQ
Overview
Our Internet Exploitation capability is built upon our ability to eff...
0.0
LONGHAUL
Document
Release Date:
2014-12-28
This undated NSA wiki page describes LONGHAUL, an “end-to-end attack orchestration and key recovery service for Data Network Cipher and Data Network Session Cipher traffic”: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
LONG HAUL - Wikiinfo
The accredited security level of this system is: TOP SECRET//SI-GAMMA/TALENT KEYHOLE//ORCON/PROPIN
/RELIDO/REL TO USA, FVEY *
TOP SECRET//SI//REL TO USA, FVEY
(U) ...
0.0
Turmoil VPN Processing
Document
Release Date:
2014-12-28
Document Date:
2009-10-27
This NSA presentation dated 27 October 2009 outlines the use of intercepted IPSec VPN data within the agency: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TURMOIL VPN PROCESSING
27 October 2009
The overall classification for this brief is:
[TOPSECRET//COMINT//REL TO USA, FVEY]
TOP SECRET//COMINT//REL TO USA FVEY
Agenda
• VPN Technolo...
0.0
Crypt Discovery Joint Collaboration Activity
Document
Release Date:
2015-09-25
Document Date:
2011-01-20
This joint NSA/GCHQ research paper dated 20 January 2011 cites encryption as a threat impacting on both agencies: see the Intercept article Profiled: From Radio to Porn, British Spies Track Web Users’ Online Identities, 25 September 2015.
crypt-discovery-activity-p1-normal.gif:
TOP SECRET
Crypt Discovery
Joint Collaboration Activity
20 January 2011
Activity Owners
I H/nsa
Overview
Our Internet Exploitation capabil...
0.0
Secure Key Extraction by Physical De-Processing of Apple’s A4 Processor
Document
Release Date:
2015-03-10
Document Date:
2011-03-01
This extract from a 2011 NSA wiki page introduces a presentation on hacking the GID key in Apple processors by extracting it physically: see the Intercept article iSpy: The CIA Campaign to Steal Apple’s Secrets, 10 March 2015.
[edit] (S//NF) Secure key extraction by physical de-processing of
Apple's A4 processor
(U) Presenters: and (U) The Apple A4 processor contains an on-board,
AES cryptographic key called the ...
0.0
Differential Power Analysis on the Apple A4 Processor
Document
Release Date:
2015-03-10
Document Date:
2011-03-01
This extract from a 2011 NSA wiki page introduces a presentation on hacking the GID key in Apple processors: see the Intercept article iSpy: The CIA Campaign to Steal Apple’s Secrets, 10 March 2015.
[edit] Presentation Abstracts - Tuesday, 15
March
[edit] (S//NF) Differential Power Analysis on the Apple A4
Processor
(U) Presenters: (U) The Apple A4 processor contains an
on-board, A...
0.0
TCB Jamboree 2012
Document
Release Date:
2015-03-10
This internal NSA wiki page from 2012 invites employees to the annual CIA Engineering Development Group “Jamboree” for discussing advancements in the compromise of consumer hardware and software: see the Intercept article iSpy: The CIA Campaign to Steal Apple’s Secrets, 10 March 2015.
[edit] TCB Jamboree 2012
(S//NF) The Information Operations Center's Engineering Development Group (EDG) will hold its seventh
annual Trusted Computing Base (TCB) Jamboree from February 7-9, 2...
0.0
TURMOIL GALLANTWAVE
Document
Release Date:
2014-12-28
This undated page from NSA’s internal WikiInfo describes tools for attacking VPNs: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TURMOIL GALLANTWAVE - Wikiinfo
The accredited security level of this system is: TOP SECRET//SI-GAMMA/TALENT KEiHOLEZ/OHCON/PHOPIN/RELIDO/RELTOUSiV FVE¥ *
TOPSECRETOSIf/RELTO USA, FVEY
(U//F...
0.0
Classification guide for NSA/CSS quantum computing research
Document
Release Date:
2014-01-02
Document Date:
2011-09-21
This NSA classification guide dated 21 September 2011 describes the objectives of the agency’s quantum computing research efforts: see the Washington Post article NSA seeks to build quantum computer that could crack most types of encryption, 2 January 2014.
TOP SECRET//SI//REL TO USA, AUS, CAN, GBR, NZL
NATIONAL SECURITY AGENCY
CENTRAL SECURITY SERVICE
(U) CLASSIFICATION GUIDE FOR
NSA/CSS QUANTUM COMPUTING RESEARCH
10-25
Effective Date:...
0.0
TPM Vulnerabilities to Power Analysis and An Exposed Exploit to Bitlocker
Document
Release Date:
2015-03-10
Document Date:
2010-03-10
This NSA summary of a talk presented at the 2010 TCB Jamboree describes an attack on Microsoft’s Bitlocker encryption software: see the Intercept article iSpy: The CIA Campaign to Steal Apple’s Secrets, 10 March 2015.
[edit] Presentation Abstracts
[edit] (U) Times
(U) Each day will run from 9am to 5pm. In order to facilitate planning, the topics presented on each day
are highlighted below. The abstracts ...
0.0
Fielded Capability: End-to-End VPN SPIN 9 Design Review
Document
Release Date:
2014-12-28
This undated NSA presentation describes the Spin 9 system for decrypting VPN data: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
The overall classification for this brief is:
TOPSECRET//COMINT//REL USA, AUS, CAN, GBR, NZL//20320108
SPIN 9 Design Review
TOP SECRET//COMINT//REL USA, AUS, CAN, GBR, NZL//20320108
VPN ...
0.0
VALIANTSURF WikiInfo page
Document
Release Date:
2014-12-28
This undated page from NSA’s internal WikiInfo describes VALIANTSURF “the coverterm for the development of Data Network Cipher (DNC) exploitation capabilities in TURMOIL”: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
VALIANTSURF - Wikiinfo
The accredited security level of this system is: TOP SECRET//SI-GAMMA/TALENT KEYHOLE//ORCON/PROPIN/RELIDO/REL TO USA, FVEY *
TOP SECRET1/SI/10RCON1REL TO USA, FVEY
...
USJ-759, USJ-759A, US-3150, USD-1001TEC, USF-787, USJ-759, USJ-759A, US-3150, US-3301, US-3167, DS-200B, USF-787
0.0
Template:POISONNUT Product
Document
Release Date:
2014-12-28
This undated page from NSA’s internal WikiInfo describes POISONNUT and its role in attcks against VPNs: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TemplaterPOISONNUT Product - Wikiinfo
The accredited security level of this system is: TOP SECRET//SI-GAMMA/TALENT KE YHO LE//ORC ON /PRO PI N/RELID O/REL TO USA, FVEY *
TOP SECRET//SI//REL ...