Filtered By
Encryption and Cryptanalysis X
Document Topic [filter]
Results
56 Total
0.0

TLS Trends at GCHQ

Document

Release Date: 2014-12-28
This undated GCHQ presentation explains the agency’s FLYING PIG database and its role in undermining SSL/TLS encryption: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TS//SI//REL TLS trends at GCHQ TS//S1//REL TS//SI//REL Source of data Our TLS events come from our TLS app - Runs on special source (approx. 200 x 10G) and Comsat data -Produ...
0.0

TLS Trends: A roundtable discussion on current usage and future directions

Document

Release Date: 2014-12-28
This CSEC presentation from 2012 outlines the agency’s capabilities against SSL encryption at that point: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET//SI//REL TO CAN, AUS, GBR, NZL, USA rs TLS Trends: A roundtable discussion on current usage and future directions Communications Security Establishment Canada (CSEC) ...
0.0

Strawhorse: Attacking the MacOS and iOS Software Development Kit

Document

Release Date: 2015-03-10 Document Date: 2012-02-10
This NSA summary of a talk presented at the 2012 TCB Jamboree describes a Sandia National Laboratories approach to attacking Apple technology using compromised developer tools: see the Intercept article iSpy: The CIA Campaign to Steal Apple’s Secrets, 10 March 2015.
[edit] (S//NF) Strawhorse: Attacking the MacOS and iOS Software Development Kit (S) Presenter: Sandia National Laboratories (S//NF) Ken Thompson's gcc attack (described in his 1984 Turing aw...
0.0

Roger Dingledine at NSA NOV 2007

Document

Release Date: 2013-10-04 Document Date: 2007-11-01
This NSA memo summarises a talk given by Roger Dingledine of the Tor Project on 1 November 2007: see the Secret NSA documents show campaign against Tor encrypted network, 4 October 2013.
TOP SECRET // COMINT // REL TO USA, AUS, CAN, GBR, NZL Roger Dingledine at NSA NOV 2007 From PE Contents * 1 (U) Talk by Roger Dingledine at NSA, 11/01/2007 at R&E (Sponsored by NSA RT) o 1...
0.0

POISONNUT

Document

Release Date: 2014-12-28
This undated page from NSA’s internal WikiInfo describes POISONNUT, “the Virtual Private Network Attack Orchestrator (VAO)”: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
POISONNUT - Wikiinfo The accredited security level of this system is: TOP SECRET//SI-GAMMA/TALENT KEYHOLP//nRmv/PRnPiN/BFi inn/RPi rn tt*;4 fvfv * TOP SECRETJ/SI//REL TO USA, FVEY (u) POISON...
0.0

VALIANTSURF

Document

Release Date: 2014-12-28
These three undated NSA slides provide an overview of the VALIANTSURF system: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET//COMINT//REL TO USA, FVEY VALIANTSURF (VS): VALIANTSURF Capability Level Beneficiaries CES & LONGHAUL OTP & SSG TOPIs Link Access CES A Key Recovery, no on-site decrypti...
0.0

GALLANTWAVE

Document

Release Date: 2014-12-28
This undated presentation from NSA’s Digital Network Crypt Applications (DNCA) concerns the GALLANTWAVE tool, which decrypts VPN traffic within LONGHAUL: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL GALLANTWAVE@scale GALLANTWAVE @ volume Requirements @Scale Deploy more widely - Leverage peering with partner @Volume Increas...
0.0

BULLRUN

Document

Release Date: 2014-12-28
This undated presentation from GCHQ’s PTD (Penetrating Target Defences) unit gives an overview of BULLRUN efforts to defeat encryption: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET STRAP1 BULLRUN PTD Lead for Special Operations and Policy PTD "We penetrate targets' defences." This information is exempt from disclosure under the Freedom of Information A...
0.0

BULLRUN CoI – Briefing Sheet

Document

Release Date: 2013-09-05
This undated GCHQ document provides a classification guide for BULLRUN – NSA and GCHQ’s attempts to weaken or defeat cryptographic protocols – and specifies some of its achievements: see the ProPublica article Revealed: The NSA’s Secret Campaign to Crack, Undermine Internet Security, 5 September 2013.
TOP SECRET STRAP1 COMINT BULLRUN Col - Briefing Sheet Introduction 1. The ability to exploit targets’ encrypted communications is extremely fragile and is often enabled through sensiti...
0.0

WOLFRAMITE

Document

Release Date: 2014-12-04 Document Date: 2011-03-09
This extract from a GCHQ document dated 9 March 2011 describes WOLFRAMITE, an agency project to defeat the A5/3 GSM cipher: see the Intercept article Operation Auroragold: How the NSA Hacks Cellphone Networks Worldwide, 4 December 2014.
TOP SECRET STRAP 1 Strategic Objective Goal/Aim Programme Outcomes Target Capability deliveries for 2011/12 Meet the Mobile Broadband challenge. • Scaling up the exploitation of handse...
0.0

Profiling SSL and Attributing Private Networks

Document

Release Date: 2014-12-28
This undated GCHQ presentation introduces the FLYING PIG and HUSH PUPPY tools: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET//SI//REL TO USA, AUS, CAN, GBR, NZL PROFILING SSL AND ATTRIBUTING PRIVATE NETWORKS An introduction to FLYING PIG and HUSH PUPPY ICTR - Network Exploitation GCHQ T R J...
0.0

VPN SigDev Basics

Document

Release Date: 2014-12-28
This undated NSA presentation describes how to perform attacks against VPNs: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL (TS//SI//REL)VPN SigDev Basics S31244 - OTTERCREEK Derived From: NSA/CSSM 1-52 Dated: 20070108 ______Declassify On: 20341101 TOP S...
0.0

Analytic Challenges from Active-Passive Integration

Document

Release Date: 2014-12-28
This undated NSA presentation from the agency’s Information Technology Directorate, aimed at analysts, describes techniques for decrypting IPSec VPN traffic: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
This Briefing is Classified TOP SECRET//COMINT//REL USA, FVEY Analytic Challenges from Active-Passive Integration S324 This Briefing is Classified TOP SECRET//COMINT//REL USA,FVEY DER...
0.0

Tor: Overview of Existing Techniques

Document

Release Date: 2014-12-28 Document Date: 2012-01-01
This undated GCHQ presentation indicates the agency’s Tor research efforts as of 2012: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET STRAP1 Tor: Overview of Existing Techniques (15 minutes) TOP SECRET STRAP 1 C! X R «two THIS INCDRHftTION IS EXEMPT UNDER THE FREEDOM QC I hJTOR M ATIG R FTF n -SV “Q A ...
0.0

A potential technique to deanonymise users of the TOR network (presentation)

Document

Release Date: 2014-12-28
This undated GCHQ presentation proposes a deanonymisation attack against Tor users based on the collection of data from exit nodes owned by the agency: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
UK TOP SECRET STRAP1 COMINT A potential technique to deanonymise users of the TOR network OPC-MCR, GCHQ This information is exempt from disclosure under the Freedom of Information Act 20...
0.0

Tracking Targets Through Proxies and Anonymizers

Document

Release Date: 2016-06-28
This undated NSA presentation, written by the author of ‘I hunt sys admins’, outlines tactics for tracking users of Tor and other anonymising technologies: see the Intercept article The Hunter, 28 June 2016.
TOP SECRET//COMINT//RELTO USA, FVEY Tracking Targets Through Proxies & Anonymizers (and the air speed velocity of an unladen swallow) Also known as: I I I PaAatasvoaus TOP SECRET//COM...
0.0

2013 Black Budget: Cryptanalysis & Exploitation services

Document

Release Date: 2015-03-10 Document Date: 2013-01-01
This extract from the US intelligence community’s 2013 Congressional Budget Justification shows expenditure on the Analysis of Target Systems project, which aims to defeat the encryption in commercial software and hardware: see the Intercept article iSpy: The CIA Campaign to Steal Apple’s Secrets, 10 March 2015.
TOP SECRET//SI/TK//NOFORN (U) CRYPTANALYSIS & EXPLOITATION SERVICES (U) ANALYSIS OF TARGET SYSTEMS This Exhibit Is SECRET//NOFORN FY 20111 Actual FY 2012 Enacted FY 2013 Request...
0.0

Making Things Measurable: Technology Trending Challenges and Approaches

Document

Release Date: 2014-12-28 Document Date: 2012-06-06
This 40-page NSA presentation for the June 2012 SIGDEV conference includes a ranking of cryptographic protocols in order of ‘risk’ the they pose to the agency’s operations: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET//COMINT//REL FVEY//20340601 SIGDEV Conference 2012 (U) Making Things Measureable: Technology Trending Challenges and Approaches June 2012 TOP SECRET//COMINT//REL FVEY/...
0.0

EP-3E Collision: Cryptologic Damage Assessment and Incident Review

Document

Release Date: 2017-04-10 Document Date: 2001-07-01
A joint US Navy and NSA report, prepared three months after a US spy plane was forced to crash land in China, assesses the degree to which surveillance secrets were compromised: see the Intercept article Burn After Reading: Snowden Documents Reveal Scope of Secrets Exposed to China in 2001 Spy Plane Incident, 10 April 2017. […]
TOP SECRET//COMINT//NOFORN//X1 EP-3E Collision: Cryptologic Damage Assessment and Incident Review Final Report Prepared by the EP-3 Cryptologic Assessment Team July 2001 Classifie...
0.0

Turmoil IPSec VPN Sessionization

Document

Release Date: 2014-12-28 Document Date: 2008-08-15
This NSA presentation from 15 August 2008 includes descriptions of VPN packets: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL//20291123 TURMOIL IPSEC VPN SESSIONIZ AT ION Issue No.l........... Issue Date 08/15/08.. Responsible Authority Author Tec...
0.0

Virtual Private Network Transform Engine Emulator

Document

Release Date: 2014-12-28
This undated page from NSA’s internal WikiInfo describes the Transform Engine Emulator (TEe) process for undermining VPNs: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
Virtual Private Network Transform Engine Emulator - Wikilnfo The accredited security level of this system Is: TOP SECRET//SI-GAMMA/TALENT KEYHOLE//ORCON /PROPIN/RELIDO/REL TO USA, FVEY * ...
0.0

VS MALIBU IKE And ESP Metadata Flows

Document

Release Date: 2014-12-28
These four undated NSA slides show a workflow for defeating VPN encryption: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL VS MALIBU IKE And ESP Metadata Flows /20291123 TUBE TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL//20291123 TOP SECRET//COMIN...
0.0

Intro to the VPN Exploitation Process

Document

Release Date: 2014-12-28 Document Date: 2010-09-13
This 13 September 2010 presentation from the NSA’s OTP VPN Exploitation Team explains the work of the division: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET//COMINT//REL USA, AUS, CAN, GBR, NZL Intro to the VPN Exploitation Process OTP VPN Exploitation Team S31176 September 13, 2010 TOP SECRET//COMINT//REL USA, AUS, CAN, G...
0.0

A potential technique to deanonymise users of the TOR network (proposal)

Document

Release Date: 2014-12-28 Document Date: 2011-06-13
This GCHQ paper dated 13 June 2011 proposes an attack to deanonymise Tor users: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
UK TOP SECRET STRAP1 COMINT Reference: OPC-M/TECH.B/61 Date: 13 June 2011 Copy no: A potential technique to deanonymise users of the TOR network OPC-MCR, GCHQ Summary A new techn...
0.0

Tor deanonymisation research (MIP)

Document

Release Date: 2014-12-28
This undated page from GCHQ’s internal GCWiki gives an indication of the agency’s thinking on the feasibility of Tor deanonymisation attacks: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOR deanonymisation research (MIP) - GCWiki TOP SECRET STRAP1 COMINT The maximum classification allowed on GCWiki is TOP SECRET STRAP1 COMINT. Click to report inappropriate content. TOR ...
0.0

Intercept with OTR encrypted chat

Document

Release Date: 2014-12-28
This undated PRISM intercept from the NSA suggests the agency was unable to decrypt the content of an OTR-encrypted chat session: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET//COMINT//REL TO USA, AUS//20320108 Target User Target User IP Address [MINIMIZED US IP ADDRESS] Start Mar 16, 2012 13:31:17 GMT Stop Mar 16, 2012 13:34:26 GMT Other User IP A...
0.0

National Information Assurance Research Laboratory (NIARL) Newsletter – September 2008

Document

Release Date: 2014-12-28 Document Date: 2008-09-01
This September 2008 newsletter from the National Information Assurance Research Laboratory (NIARL), an unit within the NSA’s Research Directorate gives an indication of the agency’s progress with cryptanalysis – which, with “only a handful of in-house techniques” – appears to be modest: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet […]
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL//20320108 September 2008 Edition ■ (U) Message from the NIARL Director: (U//FOUO) Welcome to the September 2008 edition of the National ...
0.0

Cryptographic Modernization (CryptoMod) Classification Guide

Document

Release Date: 2014-12-28 Document Date: 2010-02-01
This NSA classification guide dated 1 February 2010 details the sensitivity of particular aspects of the joint NSA/Department of Defense Crytographic Modernization Program: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
UNCLASSIFIED//FOR OFFICIAL USE ONLY National Security Agency Central Security Service (U) Cryptographic Modernization (CryptoMod) Classification Guide 3-9 Effective Date: 1 Februar...
0.0

Crypt Discovery Joint Collaboration Activity

Document

Release Date: 2014-12-28 Document Date: 2011-01-20
This document dated 20 January 2011 provides the research agenda for a joint NSA/GCHQ group tasked with developing “a sound understanding of the threat that encryption brings to our ability to do target discovery/development as well as devising mitigations”: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December […]
TOP SECRET Crypt Discovery Joint Collaboration Activity 20 January 2011 Activity Owners [NSA GCHQ Overview Our Internet Exploitation capability is built upon our ability to eff...
0.0

Crypt Ops Data Store User Guide

Document

Release Date: 2014-12-28
This undated GCHQ document provides guidance for analysts on how to handle encrypted data: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
SECRET Crypt Ops Data StoreUserGuide Crypt Ops Datastore DataStore Rota: -Data Store to be reviewed weekly at the DataStore management meeting The Tasking Process Submitting a Ta...

e-Highlighter

Click to send permalink to address bar, or right-click to copy permalink.

Un-highlight all Un-highlight selectionu Highlight selectionh