New NSA leak reveals scope of agency’s war against crypto

The National Security Agency boasts the ability to compromise computer protocols meant to encrypt private internet data, leaked documents have revealed. But the NSA has fallen short of totally winning its war against crypto.

Classified NSA files taken by former contractor Edward Snowden and published for the first time by Der Spiegel on Sunday reveal that, while the United States’ intelligence agency is indeed adept at cracking encryption, its efforts are no match when it comes to some of the more popular protocols used to keep communications private.

The NSA – along with its Five Eyes partners in Canada, New Zealand, Australia, and the UK – spends millions of dollars annually to break encryption standards used to keep the web secure, Spiegel reported over the weekend. Yet while previous files published from the Snowden trove have already exposed to a degree the scope of the NSA’s efforts, the latest installment acknowledges for the first time that protocols including TSL/SSL, SSH, PPTP and Ipsec are exploited in order to give spies an intimate look at internet traffic intended to be kept secret.

Released concurrently with a presentation given at the 31st annual Chaos Communication Congress in Hamburg, Germany by two of the article’s authors, the Spiegel piece explains that the NSA and its allies use a plethora of practices to compromise computer protocols, random number generators, and third-party software advertised as being supposedly secure in an effort to gather intelligence on alleged terrorists.

“Did you know that ubiquitous encryption on the Internet is a major threat to NSA’s ability to prosecute digital-network intelligence (DNI) traffic or defeat adversary malware?” reads an excerpt from one of dozens of classified government documents published by the German paper.

“For the past decade, NSA has lead [sic] an aggressive, multi-pronged effort to break widely used internet encryption technologies,” reads another.

Jacob Appelbaum, a co-author of the Spiegel piece, said during Sunday’s event that the NSA’s efforts could best be understood as being “a kind of neocolonialism” taking place in the digital era, in which the US has invested billions over the last few decades to tackle the tools that allow private communications to occur over the web – but in secret.

“Wherein the colonies, [the] networks they do not have through coercion of the state or through other surveillance practices, they have to be compromised,” said Appelbaum. “And those [become] targets and they become legitimate targets, in theory, and in actuality, because of its usefulness, because of the leverage that it provides against a speculative target someday in the future.”

“That is, these networks become compromised in service of being able to compromise future networks and other people, just because they can. They set out to do that.”

Indeed, past Snowden leaks have revealed that major US-based tech companies – including Skype, Yahoo and Facebook – participate in an NSA program dubbed “PRISM,” in which they allow government intelligence collectors to soak up data transmissions on the fly. One of the just released documents says explicitly that the fact the NSA “obtains cryptographic details of commercial cryptographic information security systems through industry relationships” must be kept top secret.

The latest Spiegel article notes that, with regards to Skype, audio and video data is routinely taken into possession by the NSA when an alleged suspect is on at least one end of the conversation. In instances where companies won’t voluntarily be complicit, however, agencies like the NSA are driven to exploiting those systems – like the PPTP and Ipsec mechanisms used by Virtual Private Networks (VPNs), or TSL/SSL protocol meant to secure web traffic (by whatever means necessary).

That isn’t to say, though, that all is lost. According to the Snowden docs, codebreakers at the NSA may have met their match when it comes to certain software standards, even for the more inexperienced online privacy proponents. The stand-alone anonymity-centric operating system known as TAILS, and one of its major components – Tor – pose major problems when it comes to eavesdropping, the documents reveal, as does the TrueCrypt software that aims to secure files and documents shared among persons or stored in secret on hard drives and OTR – a protocol that offers end-to-end encryption for instant messaging chats.

“For surveillance experts, it becomes very difficult to trace the whereabouts of a person who visits a particular website or to attack a specific person while they are using Tor to surf the Web,” the Spiegel journalists reported. When used in concert with OTR, TAILS, and other options, communications seem close to impossible to crack, the report suggests.

As quoted by Spiegel, the source of the documents, Snowden said more than a year ago that, indeed, encryption used correctly may be the best option available for foiling efforts from the NSA to eavesdrop on digital communications.

“Properly implemented strong crypto systems are one of the few things that you can rely on,” Snowden said in June 2013.