Part Two of Two
A Vital Capability
The documents are among more than 50,000 shared with The New York
Times and ProPublica, the nonprofit news organization, by The
Guardian, which has published its own article. They focus primarily on
GCHQ but include thousands either from or about the N.S.A.
Intelligence officials asked The Times and ProPublica not to publish
this article, saying that it might prompt foreign targets to switch to
new forms of encryption or communications that would be harder to
collect or read. The news organizations removed some specific facts
but decided to publish the article because of the value of a public
debate about government actions that weaken the most powerful tools
for protecting the privacy of Americans and others.
The files show that the agency is still stymied by some encryption, as
Mr. Snowden suggested in a question-and-answer session on The
Guardian’s website in June.
“Properly implemented strong crypto systems are one of the few things
that you can rely on,” he said, though cautioning that the N.S.A.
often bypasses the encryption altogether by targeting the computers at
one end or the other and grabbing text before it is encrypted or after
it is decrypted.
The documents make clear that the N.S.A. considers its ability to
decrypt information a vital capability, one in which it competes with
China, Russia and other intelligence powers.
“In the future, superpowers will be made or broken based on the
strength of their cryptanalytic programs,” a 2007 document said. “It
is the price of admission for the U.S. to maintain unrestricted access
to and use of cyberspace.”
The full extent of the N.S.A.’s decoding capabilities is known only to
a limited group of top analysts from the so-called Five Eyes: the
N.S.A. and its counterparts in Britain, Canada, Australia and New
Zealand. Only they are cleared for the Bullrun program, the successor
to one called Manassas — both names of American Civil War battles. A
parallel GCHQ counter encryption program is called Edgehill, named for
the first battle of the English Civil War of the 17th century.
Unlike some classified information that can be parceled out on a
strict “need to know” basis, one document makes clear that with
Bullrun, “there will be NO ‘need to know.’ ”
Only a small cadre of trusted contractors were allowed to join
Bullrun. It does not appear that Mr. Snowden was among them, but he
nonetheless managed to obtain dozens of classified documents referring
to the program’s capabilities, methods and sources.
Ties to Internet Companies
When the N.S.A. was founded, encryption was an obscure technology used
mainly by diplomats and military officers. Over the last 20 years,
with the rise of the Internet, it has become ubiquitous. Even novices
can tell that their exchanges are being automatically encrypted when a
tiny padlock appears next to the Web address on their computer screen.
Because strong encryption can be so effective, classified N.S.A.
documents make clear, the agency’s success depends on working with
Internet companies — by getting their voluntary collaboration, forcing
their cooperation with court orders or surreptitiously stealing their
encryption keys or altering their software or hardware.
According to an intelligence budget document leaked by Mr. Snowden,
the N.S.A. spends more than $250 million a year on its Sigint Enabling
Project, which “actively engages the U.S. and foreign IT industries to
covertly influence and/or overtly leverage their commercial products’
designs” to make them “exploitable.” Sigint is the abbreviation for
signals intelligence, the technical term for electronic eavesdropping.
By this year, the Sigint Enabling Project had found ways inside some
of the encryption chips that scramble information for businesses and
governments, either by working with chip-makers to insert back doors
or by surreptitiously exploiting existing security flaws, according to
the documents. The agency also expected to gain full unencrypted
access to an unnamed major Internet phone call and text service; to a
Middle Eastern Internet service; and to the communications of three
In one case, after the government learned that a foreign intelligence
target had ordered new computer hardware, the American manufacturer
agreed to insert a back door into the product before it was shipped,
someone familiar with the request told The Times.
The 2013 N.S.A. budget request highlights “partnerships with major
telecommunications carriers to shape the global network to benefit
other collection accesses” — that is, to allow more eavesdropping.
At Microsoft, as The Guardian has reported, the N.S.A. worked with
company officials to get pre-encryption access to Microsoft’s most
popular services, including Outlook e-mail, Skype Internet phone calls
and chats, and SkyDrive, the company’s cloud storage service.
Microsoft asserted that it had merely complied with “lawful demands”
of the government, and in some cases, the collaboration was clearly
coerced. Executives who refuse to comply with secret court orders can
face fines or jail time.
N.S.A. documents show that the agency maintains an internal database
of encryption keys for specific commercial products, called a Key
Provisioning Service, which can automatically decode many messages. If
the necessary key is not in the collection, a request goes to the
separate Key Recovery Service, which tries to obtain it.
How keys are acquired is shrouded in secrecy, but independent
cryptographers say many are probably collected by hacking into
companies’ computer servers, where they are stored. To keep such
methods secret, the N.S.A. shares decrypted messages with other
agencies only if the keys could have been acquired through legal
means. “Approval to release to non-Sigint agencies,” a GCHQ document
says, “will depend on there being a proven non-Sigint method of
Simultaneously, the N.S.A. has been deliberately weakening the
international encryption standards adopted by developers. One goal in
the agency’s 2013 budget request was to “influence policies, standards
and specifications for commercial public key technologies,” the most
common encryption method.
Cryptographers have long suspected that the agency planted
vulnerabilities in a standard adopted in 2006 by the National
Institute of Standards and Technology, the United States’ encryption
standards body, and later by the International Organization for
Standardization, which has 163 countries as members.
Classified N.S.A. memos appear to confirm that the fatal weakness,
discovered by two Microsoft cryptographers in 2007, was engineered by
the agency. The N.S.A. wrote the standard and aggressively pushed it
on the international group, privately calling the effort “a challenge
“Eventually, N.S.A. became the sole editor,” the memo says.
Even agency programs ostensibly intended to guard American
communications are sometimes used to weaken protections. The N.S.A.’s
Commercial Solutions Center, for instance, invites the makers of
encryption technologies to present their products and services to the
agency with the goal of improving American cybersecurity. But a
top-secret N.S.A. document suggests that the agency’s hacking division
uses that same program to develop and “leverage sensitive, cooperative
relationships with specific industry partners” to insert
vulnerabilities into Internet security products.
Mace J. Yampolsky is a Board Certified Criminal Law Specialist, 625
South Sixth St., Las Vegas, NV 89101; He can be reached at: Phone
702-385-9777 or fax 702-385-300. His website is located at: