So What is Project ECHELON?
Most of you have probably heard about ECHELON. The
aim
of this document
is to clarify what ECHELON really is.
The highly automated UKUSA system for processing
Comint, often known
as ECHELON system was brought to light by the
author Nicky Hager in his 1996 book, "Secret Power:
New Zealand s role
in the International Spy Network".
ECHELON is a global electronic surveilance network
which is designed and
coordinated by NSA, United States Goverment and has
been operated since
1980'-it is part of the post Cold war developments
based on the UKUSA
agreement signed between the UK, USA, Canada,
Australia and New Zealand
in 1948.
It is a global network which can intercept all:
Telephone
Telex
Satellite communications
Fax
E-mail communications
The monitoring of all these mediums of
communications
is done on a
"routine and indiscriminate" basis. Meaning that the
system works by
indiscriminately intercepting very large quantities
of
communications and using
computers to identify and extract messages from the
mass of unwanted ones".
Details on the security of the communications medium
Standard Telephone
This is the most unsecure means of communication.
All
voice signals travel
without any encryption and the telephone system is
the
most trivial one to
wiretap. Wiretapping techniques are largerly
undetectable by the target!
Voice Scrambling telephones
These are special telephone devices (like the red
telephone Dr. Strangelove has)
and now are also available on the market. Their
level
of security may be very
modest depending on the legislation currently in
force
in their country of origin.
Fax machines
As things stand, fax machines should be considered
as
insecure as telephones.
Fax-encrypting machines do exist, but their security
level is contingent on
legislation in their country of origin, as above.
Cordless telephones
Some older models transmit just above the AM
broadcasting band and can thus
be easily intercepted. Commercially-available
scanners
enable the more recent
models to be tapped. Sometimes certain sound wave
inversion techniques are
recommended in order to combat tapping, but these
solutions only provide
a very low level of confidentiality.
Cellular phones
The situation here is more complex.
It is worth mentioning here the US Administration s
attempt to impose the
Clipper standard on all portable phones developed in
the United States.
This would have allowed government agencies to
retain
keys enabling them to
eavesdrop on conversations.
Moreover, details of the encryption algorithm
Skipjack
, developed by
the NSA, have not been made public.
GSM
With regard to confidentiality, GSM uses a protocol
known as A5.
There are two versions of this system: A5/1 and
A5/2,
which meet
different needs.According to some experts, A5/2 is
less secure than A5/1,
which we will now discuss.
- The A5/1 protocol in theory uses 64 bits. But
Wagner
told us that in practice
, in every phone he had seen, 10bits had been
systematically replaced with
zeros, thus reducing the theoretical security of the
system to 54 bits.
The system is therefore even less secure than the 56
bits offered by DES,
which can now be cracked all too easily.
Work conducted before this discovery had already
reduced the real security
of the system to 40 bits. It is therefore quite
possible that by using similar
methods, i.e. assuming that 10 bits are equal to
zero,
the actual security level
of A5/1 and hence the confidentiality of
conversations
- can bereduced
even further.
On 24 February 1999, at the GSM World Congress in
Cannes (France),
Charles Brookson
announced that GSM security had been reviewed and in
particular that
COMP128 had been revised.
ISDN
It is technically possible to tap an ISDN telephone
with the help of software
that remotely activates the monitoring function via
the D channel, obviously
without physically lifting the receiver.It is
therefore easy to eavesdrop on
certain conversations in a given room.
Internet communications
In a nutshell, the traditional mail equivalent of an
e-mail on the Internet is a
postcard without an envelope. Basically, such
messages
can be read. If they
are in plaintext, they can be understood and any
secret reader can take
measures which are detrimental to the two parties
wishing to communicate.
The TEMPEST effect
TEMPEST is the acronym for Temporary Emanation and
Spurious
Transmission, i.e. emissions from electronic
components of electromagnetic
radiation in the form of radio signals. These
emissions can be picked up by
AM/FM radio receivers within a range varying from a
few dozen to a few
hundred metres. Building on these data it is then
possible to reconstruct the
original information. Protective measures against
such
risks consist of placing
the source of the emissions (central processors,
monitors, but also cables)
in a Faraday cage, or jamming the electromagnetic
emissions.
The NSA has published several documents on TEMPEST.
NOTE: All computers work by means of a
micro-processor
(chip).
The PC chip market is dominated by Intel, which has
a
market share of over
80%. On 20 January 1999 Intel unveiled its new PSN-
equipped
Pentium III processor.
PSNs
Pentium III processors have a unique serial number
called PSN
(Processor Serial Number).Intel devised this
technique
in order to promote
electronic commerce. The aim of the serial number is
to enable anybody
ordering goods via the Internet to be identified.
Intel maintains that all users
will be able to retain control over whether or not
to
allow their serial number
to be read. However, software techniques enabling
the
number to be read have
already been discovered.
It is therefore possible to obtain the PSN secretly
and to track the user without
his or her knowledge.
Political details
Some of you might be wondering after all these, how
can it be possible for a
goverement to have such intercepting capabilities
without breaking some
Privacy or Human Rights Act.
The Wassenaar Arrangement
Acknowledging the end of the Cold War, on 16
November
1993
in The Hague representatives of the 17 member states
of COCOM decided to
abolish the committee and replace it with a body
which
reflected the new
political developments.
The decision to wind up COCOM was confirmed in
Wassenaar (Netherlands) on 29-30 March 1994 and came
into effect on 31
March 1994.
The foundations of the agreement on COCOM's
successor
were
laid on 19 December 1995, once again in Wassenaar,
and
the inaugural
meeting was held on 2-3 April 1996 in Vienna, which
since then has become
the site of the Permanent Representation of the
Wassenaar Agreements.
The Arrangement concerns export controls for
conventional arms and sensitive
technological products. Participating countries are:
Germany, Argentina, Australia, Austria, Belgium,
Bulgaria, Canada, Denmark,
United States, Russian Federation, Finland, France,
Spain, Greece, Hungary,
Ireland, Italy, Japan, Luxembourg, Norway, New
Zealand, the Netherlands,
Poland, Portugal, Republic of Korea, Slovak
Republic,
Czech Republic,
Romania, United Kingdom, Sweden, Switzerland, Turkey
and Ukraine.
This list of 33 countries includes, in particular,
those of the
European Community and the signatories to the UKUSA
agreement.
The ECHELON system forms part of the UKUSA system
but
unlike many
of the electronic spy systems developed during the
cold war, ECHELON
is designed for primarily non-military targets:
governments, organisations and
businesses in virtually every country.
Nowadays almost all economic information is
exchanged
through electronic
means (telephone, fax, e-mail).All digital
telecommunication devices and
switches have enhanced wiretapping capabilities.
Communication Intelligence (Comint) involving the
covert interception
of foreign communications has been practiced by
almost
every advanced
nation since international communications became
available.
NSA (National Security Agency, USA), the largest
agency conducting
such operations as "technical and intelligence
information derived from foreign
communications by other than their intended
recipient", defines Comint.
Comint is a large-scale industrial activity
providing
consumers with
intelligence on diplomatic, economic and scientific
developments.
Besides UKUSA, there at least 30 other nations
operating major Comint
organisations.
The largest is the Russian FAPSI, with 54.000
employees.
China maintains a substantial Signal Intelligence
(Signit) system, two station
of which are directed at Russia and operate in
collaboration with the USA.
Most Middle eastern and asian nations have invested
substantially in Signit,
in particular Israel, India and Pakistan.
Some of the activities that make such a project
feasible are:
Operation SHAMPROCK
High frequency radio interception
Space interception
Signit satellites
COMSAT ILC collection
Submarine cable interception
Intercepting the Internet
Covert collection of high capacity signals
New satellite networks
Apart from global surveillance technology systems,
additional tools have
been developed for surveillance. The additional tool
used for information
transferred via Internet or via Digital Global
telecommunication systems
is the capture of data with Taiga software.
Taiga software has the possibility to capture,
process
and analyse
multilingual information in a very short period of
time
(1 billion characters per second), using key-words.
Some technical details: ECHELON modules
There are reported to be three components to
ECHELON:
The monitoring of Intelsats, international
telecommunications satellites
used by phone companies in most countries. A key
ECHELON station is
at Morwenstow in Cornwall monitoring Europe, the
Atlantic and
the Indian Ocean.
ECHELON interception of non-Intelsat regional
communication satellites.
Key monitoring stations are Menwith Hill in
Yorkshire
and Bad Aibling
in Germany
The final element of the ECHELON system is the
surveillance of
land-based or under-sea systems, which use cables or
microwave
tower networks.
Each of the five centers supply to the other four
"Dictionaries" of keywords,
phrases, people and places to "tag" and tagged
intercept is forwarded straight
to the requesting country.
- In the mid 1980s, extensive further automation of
ECHELON Comint processing was planned by NSA as
project P-415.
- The key components of the new system are
"Local Dictionary computers" which store en
extensive
database on specific targets. An important point
about
the new system is that before ECHELON, different
countries
and different countries and different stations knew
what
was being intercepted and to whom it was sent.
Now, all but a fraction of the messages selected
by Dictionary computers at remote sites are
forwarded
to
NSA or other customers without being read locally.
- A dictionary computer is operating at GCHQ 's
(Government Communications Headquarters; the Signit
agency
of the UK)Westminster, London office. The system
intercepts thousands of diplomatic, business and
personal
messages every day. The presence of dictionary
computers
has also been confirmed at Kojarena, Australia;
and at GCHQ s Cheltenham, England.
- There are satellite receiving stations in
Sugar Grove/Virginia,Sabana Seca,Puerto Rico and
Leitrim
Canada working also as ECHELON interception sites.
- New Zealand signit agency operates two satellite
interception terminals at Waihopai covering the
pacific Ocean which are working as ECHELON
interception
sites as well.
Recommendations
Personally I recommend to people that communicate
over
an electronic medium
to use either in house cryptographic technologies or
in the case of conventional
cryptographic protocols key sizes longer than
128bits
for symmetric algoritms
and at least 1024bits in assymetric cryptography.
This will not make your data totally immune to
codebraking but it will give you
a considerable amount of time before someone breaks
your system. Off course
when the adversary is a Goverment or Organised Crime
you should expect them
to have vast amounts of processing power available
to
them, making their goal
easier to achieve.
Last normal users may use software such as PGP to
protect their privacy.
"...in God we trust,all others we monitor."
NSA operator moto
Copyright ©2001 Crazylinux.net